From 6c1baba7e8fdd130cba527ebe315713d30fe5619 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Wed, 2 Oct 2024 07:04:33 -0400
Subject: [PATCH] fixed link
---
windows/security/book/features-index.md | 2 +-
.../security/book/operating-system-security-system-security.md | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/windows/security/book/features-index.md b/windows/security/book/features-index.md
index ce26f0ad52..305b9c2120 100644
--- a/windows/security/book/features-index.md
+++ b/windows/security/book/features-index.md
@@ -7,6 +7,6 @@ ms.date: 09/06/2024
# Features index
-[5G and eSIM](operating-system-security-network-security.md#5g-and-esim)
[Access management and control](identity-protection-advanced-credential-protection.md#access-management-and-control)
[Account lockout policies](identity-protection-advanced-credential-protection.md#account-lockout-policies)
[App containers](application-security-application-isolation.md#app-containers)
[App Control for Business](application-security-application-and-driver-control.md#app-control-for-business)
[Assigned Access and Shell Launcher (kiosk mode)](operating-system-security-system-security.md#assigned-access-and-shell-launcher-kiosk-mode)
[Attack surface reduction](operating-system-security-virus-and-threat-protection.md#attack-surface-reduction)
[BitLocker To Go](operating-system-security-encryption-and-data-protection.md#bitlocker-to-go)
[BitLocker](operating-system-security-encryption-and-data-protection.md#bitlocker)
[Bluetooth protection](operating-system-security-network-security.md#bluetooth-protection)
[Certificates](operating-system-security-system-security.md#certificates)
[Code signing and integrity](operating-system-security-system-security.md#code-signing-and-integrity)
[Common Criteria (CC)](security-foundation-certification.md#common-criteria-cc)
[Config Refresh](operating-system-security-system-security.md#config-refresh)
[Controlled folder access](operating-system-security-virus-and-threat-protection.md#controlled-folder-access)
[Credential Guard](identity-protection-advanced-credential-protection.md#credential-guard)
[Cryptography](operating-system-security-system-security.md#cryptography)
[Device Encryption](operating-system-security-encryption-and-data-protection.md#device-encryption)
[Device health attestation](operating-system-security-system-security.md#device-health-attestation)
[Domain Name System (DNS) security](operating-system-security-network-security.md#domain-name-system-dns-security)
[Email encryption](operating-system-security-encryption-and-data-protection.md#email-encryption)
[Encrypted hard drive](operating-system-security-encryption-and-data-protection.md#encrypted-hard-drive)
[Enhanced phishing protection with Microsoft Defender SmartScreen](identity-protection-advanced-credential-protection.md#enhanced-phishing-protection-with-microsoft-defender-smartscreen)
[Enhanced Sign-in Security (ESS)](identity-protection-passwordless-sign-in.md#enhanced-sign-in-security-ess)
[Enterprise State Roaming with Azure](cloud-services-protect-your-work-information.md#enterprise-state-roaming-with-azure)
[Exploit protection](operating-system-security-virus-and-threat-protection.md#exploit-protection)
[Federal Information Processing Standard (FIPS)](security-foundation-certification.md#federal-information-processing-standard-fips)
[Federated sign-in](identity-protection-passwordless-sign-in.md#federated-sign-in)
[FIDO support](identity-protection-passwordless-sign-in.md#fido-support)
[Find my device](cloud-services-protect-your-personal-information.md#find-my-device)
[Hardware-enforced stack protection](hardware-security-silicon-assisted-security.md#hardware-enforced-stack-protection)
[Kernel Direct Memory Access (DMA) protection](hardware-security-silicon-assisted-security.md#kernel-direct-memory-access-dma-protection)
[Local Security Authority (LSA) protection](identity-protection-advanced-credential-protection.md#local-security-authority-lsa-protection)
[MDM enrollment certificate attestation](cloud-services-protect-your-work-information.md#mdm-enrollment-certificate-attestation)
[MDM security baseline](cloud-services-protect-your-work-information.md#mdm-security-baseline)
[Microsoft Account](cloud-services-protect-your-personal-information.md#microsoft-account)
[Microsoft Authenticator](identity-protection-passwordless-sign-in.md#microsoft-authenticator)
[Microsoft Azure Attestation Service](cloud-services-protect-your-work-information.md#microsoft-azure-attestation-service)
[Microsoft Defender Antivirus](operating-system-security-virus-and-threat-protection.md#microsoft-defender-antivirus)
[Microsoft Defender for Endpoint](operating-system-security-virus-and-threat-protection.md#microsoft-defender-for-endpoint)
[Microsoft Defender SmartScreen](operating-system-security-virus-and-threat-protection.md#microsoft-defender-smartscreen)
[Microsoft Entra ID](cloud-services-protect-your-work-information.md#microsoft-entra-id)
[Microsoft Intune](cloud-services-protect-your-work-information.md#microsoft-intune)
[Microsoft Offensive Research and Security Engineering](security-foundation-offensive-research.md#microsoft-offensive-research-and-security-engineering)
[Microsoft Pluton security processor](hardware-security-hardware-root-of-trust.md#microsoft-pluton-security-processor)
[Microsoft security baselines](cloud-services-protect-your-work-information.md#microsoft-security-baselines)
[Microsoft Security Development Lifecycle (SDL)](security-foundation-offensive-research.md#microsoft-security-development-lifecycle-sdl)
[Microsoft vulnerable driver blocklist](application-security-application-and-driver-control.md#microsoft-vulnerable-driver-blocklist)
[Modern device management through MDM](cloud-services-protect-your-work-information.md#modern-device-management-through-mdm)
[OneDrive for personal](cloud-services-protect-your-personal-information.md#onedrive-for-personal)
[OneDrive for work or school](cloud-services-protect-your-work-information.md#onedrive-for-work-or-school)
[OneDrive Personal Vault](cloud-services-protect-your-personal-information.md#onedrive-personal-vault)
[OneFuzz service](security-foundation-offensive-research.md#onefuzz-service)
[Passkeys](identity-protection-passwordless-sign-in.md#passkeys)
[Personal data encryption (PDE)](operating-system-security-encryption-and-data-protection.md#personal-data-encryption-pde)
[Privacy dashboard and report](privacy-controls.md#privacy-dashboard-and-report)
[Privacy resource usage](privacy-controls.md#privacy-resource-usage)
[Privacy transparency and controls](privacy-controls.md#privacy-transparency-and-controls)
[Remote Credential Guard](identity-protection-advanced-credential-protection.md#remote-credential-guard)
[Remote Wipe](cloud-services-protect-your-work-information.md#remote-wipe)
[Secured kernel](hardware-security-silicon-assisted-security.md#secured-kernel)
[Secured-core PC](hardware-security-silicon-assisted-security.md#secured-core-pc)
[Securing Wi-Fi connections](operating-system-security-network-security.md#securing-wi-fi-connections)
[Server Message Block file services](operating-system-security-network-security.md#server-message-block-file-services)
[Smart App Control](application-security-application-and-driver-control.md#smart-app-control)
[Smart cards for Windows service](identity-protection-passwordless-sign-in.md#smart-cards-for-windows-service)
[Software bill of materials (SBOM)](security-foundation-secure-supply-chain.md#software-bill-of-materials-sbom)
[Tamper protection](operating-system-security-virus-and-threat-protection.md#tamper-protection)
[Token protection](identity-protection-advanced-credential-protection.md#token-protection)
[Transport layer security (TLS)](operating-system-security-network-security.md#transport-layer-security-tls)
[Trusted Boot (Secure Boot + Measured Boot)](operating-system-security-system-security.md#trusted-boot-secure-boot--measured-boot)
[Trusted Platform Module (TPM)](hardware-security-hardware-root-of-trust.md#trusted-platform-module-tpm)
[Trusted signing](application-security-application-and-driver-control.md#trusted-signing)
[Universal Print](cloud-services-protect-your-work-information.md#universal-print)
[User Account Control](application-security-application-and-driver-control.md#user-account-control)
[User reauthentication before password disablement](cloud-services-protect-your-personal-information.md#user-reauthentication-before-password-disablement)
[VBS Key Protection](identity-protection-advanced-credential-protection.md#vbs-key-protection)
[Virtual private networks (VPN)](operating-system-security-network-security.md#virtual-private-networks-vpn)
[Win32 app isolation](application-security-application-isolation.md#win32-app-isolation)
[Windows App software development kit (SDK)](security-foundation-secure-supply-chain.md#windows-app-software-development-kit-sdk)
[Windows Autopatch](cloud-services-protect-your-work-information.md#windows-autopatch)
[Windows Autopilot and zero-touch deployment](cloud-services-protect-your-work-information.md#windows-autopilot-and-zero-touch-deployment)
[Windows diagnostic data processor configuration](privacy-controls.md#windows-diagnostic-data-processor-configuration)
[Windows Firewall](operating-system-security-network-security.md#windows-firewall)
[Windows Hello biometric](identity-protection-passwordless-sign-in.md#windows-hello-biometric)
[Windows Hello for Business multi-factor unlock](identity-protection-passwordless-sign-in.md#windows-hello-for-business-multi-factor-unlock)
[Windows Hello for Business](identity-protection-passwordless-sign-in.md#windows-hello-for-business)
[Windows Hello PIN](identity-protection-passwordless-sign-in.md#windows-hello-pin)
[Windows Hello](identity-protection-passwordless-sign-in.md#windows-hello)
[Windows Insider and Bug Bounty program](security-foundation-offensive-research.md#windows-insider-and-bug-bounty-program)
[Windows passwordless experience](identity-protection-passwordless-sign-in.md#windows-passwordless-experience)
[Windows presence sensing](identity-protection-passwordless-sign-in.md#windows-presence-sensing)
[Windows Sandbox](application-security-application-isolation.md#windows-sandbox)
[Windows security policy settings and auditing](operating-system-security-system-security.md#windows-security-policy-settings-and-auditing)
[Windows security settings](operating-system-security-system-security.md#windows-security-settings)
[Windows Subsystem for Linux (WSL)](application-security-application-isolation.md#windows-subsystem-for-linux-wsl)
[Windows Update for Business deployment service](cloud-services-protect-your-work-information.md#windows-update-for-business-deployment-service)
+[5G and eSIM](operating-system-security-network-security.md#5g-and-esim)
[Access management and control](identity-protection-advanced-credential-protection.md#access-management-and-control)
[Account lockout policies](identity-protection-advanced-credential-protection.md#account-lockout-policies)
[App containers](application-security-application-isolation.md#app-containers)
[App Control for Business](application-security-application-and-driver-control.md#app-control-for-business)
[Attack surface reduction](operating-system-security-virus-and-threat-protection.md#attack-surface-reduction)
[BitLocker To Go](operating-system-security-encryption-and-data-protection.md#bitlocker-to-go)
[BitLocker](operating-system-security-encryption-and-data-protection.md#bitlocker)
[Bluetooth protection](operating-system-security-network-security.md#bluetooth-protection)
[Certificates](operating-system-security-system-security.md#certificates)
[Code signing and integrity](operating-system-security-system-security.md#code-signing-and-integrity)
[Common Criteria (CC)](security-foundation-certification.md#common-criteria-cc)
[Config Refresh](operating-system-security-system-security.md#config-refresh)
[Controlled folder access](operating-system-security-virus-and-threat-protection.md#controlled-folder-access)
[Credential Guard](identity-protection-advanced-credential-protection.md#credential-guard)
[Cryptography](operating-system-security-system-security.md#cryptography)
[Device Encryption](operating-system-security-encryption-and-data-protection.md#device-encryption)
[Device health attestation](operating-system-security-system-security.md#device-health-attestation)
[Domain Name System (DNS) security](operating-system-security-network-security.md#domain-name-system-dns-security)
[Email encryption](operating-system-security-encryption-and-data-protection.md#email-encryption)
[Encrypted hard drive](operating-system-security-encryption-and-data-protection.md#encrypted-hard-drive)
[Enhanced phishing protection with Microsoft Defender SmartScreen](identity-protection-advanced-credential-protection.md#enhanced-phishing-protection-with-microsoft-defender-smartscreen)
[Enhanced Sign-in Security (ESS)](identity-protection-passwordless-sign-in.md#enhanced-sign-in-security-ess)
[Enterprise State Roaming with Azure](cloud-services-protect-your-work-information.md#enterprise-state-roaming-with-azure)
[Exploit protection](operating-system-security-virus-and-threat-protection.md#exploit-protection)
[Federal Information Processing Standard (FIPS)](security-foundation-certification.md#federal-information-processing-standard-fips)
[Federated sign-in](identity-protection-passwordless-sign-in.md#federated-sign-in)
[FIDO support](identity-protection-passwordless-sign-in.md#fido-support)
[Find my device](cloud-services-protect-your-personal-information.md#find-my-device)
[Hardware-enforced stack protection](hardware-security-silicon-assisted-security.md#hardware-enforced-stack-protection)
[Kernel Direct Memory Access (DMA) protection](hardware-security-silicon-assisted-security.md#kernel-direct-memory-access-dma-protection)
[Kiosk mode (Assigned Access and Shell Launcher)](operating-system-security-system-security.md#kiosk-mode-assigned-access-and-shell-launcher)
[Local Security Authority (LSA) protection](identity-protection-advanced-credential-protection.md#local-security-authority-lsa-protection)
[MDM enrollment certificate attestation](cloud-services-protect-your-work-information.md#mdm-enrollment-certificate-attestation)
[MDM security baseline](cloud-services-protect-your-work-information.md#mdm-security-baseline)
[Microsoft Account](cloud-services-protect-your-personal-information.md#microsoft-account)
[Microsoft Authenticator](identity-protection-passwordless-sign-in.md#microsoft-authenticator)
[Microsoft Azure Attestation Service](cloud-services-protect-your-work-information.md#microsoft-azure-attestation-service)
[Microsoft Defender Antivirus](operating-system-security-virus-and-threat-protection.md#microsoft-defender-antivirus)
[Microsoft Defender for Endpoint](operating-system-security-virus-and-threat-protection.md#microsoft-defender-for-endpoint)
[Microsoft Defender SmartScreen](operating-system-security-virus-and-threat-protection.md#microsoft-defender-smartscreen)
[Microsoft Entra ID](cloud-services-protect-your-work-information.md#microsoft-entra-id)
[Microsoft Intune](cloud-services-protect-your-work-information.md#microsoft-intune)
[Microsoft Offensive Research and Security Engineering](security-foundation-offensive-research.md#microsoft-offensive-research-and-security-engineering)
[Microsoft Pluton security processor](hardware-security-hardware-root-of-trust.md#microsoft-pluton-security-processor)
[Microsoft security baselines](cloud-services-protect-your-work-information.md#microsoft-security-baselines)
[Microsoft Security Development Lifecycle (SDL)](security-foundation-offensive-research.md#microsoft-security-development-lifecycle-sdl)
[Microsoft vulnerable driver blocklist](application-security-application-and-driver-control.md#microsoft-vulnerable-driver-blocklist)
[Modern device management through MDM](cloud-services-protect-your-work-information.md#modern-device-management-through-mdm)
[OneDrive for personal](cloud-services-protect-your-personal-information.md#onedrive-for-personal)
[OneDrive for work or school](cloud-services-protect-your-work-information.md#onedrive-for-work-or-school)
[OneDrive Personal Vault](cloud-services-protect-your-personal-information.md#onedrive-personal-vault)
[OneFuzz service](security-foundation-offensive-research.md#onefuzz-service)
[Passkeys](identity-protection-passwordless-sign-in.md#passkeys)
[Personal data encryption (PDE)](operating-system-security-encryption-and-data-protection.md#personal-data-encryption-pde)
[Privacy dashboard and report](privacy-controls.md#privacy-dashboard-and-report)
[Privacy resource usage](privacy-controls.md#privacy-resource-usage)
[Privacy transparency and controls](privacy-controls.md#privacy-transparency-and-controls)
[Remote Credential Guard](identity-protection-advanced-credential-protection.md#remote-credential-guard)
[Remote Wipe](cloud-services-protect-your-work-information.md#remote-wipe)
[Secured kernel](hardware-security-silicon-assisted-security.md#secured-kernel)
[Secured-core PC](hardware-security-silicon-assisted-security.md#secured-core-pc)
[Securing Wi-Fi connections](operating-system-security-network-security.md#securing-wi-fi-connections)
[Server Message Block file services](operating-system-security-network-security.md#server-message-block-file-services)
[Smart App Control](application-security-application-and-driver-control.md#smart-app-control)
[Smart cards for Windows service](identity-protection-passwordless-sign-in.md#smart-cards-for-windows-service)
[Software bill of materials (SBOM)](security-foundation-secure-supply-chain.md#software-bill-of-materials-sbom)
[Tamper protection](operating-system-security-virus-and-threat-protection.md#tamper-protection)
[Token protection](identity-protection-advanced-credential-protection.md#token-protection)
[Transport layer security (TLS)](operating-system-security-network-security.md#transport-layer-security-tls)
[Trusted Boot (Secure Boot + Measured Boot)](operating-system-security-system-security.md#trusted-boot-secure-boot--measured-boot)
[Trusted Platform Module (TPM)](hardware-security-hardware-root-of-trust.md#trusted-platform-module-tpm)
[Trusted signing](application-security-application-and-driver-control.md#trusted-signing)
[Universal Print](cloud-services-protect-your-work-information.md#universal-print)
[User Account Control](application-security-application-and-driver-control.md#user-account-control)
[User reauthentication before password disablement](cloud-services-protect-your-personal-information.md#user-reauthentication-before-password-disablement)
[VBS Key Protection](identity-protection-advanced-credential-protection.md#vbs-key-protection)
[Virtual private networks (VPN)](operating-system-security-network-security.md#virtual-private-networks-vpn)
[Win32 app isolation](application-security-application-isolation.md#win32-app-isolation)
[Windows App software development kit (SDK)](security-foundation-secure-supply-chain.md#windows-app-software-development-kit-sdk)
[Windows Autopatch](cloud-services-protect-your-work-information.md#windows-autopatch)
[Windows Autopilot and zero-touch deployment](cloud-services-protect-your-work-information.md#windows-autopilot-and-zero-touch-deployment)
[Windows diagnostic data processor configuration](privacy-controls.md#windows-diagnostic-data-processor-configuration)
[Windows Firewall](operating-system-security-network-security.md#windows-firewall)
[Windows Hello biometric](identity-protection-passwordless-sign-in.md#windows-hello-biometric)
[Windows Hello for Business multi-factor unlock](identity-protection-passwordless-sign-in.md#windows-hello-for-business-multi-factor-unlock)
[Windows Hello for Business](identity-protection-passwordless-sign-in.md#windows-hello-for-business)
[Windows Hello PIN](identity-protection-passwordless-sign-in.md#windows-hello-pin)
[Windows Hello](identity-protection-passwordless-sign-in.md#windows-hello)
[Windows Insider and Bug Bounty program](security-foundation-offensive-research.md#windows-insider-and-bug-bounty-program)
[Windows passwordless experience](identity-protection-passwordless-sign-in.md#windows-passwordless-experience)
[Windows presence sensing](identity-protection-passwordless-sign-in.md#windows-presence-sensing)
[Windows Sandbox](application-security-application-isolation.md#windows-sandbox)
[Windows security policy settings and auditing](operating-system-security-system-security.md#windows-security-policy-settings-and-auditing)
[Windows security settings](operating-system-security-system-security.md#windows-security-settings)
[Windows Subsystem for Linux (WSL)](application-security-application-isolation.md#windows-subsystem-for-linux-wsl)
[Windows Update for Business deployment service](cloud-services-protect-your-work-information.md#windows-update-for-business-deployment-service)
diff --git a/windows/security/book/operating-system-security-system-security.md b/windows/security/book/operating-system-security-system-security.md
index 7056f951b3..fb9ec17509 100644
--- a/windows/security/book/operating-system-security-system-security.md
+++ b/windows/security/book/operating-system-security-system-security.md
@@ -56,7 +56,7 @@ exchange, opportunities to engage with technical content about Microsoft's produ
## Certificates
-To help safeguard and authenticate information, Windows provides comprehensive support for certificates and certificate management. The built-in certificate management command-line utility (certmgr.exe) or Microsoft Management Console (MMC) snap-in (certmgr.msc) can be used to view and manage certificates, certificate trust lists (CTLs), and certificate revocation lists (CRLs). Whenever a certificate is used in Windows, we validate that the leaf certificate and all the certificates in its chain of trust have not been revoked or compromised. The trusted root and intermediate certificates and publicly revoked certificates on the machine are used as a reference for Public Key Infrastructure (PKI) trust and are updated monthly by the Microsoft Trusted Root program. If a trusted certificate or root is revoked, all global devices will be updated, meaning users can trust that Windows will automatically protect against vulnerabilities in public key infrastructure. For cloud and enterprise deployments, Windows also offers users the ability to autoenroll and renew certificates in Active Directory with Group Policy to reduce the risk of potential outages due to certificate expiration or misconfiguration.
+To help safeguard and authenticate information, Windows provides comprehensive support for certificates and certificate management. The built-in certificate management command-line utility (certmgr.exe) or Microsoft Management Console (MMC) snap-in (certmgr.msc) can be used to view and manage certificates, certificate trust lists (CTLs), and certificate revocation lists (CRLs). Whenever a certificate is used in Windows, we validate that the leaf certificate and all the certificates in its chain of trust have not been revoked or compromised. The trusted root and intermediate certificates and publicly revoked certificates on the machine are used as a reference for Public Key Infrastructure (PKI) trust and are updated monthly by the Microsoft Trusted Root program. If a trusted certificate or root is revoked, all global devices will be updated, meaning users can trust that Windows will automatically protect against vulnerabilities in public key infrastructure. For cloud and enterprise deployments, Windows also offers users the ability to autoenroll and renew certificates in Active Directory with Group Policy to reduce the risk of potential outages due to certificate expiration or misconfiguration.
## Code signing and integrity