From cc5e8c853b24b64d079fe0dc5fa533d721209dd3 Mon Sep 17 00:00:00 2001 From: Pierre Audonnet Date: Fri, 1 May 2020 19:18:54 -0400 Subject: [PATCH 1/2] Mistake in the Vulnerability section It is "Accounts that have the **Log on as a batch job** user right" instead of Accounts that have the **Deny log on as a batch job** user right. Else that does not make a lot of sense. --- .../security-policy-settings/deny-log-on-as-a-batch-job.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md b/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md index ad211f1718..5e75ce5325 100644 --- a/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md +++ b/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md @@ -92,7 +92,7 @@ This section describes how an attacker might exploit a feature or its configurat ### Vulnerability -Accounts that have the **Deny log on as a batch job** user right could be used to schedule jobs that could consume excessive computer resources and cause a denial-of-service condition. +Accounts that have the **Log on as a batch job** user right could be used to schedule jobs that could consume excessive computer resources and cause a denial-of-service condition. ### Countermeasure From 4dc33fcd8a811aef40339170e4876ba31d0e1a40 Mon Sep 17 00:00:00 2001 From: Obi Eze Ajoku <62227226+linque1@users.noreply.github.com> Date: Tue, 5 May 2020 06:11:57 -0700 Subject: [PATCH 2/2] Included user level Inking & Typing GP Included user level Inking & Typing GP --- ...s-operating-system-components-to-microsoft-services.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md index 918937a2b4..2048fbf29b 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md @@ -1417,11 +1417,15 @@ To turn off Inking & Typing data collection: - In the UI go to **Settings -> Privacy -> Diagnostics & Feedback -> Improve inking and typing** and turn it to **Off** - -or- + -OR- **Disable** the Group Policy: **Computer Configuration > Administrative Templates > Windows Components > Text Input > Improve inking and typing recognition** - -or- + -and- + + **Disable** the Group Policy: **User Configuration > Administrative Templates > Control Panel > Regional and Language Options > Handwriting personalization > Turn off automatic learning** + + -OR- - Set **RestrictImplicitTextCollection** registry REG_DWORD setting in **HKEY_CURRENT_USER\Software\Microsoft\InputPersonalization** to a **value of 1 (one)**