Merged PR 13548: Some tweaks to the What's New in 1809 topic

Re-order the sections and categorize, make graphics more consistent, not oversized, and fix numbering.
2025-05-12 13:27:23 +00:00 · 2019-01-02 13:44:20 +00:00 · 2019-01-02 13:44:20 +00:00 · 780ddad042
commit 780ddad042
parent 72734df0fd
4 changed files with 86 additions and 84 deletions
--- a/windows/whats-new/images/Defender.png
+++ b/windows/whats-new/images/Defender.png
--- a/windows/whats-new/images/WebSignIn.png
+++ b/windows/whats-new/images/WebSignIn.png
--- a/windows/whats-new/images/virus-and-threat-protection.png
+++ b/windows/whats-new/images/virus-and-threat-protection.png
--- a/windows/whats-new/whats-new-windows-10-version-1809.md
+++ b/windows/whats-new/whats-new-windows-10-version-1809.md
@ -5,8 +5,8 @@ keywords: ["What's new in Windows 10", "Windows 10", "Windows 10 October 2018 Up
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
-author: dawnwood
+author: greg-lindsay
-ms.date: 10/02/2018
+ms.date: 12/31/2018
 ms.localizationpriority: high
 ---
@ -20,32 +20,11 @@ The following 3-minute video summarizes some of the new features that are availa
 &nbsp;
 > [!video https://www.youtube.com/embed/hAva4B-wsVA]
-## Your Phone app
+## Deployment
-Android phone users, you can finally stop emailing yourself photos. With Your Phone you get instant access to your Android’s most recent photos on your PC. Drag and drop a photo from your phone onto your PC, then you can copy, edit, or ink on the photo.  Try it out by opening the **Your Phone** app. You’ll receive a text with a link to download an app from Microsoft to your phone. Android 7.0+ devices with ethernet or Wi-Fi on unmetered networks are compatible with the **Your Phone** app. For PCs tied to the China region, **Your Phone** app services will be enabled in the future.
+### Windows Autopilot self-deploying mode
 For iPhone users, **Your Phone** app also helps you to link your phone to your PC. Surf the web on your phone, then send the webpage instantly to your computer to continue what you’re doing–-read, watch, or browse-- with all the benefits of a bigger screen. 
 ![your phone](images/your-phone.png "your phone")
 The desktop pin takes you directly to the **Your Phone** app for quicker access to your phone’s content. You can also go through the all apps list in Start, or use the Windows key and search for **Your Phone**. 
 ## Wireless projection experience
 One of the things we’ve heard from you is that it’s hard to know when you’re wirelessly projecting and how to disconnect your session when started from file explorer or from an app. In Windows 10, version 1809, you’ll see a control banner at the top of your screen when you’re in a session (just like you see when using remote desktop). The banner keeps you informed of the state of your connection, allows you to quickly disconnect or reconnect to the same sink, and allows you to tune the connection based on what you are doing. This tuning is done via **Settings**, which optimizes the screen-to-screen latency based on one of the three modes:
 * Game mode minimizes the screen-to-screen latency to make gaming over a wireless connection possible
 * Video mode increases the screen-to-screen latency to ensure the video on the big screen plays back smoothly
 * Productivity modes strikes a balance between game mode and video mode; the screen-to screen-latency is responsive enough that typing feels natural, while ensuring videos don’t glitch as often.
 ![wireless projection banner](images/beaming.png "wireless projection banner")
 ## Windows Autopilot self-deploying mode
 Windows Autopilot self-deploying mode enables a zero touch device provisioning experience. Simply power on the device, plug it into the Ethernet, and the device is fully configured automatically by Windows Autopilot. 
@ -55,65 +34,16 @@ You can utilize Windows Autopilot self-deploying mode to register the device to
 To learn more about Autopilot self-deploying mode and to see step-by-step instructions to perform such a deployment, [Windows Autopilot self-deploying mode](https://docs.microsoft.com/windows/deployment/windows-autopilot/self-deploying). 
-## Kiosk setup experience
+### SetupDiag
-We introduced a simplified assigned access configuration experience in **Settings** that allows device administrators to easily set up a PC as a kiosk or digital sign. A wizard experience walks you through kiosk setup including creating a kiosk account that will automatically sign in when a device starts.
+[SetupDiag](/windows/deployment/upgrade/setupdiag.md) version 1.4 is released. SetupDiag is a standalone diagnostic tool that can be used to troubleshoot issues when a Windows 10 upgrade is unsuccessful. 
-To use this feature, go to **Settings**, search for **assigned access**, and open the **Set up a kiosk** page. 
+## Security
 ![set up a kiosk](images/kiosk-mode.png "set up a kiosk")
 Microsoft Edge kiosk mode running in single-app assigned access has two kiosk types.
 1.__Digital / Interactive signage__ that displays a specific website full-screen and runs InPrivate mode.
 2.__Public browsing__ supports multi-tab browsing and runs InPrivate mode with minimal features available. Users cannot minimize, close, or open new Microsoft Edge windows or customize them using Microsoft Edge Settings. Users can clear browsing data and downloads, and restart Microsoft Edge by clicking **End session**. Administrators can configure Microsoft Edge to restart after a period of inactivity.
 ![single app assigned access](images/SingleApp_contosoHotel_inFrame@2x.png "single app assigned access")
 Microsoft Edge kiosk mode running in multi-app assigned access has two kiosk types. 
 >[!NOTE]
 >The following Microsoft Edge kiosk mode types cannot be setup using the new simplified assigned access configuration wizard in Windows 10 Settings.
 1.__Public browsing__ supports multi-tab browsing and runs InPrivate mode with minimal features available. In this configuration, Microsoft Edge can be one of many apps available. Users can close and open multiple InPrivate mode windows.
 ![multi-app assigned access](images/Multi-app_kiosk_inFrame.png "multi-app assigned access")
 2.__Normal mode__ runs a full version of Microsoft Edge, although some features may not work depending on what apps are configured in assigned access. For example, if the Microsoft Store is not set up, users cannot get books.
 ![normal mode](images/Normal_inFrame.png "normal mode")
 Learn more about [Microsoft Edge kiosk mode](https://docs.microsoft.com/microsoft-edge/deploy/microsoft-edge-kiosk-mode-deploy).
 ## Registry editor improvements
 We added a dropdown that displays as you type to help complete the next part of the path. You can also press **Ctrl + Backspace** to delete the last word, and **Ctrl + Delete** to delete the next word.
 ![Registry editor dropdown](images/regeditor.png "Registry editor dropdown")
 ## Remote Desktop with Biometrics
 Azure Active Directory and Active Directory users using Windows Hello for Business can use biometrics to authenticate to a remote desktop session.
 ![Enter your credentials](images/RDPwBioTime.png "Windows Hello")
 To get started, sign into your device using Windows Hello for Business. Bring up **Remote Desktop Connection** (mstsc.exe), type the name of the computer you want to connect to, and click __Connect__.
 Windows remembers that you signed using Windows Hello for Business, and automatically selects Windows Hello for Business to authenticate you to your RDP session. You can also click __More choices__ to choose alternate credentials.
 ![Enter your credentials](images/RDPwBio2.png "Windows Hello personal")
 In this example, Windows uses facial recognition to authenticate the RDP session to the Windows Server 2016 Hyper-V server. You can continue to use Windows Hello for Business in the remote session, but you must use your PIN.
 ![Microsoft Hyper-V Server 2016](images/hyper-v.png "Microsoft Hyper-V Server 2016")
 ## Security Improvements 
 We’ve continued to work on the **Current threats** area in  [Virus & threat protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-security-center/wdsc-virus-threat-protection), which now displays all threats that need action. You can quickly take action on threats from this screen: 
 ![Virus & threat protection settings](images/virus-and-threat-protection.png "Virus & threat protection settings")
 With controlled folder access you can help prevent ransomware and other destructive malware from changing your personal files. In some cases, apps that you normally use might be blocked from making changes to common folders like **Documents** and **Pictures**. We’ve made it easier for you to add apps that were recently blocked so you can keep using your device without turning off the feature altogether.
 When an app is blocked, it will appear in a recently blocked apps list, which you can get to by clicking **Manage settings** under the **Ransomware protection** heading. Click **Allow an app through Controlled folder access**. After the prompt, click the **+** button and choose **Recently blocked apps**. Select any of the apps to add them to the allowed list. You can also browse for an app from this page.
@ -146,16 +76,20 @@ For example, you can choose the XTS-AES 256 encryption algorithm, and have it ap
 Windows Defender Application Guard (WDAG) introduced a new user interface inside **Windows Security** in this release. Standalone users can now install and configure their Windows Defender Application Guard settings in Windows Security without needing to change registry key settings. 
-Additionally, users who are managed by enterprise policies will be able to check their settings to see what their administrators have configured for their machines to better understand the behavior of Windows Defender Application Guard. This new UI improves the overall experience for users while managing and checking their Windows Defender Application Guard settings. As long as devices meet the minimum requirements, these settings will appear in Windows Security. For detailed information, click [here](https://techcommunity.microsoft.com/t5/Windows-Insider-Program/test/m-p/214102#M1709).
+Additionally, users who are managed by enterprise policies will be able to check their settings to see what their administrators have configured for their machines to better understand the behavior of Windows Defender Application Guard. This new UI improves the overall experience for users while managing and checking their Windows Defender Application Guard settings. As long as devices meet the minimum requirements, these settings will appear in Windows Security. For more information, see [Windows Defender Application Guard inside Windows Security App](https://techcommunity.microsoft.com/t5/Windows-Insider-Program/test/m-p/214102#M1709).
 To try this:
 To try this, 
 1. Go to**Windows Security** and select **App & browser control**.
 ![Security at a glance](images/1_AppBrowser.png "app and browser control")
 2. Under **Isolated browsing**, select **Install Windows Defender Application Guard**, then install and restart the device.
 ![Isolated browser](images/2_InstallWDAG.png "isolated browsing")
 3. Select **Change Application Guard** settings.
 ![change WDAG settings](images/3_ChangeSettings.png "change settings")
 4. Configure or check Application Guard settings.
 See the following example:
 ![Security at a glance](images/1_AppBrowser.png "app and browser control")
 ![Isolated browser](images/2_InstallWDAG.png "isolated browsing")
 ![change WDAG settings](images/3_ChangeSettings.png "change settings")
 ![view WDAG settings](images/4_ViewSettings.jpg "view settings")
 ### Windows Security Center
@ -215,6 +149,42 @@ Windows Defender ATP now adds support for Windows Server 2019. You'll be able to
 - [Onboard previous versions of Windows](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection)<br>
 Onboard supported versions of Windows machines so that they can send sensor data to the Windows Defender ATP sensor
 ## Kiosk setup experience
 We introduced a simplified assigned access configuration experience in **Settings** that allows device administrators to easily set up a PC as a kiosk or digital sign. A wizard experience walks you through kiosk setup including creating a kiosk account that will automatically sign in when a device starts.
 To use this feature, go to **Settings**, search for **assigned access**, and open the **Set up a kiosk** page. 
 ![set up a kiosk](images/kiosk-mode.png "set up a kiosk")
 Microsoft Edge kiosk mode running in single-app assigned access has two kiosk types.
 1. **Digital / Interactive signage** that displays a specific website full-screen and runs InPrivate mode.
 2. **Public browsing** supports multi-tab browsing and runs InPrivate mode with minimal features available. Users cannot minimize, close, or open new Microsoft Edge windows or customize them using Microsoft Edge Settings. Users can clear browsing data and downloads, and restart Microsoft Edge by clicking **End session**. Administrators can configure Microsoft Edge to restart after a period of inactivity.
 ![single app assigned access](images/SingleApp_contosoHotel_inFrame@2x.png "single app assigned access")
 Microsoft Edge kiosk mode running in multi-app assigned access has two kiosk types. 
 >[!NOTE]
 >The following Microsoft Edge kiosk mode types cannot be setup using the new simplified assigned access configuration wizard in Windows 10 Settings.
 **Public browsing** supports multi-tab browsing and runs InPrivate mode with minimal features available. In this configuration, Microsoft Edge can be one of many apps available. Users can close and open multiple InPrivate mode windows.
 ![multi-app assigned access](images/Multi-app_kiosk_inFrame.png "multi-app assigned access")
 **Normal mode** runs a full version of Microsoft Edge, although some features may not work depending on what apps are configured in assigned access. For example, if the Microsoft Store is not set up, users cannot get books.
 ![normal mode](images/Normal_inFrame.png "normal mode")
 Learn more about [Microsoft Edge kiosk mode](https://docs.microsoft.com/microsoft-edge/deploy/microsoft-edge-kiosk-mode-deploy).
 ## Registry editor improvements
 We added a dropdown that displays as you type to help complete the next part of the path. You can also press **Ctrl + Backspace** to delete the last word, and **Ctrl + Delete** to delete the next word.
 ![Registry editor dropdown](images/regeditor.png "Registry editor dropdown")
 ## Faster sign-in to a Windows 10 shared pc
 Do you have shared devices deployed in your work place? **Fast sign-in** enables users to sign in to a shared Windows 10 PC in a flash!
@ -224,7 +194,7 @@ Do you have shared devices deployed in your work place? **Fast sign-in** enables
 2. Set the Policy CSP, and the Authentication and EnableFastFirstSignIn policies to enable fast sign-in.
 3. Sign-in to a shared PC with your account. You'll notice the difference!
-![fast sign-in](images/fastsignin.png "fast sign-in")
+    ![fast sign-in](images/fastsignin.png "fast sign-in")
 ## Web sign-in to Windows 10
@ -236,4 +206,36 @@ Until now, Windows logon only supported the use of identities federated to ADFS
 3. On the lock screen, select web sign-in under sign-in options.
 4. Click the “Sign in” button to continue.
-![Web sign-in](images/websignin.png "web sign-in")
+    ![Web sign-in](images/websignin.png "web sign-in")
 ## Your Phone app
 Android phone users, you can finally stop emailing yourself photos. With Your Phone you get instant access to your Android’s most recent photos on your PC. Drag and drop a photo from your phone onto your PC, then you can copy, edit, or ink on the photo.  Try it out by opening the **Your Phone** app. You’ll receive a text with a link to download an app from Microsoft to your phone. Android 7.0+ devices with ethernet or Wi-Fi on unmetered networks are compatible with the **Your Phone** app. For PCs tied to the China region, **Your Phone** app services will be enabled in the future.
 For iPhone users, **Your Phone** app also helps you to link your phone to your PC. Surf the web on your phone, then send the webpage instantly to your computer to continue what you’re doing–-read, watch, or browse-- with all the benefits of a bigger screen. 
 ![your phone](images/your-phone.png "your phone")
 The desktop pin takes you directly to the **Your Phone** app for quicker access to your phone’s content. You can also go through the all apps list in Start, or use the Windows key and search for **Your Phone**. 
 ## Wireless projection experience
 One of the things we’ve heard from you is that it’s hard to know when you’re wirelessly projecting and how to disconnect your session when started from file explorer or from an app. In Windows 10, version 1809, you’ll see a control banner at the top of your screen when you’re in a session (just like you see when using remote desktop). The banner keeps you informed of the state of your connection, allows you to quickly disconnect or reconnect to the same sink, and allows you to tune the connection based on what you are doing. This tuning is done via **Settings**, which optimizes the screen-to-screen latency based on one of the three modes:
 * Game mode minimizes the screen-to-screen latency to make gaming over a wireless connection possible
 * Video mode increases the screen-to-screen latency to ensure the video on the big screen plays back smoothly
 * Productivity modes strikes a balance between game mode and video mode; the screen-to screen-latency is responsive enough that typing feels natural, while ensuring videos don’t glitch as often.
 ![wireless projection banner](images/beaming.png "wireless projection banner")
 ## Remote Desktop with Biometrics
 Azure Active Directory and Active Directory users using Windows Hello for Business can use biometrics to authenticate to a remote desktop session.
 To get started, sign into your device using Windows Hello for Business. Bring up **Remote Desktop Connection** (mstsc.exe), type the name of the computer you want to connect to, and click **Connect**. Windows remembers that you signed using Windows Hello for Business, and automatically selects Windows Hello for Business to authenticate you to your RDP session. You can also click **More choices** to choose alternate credentials. Windows uses facial recognition to authenticate the RDP session to the Windows Server 2016 Hyper-V server. You can continue to use Windows Hello for Business in the remote session, but you must use your PIN.
 See the following example:
 ![Enter your credentials](images/RDPwBioTime.png "Windows Hello")
 ![Enter your credentials](images/RDPwBio2.png "Windows Hello personal")
 ![Microsoft Hyper-V Server 2016](images/hyper-v.png "Microsoft Hyper-V Server 2016")