From 9f04afe6e310725baa8af6fbec86bfdc4b84e343 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Tue, 1 Aug 2023 10:18:38 -0400
Subject: [PATCH 1/4] Changed Microsoft Recommended Block list article

---
 .openpublishing.redirection.windows-security.json         | 5 +++++
 .../windows-defender-application-control/TOC.yml          | 2 +-
 ...lock-rules.md => applications-that-can-bypass-wdac.md} | 8 ++++----
 3 files changed, 10 insertions(+), 5 deletions(-)
 rename windows/security/application-security/application-control/windows-defender-application-control/design/{microsoft-recommended-block-rules.md => applications-that-can-bypass-wdac.md} (99%)

diff --git a/.openpublishing.redirection.windows-security.json b/.openpublishing.redirection.windows-security.json
index 998d8fad5e..b1fdc02d36 100644
--- a/.openpublishing.redirection.windows-security.json
+++ b/.openpublishing.redirection.windows-security.json
@@ -80,6 +80,11 @@
       "redirect_url": "/windows/security/operating-system-security/device-management/windows-security-configuration-framework/windows-security-baselines",
       "redirect_document_id": false
     },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md",
+      "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/applications-that-can-bypass-wdac",
+      "redirect_document_id": false
+    },
     {
       "source_path": "windows/security/apps.md",
       "redirect_url": "/windows/security/application-security",
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/TOC.yml b/windows/security/application-security/application-control/windows-defender-application-control/TOC.yml
index 70c937a286..4db0c9a48f 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/TOC.yml
+++ b/windows/security/application-security/application-control/windows-defender-application-control/TOC.yml
@@ -55,7 +55,7 @@
               href: design/create-wdac-policy-using-reference-computer.md
             - name: Create a WDAC deny list policy
               href: design/create-wdac-deny-policy.md
-            - name: Microsoft recommended block rules
+            - name: Applications that can bypass WDAC and how to block them
               href: design/microsoft-recommended-block-rules.md
             - name: Microsoft recommended driver block rules
               href: design/microsoft-recommended-driver-block-rules.md
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-block-rules.md b/windows/security/application-security/application-control/windows-defender-application-control/design/applications-that-can-bypass-wdac.md
similarity index 99%
rename from windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-block-rules.md
rename to windows/security/application-security/application-control/windows-defender-application-control/design/applications-that-can-bypass-wdac.md
index ebc63fd06e..bcce7c5578 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-block-rules.md
+++ b/windows/security/application-security/application-control/windows-defender-application-control/design/applications-that-can-bypass-wdac.md
@@ -1,15 +1,15 @@
 ---
-title: Microsoft recommended block rules
+title: Applications that can bypass WDAC and how to block them
 description: View a list of recommended block rules, based on knowledge shared between Microsoft and the wider security community.
 ms.localizationpriority: medium
 ms.date: 06/14/2023
 ms.topic: reference
 ---
 
-# Microsoft recommended block rules
+# Applications that can bypass WDAC and how to block them
 
->[!NOTE]
->Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [WDAC feature availability](../feature-availability.md).
+> [!NOTE]
+> Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [WDAC feature availability](../feature-availability.md).
 
 Members of the security community<sup>*</sup> continuously collaborate with Microsoft to help protect customers. With the help of their valuable reports, Microsoft has identified a list of valid applications that an attacker could also potentially use to bypass WDAC.
 

From f21715f6176866edcccc2590e775f7e2b0f7dbf8 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Tue, 1 Aug 2023 10:21:51 -0400
Subject: [PATCH 2/4] Update TOC

---
 .../windows-defender-application-control/TOC.yml                | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/application-security/application-control/windows-defender-application-control/TOC.yml b/windows/security/application-security/application-control/windows-defender-application-control/TOC.yml
index 4db0c9a48f..3815f2af27 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/TOC.yml
+++ b/windows/security/application-security/application-control/windows-defender-application-control/TOC.yml
@@ -56,7 +56,7 @@
             - name: Create a WDAC deny list policy
               href: design/create-wdac-deny-policy.md
             - name: Applications that can bypass WDAC and how to block them
-              href: design/microsoft-recommended-block-rules.md
+              href: design/applications-that-can-bypass-wdac.md
             - name: Microsoft recommended driver block rules
               href: design/microsoft-recommended-driver-block-rules.md
         - name: Use the WDAC Wizard tool

From 5af2f032a7d5e8c84d24ccf5dd58e64d319330fe Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Tue, 1 Aug 2023 10:25:34 -0400
Subject: [PATCH 3/4] Fix redirect

---
 .openpublishing.redirection.windows-security.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.openpublishing.redirection.windows-security.json b/.openpublishing.redirection.windows-security.json
index b1fdc02d36..7347d35cb3 100644
--- a/.openpublishing.redirection.windows-security.json
+++ b/.openpublishing.redirection.windows-security.json
@@ -81,7 +81,7 @@
       "redirect_document_id": false
     },
     {
-      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-driver-block-rules.md",
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-block-rules.md",
       "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/applications-that-can-bypass-wdac",
       "redirect_document_id": false
     },

From 874ec6b210c75d39136bb382034ec26e73f3f63f Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Tue, 1 Aug 2023 10:27:33 -0400
Subject: [PATCH 4/4] Fix links

---
 .../windows-defender-application-control/index.yml            | 4 ++--
 .../windows-defender-application-control/wdac.md              | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/security/application-security/application-control/windows-defender-application-control/index.yml b/windows/security/application-security/application-control/windows-defender-application-control/index.yml
index 116b217e84..1b1d46e536 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/index.yml
+++ b/windows/security/application-security/application-control/windows-defender-application-control/index.yml
@@ -33,8 +33,8 @@ landingContent:
         links:
           - text: Using code signing to simplify application control
             url: deployment/use-code-signing-for-better-control-and-protection.md
-          - text: Microsoft's Recommended Blocklist
-            url: design/microsoft-recommended-block-rules.md
+          - text: Applications that can bypass WDAC and how to block them
+            url: design/applications-that-can-bypass-wdac.md
           - text: Microsoft's Recommended Driver Blocklist
             url: design/microsoft-recommended-driver-block-rules.md
           - text: Example WDAC policies
diff --git a/windows/security/application-security/application-control/windows-defender-application-control/wdac.md b/windows/security/application-security/application-control/windows-defender-application-control/wdac.md
index dee33405bb..7ee7a13013 100644
--- a/windows/security/application-security/application-control/windows-defender-application-control/wdac.md
+++ b/windows/security/application-security/application-control/windows-defender-application-control/wdac.md
@@ -47,7 +47,7 @@ Smart App Control is only available on clean installation of Windows 11 version
 
 ### Smart App Control Enforced Blocks
 
-Smart App Control enforces the [Microsoft Recommended Driver Block rules](design/microsoft-recommended-driver-block-rules.md) and the [Microsoft Recommended Block Rules](design/microsoft-recommended-block-rules.md), with a few exceptions for compatibility considerations. The following are not blocked by Smart App Control:
+Smart App Control enforces the [Microsoft Recommended Driver Block rules](design/microsoft-recommended-driver-block-rules.md) and the [Microsoft Recommended Block Rules](design/applications-that-can-bypass-wdac.md), with a few exceptions for compatibility considerations. The following are not blocked by Smart App Control:
 
 - Infdefaultinstall.exe
 - Microsoft.Build.dll