Merge branch 'master' of https://cpubwin.visualstudio.com/_git/it-client into FromPrivateRepo

2025-05-14 14:27:22 +00:00 · 2019-02-22 15:41:30 -08:00 · 2019-02-22 15:41:30 -08:00 · 7a6edabf41
commit 7a6edabf41
parent fb05a9eb54 6ca22b442e
5 changed files with 18 additions and 10 deletions
--- a/windows/client-management/mdm/images/custom-profile-prevent-device-ids.png
+++ b/windows/client-management/mdm/images/custom-profile-prevent-device-ids.png
--- a/windows/client-management/mdm/policy-csp-deviceinstallation.md
+++ b/windows/client-management/mdm/policy-csp-deviceinstallation.md
@ -442,13 +442,6 @@ To verify the policy is applied, check C:\windows\INF\setupapi.dev.log and see i
 <<<  Section end 2018/11/15 12:26:41.751
 <<<  [Exit status: SUCCESS]
 ```
-
-Windows Defender ATP also blocks installation and usage of prohibited peripherals by using a custom profile in Intune. 
-
-For example, this custom profile blocks installation and usage of USB devices with hardware IDs "USBSTOR\DiskVendorCo" and "USBSTOR\DiskSanDisk_Cruzer_Glide_3.0", and applies to USB devices with matching hardware IDs that are already installed.
-
-![Custom profile](images/custom-profile-prevent-device-ids.png)
-
 <hr/>

 <!--Policy-->
@ -546,6 +539,13 @@ To verify the policy is applied, check C:\windows\INF\setupapi.dev.log and see i
 <<<  [Exit status: SUCCESS]
 ```

+Windows Defender ATP also blocks installation and usage of prohibited peripherals by using a custom profile in Intune. 
+
+For example, this custom profile blocks installation and usage of USB devices with hardware IDs "USB\Composite" and "USB\Class_FF", and applies to USB devices with matching hardware IDs that are already installed.
+
+![Custom profile](images/custom-profile-prevent-device-ids.png)
+
+
 <!--Policy-->
 <a href="" id="deviceinstallation-preventinstallationofmatchingdevicesetupclasses"></a>**DeviceInstallation/PreventInstallationOfMatchingDeviceSetupClasses**  

--- a/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.md
@ -7,7 +7,11 @@ ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: brianlic-msft
+author: justinha
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: conceptual
 ms.date: 02/21/2019
 ---

--- a/windows/security/threat-protection/windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md
@ -24,6 +24,10 @@ In addition to standard on-premises or hardware configurations, you can also use

 Boot storms can be a problem in large-scale VDIs; this guide will help reduce the overall network bandwidth and performance impact on your hardware.

+>[!NOTE]
+>We've recently introduced a new feature that helps reduce the network and CPU overhead ov VMs when obtaining security intelligence updates. If you'd like to test this feature before it's released generally, [download the PDF guide for VDI performance improvement testing](https://demo.wd.microsoft.com/Content/wdav-testing-vdi-ssu.pdf).
+
+
 We recommend setting the following when deploying Windows Defender Antivirus in a VDI environment:

 Location | Setting | Suggested configuration
--- a/windows/security/threat-protection/windows-defender-atp/overview-attack-surface-reduction.md
+++ b/windows/security/threat-protection/windows-defender-atp/overview-attack-surface-reduction.md
@ -15,7 +15,7 @@ manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: conceptual
-ms.date: 07/01/2018
+ms.date: 02/21/2019
 ---

 # Overview of attack surface reduction
@ -27,7 +27,7 @@ Attack surface reduction capabilities in Windows Defender ATP helps protect the

 | Capability | Description |
 |------------|-------------|
-| [Hardware-based isolation](../windows-defender-application-guard/wd-app-guard-overview.md) | Protects and maintains the integrity of the system as it starts and while it's running, and validates system integrity through local and remote attestation. In addition, container isolation for Microsoft Edge helps protect host operating system from malicious wbsites. |
+| [Hardware-based isolation](../windows-defender-application-guard/wd-app-guard-overview.md) | Protects and maintains the integrity of the system as it starts and while it's running, and validates system integrity through local and remote attestation. In addition, container isolation for Microsoft Edge helps protect host operating system from malicious websites. |
 | [Application control](../windows-defender-application-control/windows-defender-application-control.md) | Moves away from the traditional application trust model where all applications are assumed trustworthy by default to one where applications must earn trust in order to run. |
 | [Exploit protection](../windows-defender-exploit-guard/exploit-protection-exploit-guard.md) | Applies exploit mitigation techniques to apps your organization uses, both individually and to all apps. Works with third-party antivirus solutions and Windows Defender Antivirus (Windows Defender AV) |
 | [Network protection](../windows-defender-exploit-guard/network-protection-exploit-guard.md) | Extends the malware and social engineering protection offered by Windows Defender SmartScreen in Microsoft Edge to cover network traffic and connectivity on your organization's devices. Requires Windows Defender AV. |