Merge branch 'security-book-24' of github.com:paolomatarazzo/windows-docs-pr into security-book-24

windows/security/book/application-security-application-isolation.md

@@ -56,7 +56,7 @@ Once Windows Sandbox is closed, nothing persists on the device. All the software
 
 ## Windows Subsystem for Linux (WSL)
 
-With Windows Subsystem for Linux (WSL) you can run a Linux environment on your Windows device, without the need for a separate virtual machine or dual booting. WSL is designed to provide a seamless and productive experience for developers who want to use both Windows and Linux at the same time. In Ge, we added three networking security features and Intune/MDM integration in WSL on Windows 11 (SV2 and Ge) for Enterprises:
+With Windows Subsystem for Linux (WSL) you can run a Linux environment on your Windows device, without the need for a separate virtual machine or dual booting. WSL is designed to provide a seamless and productive experience for developers who want to use both Windows and Linux at the same time. In 24H2, we added three networking security features and Intune/MDM integration in WSL on Windows 11:
 
 - **Hyper-V Firewall**: This new firewall setting is a network firewall solution that enables filtering of inbound and outbound traffic to/from WSL containers hosted by Windows
 - **DNS Tunneling**: This new networking setting improves compatibility in different networking environments and makes use of virtualization features to obtain DNS information rather than a networking packet

windows/security/book/cloud-services-protect-your-work-information.md

@@ -84,7 +84,7 @@ Microsoft Intune<sup>[\[15\]](conclusion.md#footnote15)</sup> is a comprehensive
 
 Intune works with Microsoft Entra ID to manage security features and processes, including multifactor authentication and conditional access.
 
-Organizations can cut costs while securing and managing remote devices through the cloud in compliance with company policies<sup>[\[15\]](conclusion.md#footnote16)</sup>. For example, organizations can save time and money by provisioning preconfigured devices to remote employees using Windows Autopilot.
+Organizations can cut costs while securing and managing remote devices through the cloud in compliance with company policies<sup>[\[16\]](conclusion.md#footnote16)</sup>. For example, organizations can save time and money by provisioning preconfigured devices to remote employees using Windows Autopilot.
 
 Windows 11 enables IT professionals to move to the cloud while consistently enforcing security policies. Windows 11 provides expanded support for group policy administrative templates (ADMX-backed policies) in cloud-native device management solutions like Microsoft Intune, enabling IT professionals to easily apply the same security policies to both on-premises and remote devices.
 

windows/security/book/identity-protection-passwordless-sign-in.md

@@ -117,12 +117,6 @@ Enhanced Sign-in Security is configured by device manufacturers during the manuf
 
 - [Windows Hello Enhanced Sign-in Security][LINK-5]
 
-## FIDO2 support
-
-The FIDO Alliance, the Fast Identity Online industry standards body, was established to promote authentication technologies and standards that reduce reliance on passwords. FIDO Alliance and World Wide Web Consortium (W3C) have worked together to define the Client to Authenticator Protocol (CTAP2) and Web Authentication (WebAuthn) specifications, which are the industry standard for providing strong, phishing-resistant, user friendly, and privacy preserving authentication across the web and apps. FIDO standards and certifications are becoming recognized as the leading standard for creating secure authentication solutions across enterprises, governments, and consumer markets.
-
-Windows 11 can also use passkeys from external FIDO2 security keys for authentication alongside or in addition to Windows Hello and Windows Hello for Business, which is also a FIDO2-certified passwordless solution. As a result, Windows 11 can be used as a FIDO authenticator for many popular identity management services.
-
 ### Passkeys
 
 Windows 11 makes it much harder for hackers who exploit stolen passwords via phishing attacks by empowering users to replace passwords with passkeys. Passkeys are the cross-platform future of secure sign-in. Microsoft and other technology leaders are supporting passkeys across their platforms and services.
@@ -136,6 +130,12 @@ Passkeys on Windows 11 are protected by Windows Hello or Windows Hello for Busin
 - [Support for passkeys in Windows][LINK-10]
 - [Enable passkeys (FIDO2) for your organization][LINK-9]
 
+## FIDO2
+
+The FIDO Alliance, the Fast Identity Online industry standards body, was established to promote authentication technologies and standards that reduce reliance on passwords. FIDO Alliance and World Wide Web Consortium (W3C) have worked together to define the Client to Authenticator Protocol (CTAP2) and Web Authentication (WebAuthn) specifications, which are the industry standard for providing strong, phishing-resistant, user friendly, and privacy preserving authentication across the web and apps. FIDO standards and certifications are becoming recognized as the leading standard for creating secure authentication solutions across enterprises, governments, and consumer markets.
+
+Windows 11 can also use passkeys from external FIDO2 security keys for authentication alongside or in addition to Windows Hello and Windows Hello for Business, which is also a FIDO2-certified passwordless solution. As a result, Windows 11 can be used as a FIDO authenticator for many popular identity management services.
+
 ## Microsoft Authenticator
 
 The Microsoft Authenticator app, which runs on iOS and Android devices, helps keeping Windows 11 users secure and productive. Microsoft Authenticator can be used to bootstrap Windows Hello for Business, which removes the need for a password to get started on Windows 11.