From ad6f77669d1c77c8478e84d3f5cd5520a420459f Mon Sep 17 00:00:00 2001 From: Dani Halfin Date: Thu, 23 Apr 2020 20:58:23 -0700 Subject: [PATCH 01/73] review alerts added --- .../microsoft-defender-atp/review-alerts.md | 67 +++++++++++++++++++ 1 file changed, 67 insertions(+) create mode 100644 windows/security/threat-protection/microsoft-defender-atp/review-alerts.md diff --git a/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md new file mode 100644 index 0000000000..562daccd61 --- /dev/null +++ b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md @@ -0,0 +1,67 @@ +--- +title: Review alerts in Microsoft Defender Advanced Threat Protection +description: Review alert information, including a visualized attack story and details for each step of the chain. +keywords: incident, incidents, machines, devices, users, alerts, alert, investigation, graph, evidence +ms.prod: microsoft-365-enterprise +ms.pagetype: security +f1.keywords: +- NOCSH +ms.author: daniha +author: danihalfin +ms.localizationpriority: medium +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual +ms.date: 4/24/2020 +--- + +# Review alerts in Advanced Threat Protection + +**Applies to:** + +- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) + +>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-managealerts-abovefoldlink) + +[!include[Prerelease information](../../includes/prerelease.md)] + +The new alert details page in Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) provides full context to the alert, by combining attack signals and alerts related to the selected alert, to construct a detailed attack story. + +Quickly triage, investigate and take effective action on alerts that affect your organization. Understand why they were triggered, and their impact from one location. + +## Alert overview + +Once you select an alert in the alerts page, you will be taken to the alert overview. This overview includes 3 sections: + +1. [Title and involved assets](#title-and-involved-assets) +2. [Alert story](#alert-story) +3. [Details](#details) + +### Title and involved assets + +In addition to the name of the alert, as displayed in the title, this section provides additional context with impacted assets, such as devices and users that were found to be involved with this alert. You can click the asset cards to see additional information about them in the details section. + +### Alert story + +The attack story details why the alert was triggered, as well as related events that happened before and after in chronological order. + +Every entity is expandable and clickable, with alert entities being expanded by default. The expanded part of these entities provides details at-a-glance about the entity. Clicking on an entity will switch the context in the details section to this entity, and will allow you to review further information, as well as manage that entity. + +> [!NOTE] +> The attack story section may contain more than one alert, with additional alerts related to the same execution tree appearing before or after the alert you've selected. + +### Details + +The details section adjusts dynamically to the selected entity type. + +By default, the details section will display details for the selected alert. As you work through the attack story, selecting different types of entities, the details section will change to display information relevant to the selected entity type. Selecting involved assets will have the details section display information on the selected user or device. + +Aside for basic details about each entity, the details section displays historic information, when available, and offers controls to *take action* on this entity directly from the alert page. + +## Related topics + +- [Incidents overview](incidents-overview.md) +- [Investigate incidents](investigate-incidents.md) +- [Prioritize incidents](incident-queue.md) +- [Manage incidents](manage-incidents.md) \ No newline at end of file From 873de166e6fc334843891b66d4b4477e2bf27d0b Mon Sep 17 00:00:00 2001 From: Dani Halfin Date: Thu, 23 Apr 2020 21:13:10 -0700 Subject: [PATCH 02/73] fixing typo --- .../threat-protection/microsoft-defender-atp/review-alerts.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md index 562daccd61..88d4bbfbee 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md @@ -16,7 +16,7 @@ ms.topic: conceptual ms.date: 4/24/2020 --- -# Review alerts in Advanced Threat Protection +# Review alerts in Microsoft Defender Advanced Threat Protection **Applies to:** From 302dcc067fff6b69e94112899d8f0c0a4cc4b5cc Mon Sep 17 00:00:00 2001 From: Dani Halfin Date: Fri, 1 May 2020 00:59:57 -0700 Subject: [PATCH 03/73] changing the style of the new alert page --- .../images/alert-details-resolved-true.png | Bin 0 -> 39171 bytes .../images/alert-device-details.png | Bin 0 -> 35743 bytes .../images/alert-landing-view.png | Bin 0 -> 80610 bytes .../images/alert-story-tree.png | Bin 0 -> 65436 bytes .../microsoft-defender-atp/review-alerts.md | 51 +++++++++++++----- 5 files changed, 37 insertions(+), 14 deletions(-) create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/alert-details-resolved-true.png create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/alert-device-details.png create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/alert-landing-view.png create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/alert-story-tree.png diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/alert-details-resolved-true.png b/windows/security/threat-protection/microsoft-defender-atp/images/alert-details-resolved-true.png new file mode 100644 index 0000000000000000000000000000000000000000..7cd8e4cdde7fa49e93d39558d3a21c023cf2ad2d GIT binary patch literal 39171 zcmd?RWl$VZv@V(u0!i>B5ZpsTumHgw26uM|4ub`E2<{dVT!OnZxC9+w&>#a0?k*W- zaCpNx_x^cx-j8?hxmB;~byd%*?&m^tjgFSEd`A%*BBv?Uq@7yMkc64J3vtu!;?HF`Eym)V$F?*NmJ-RG zUpR7qLDbAvs(aG)<-%l#Ek1=^k|b?w$J+d5Xo{%$d)2j)Gk%i^=d;?ev*I+(f!2eI z{a8=N5sOAUcm4r!&O}cEsEq;s4v`WO5izJi9P}uD{%?vXTrte`3Bj5)6VJDPy~aIt zY;|W4F3oKW-rBYI*fHKz^9#bb>o_eZJa|9|s=$b<6fl<1hG*~l+N&C>; z&Rm?DD3BQ}kq3uN8*4=NZ0(p+BQlJ?Nh-b@!&1zaAL!gvwO%i@BtUJy@?KxOEQ6W7 z4TBDWKRjdv`f{C&EQb=W+^AO0AD%6#toBX5CHdgDN9xkx)rkgg2zV%bwgAr6SK1rF;Vk*@T(pgkl1^E}jeffUwG< zL7hYGWF70XtDLI$m6RTIN24kuBGgTW&BkhG1jy}&-2Tn@1~)6W(;l|2ve3uwq->7E zH+RJ-Jz}Ew&~0+P#c5YVVw4)y*8fC@Bql&_2AA1PV*~sMtdv$y z-&B1>4k>l9FbH0NVJ3GU3_PREc8A(O198^(*>Zqco z`RL9bdiwF}(N{F60v{Z1(dt`gHRUC-_xUlIOeqH@`{^d=HdO^FNrM{%_Ivd5yiY$0 zuKYt2_AKR*s^SX;I$uvR>5$FfC=1@3tEU%h)*T zvlodf(PfJ{i1Y)hLpWm9S_NWImDol0;6HYKQQv>3(AeyvrMg{sD6Q3BX?*#hVfI)= zsF@-@YVM?|C31;99$OID{97bM)T$S9?>LyU zXY!f(_NB}ack6x@6OLz~>LR~N4Qgaz{ zcxS0ot=uB4a~7Pg2*4G@6Z2}TG1Wr94*4Q(4~s4r))QeTXQMyv884fwq<6ftYp+r5 zoZO*7#7fR-j_?E>80I)=ueU5a65#GcPF9!$Dpsn;Sp)SC_Xmw%K5f-eV@;|+awmxrV2~A zIlszoT}JG=&%AmjLL3$*Y&zY=v+d?sgepN~gU@wq&Y%8+k~koKO~(C&q42Jd19$5s zWD*|`8XCa|0BmcH(Uv$t{dEF`5g0VOimluf0xXm3`N0wQ26ZF_TnsiF9ksWYKy2pV zHAC)jkiV{Cd)=GlA>Rup^SGU-lZa1s3?Ch#7!prjuS8w!tp9T)8ay;_@x_(Cs2*r1 zxcHs->2a{Q3VdwkJM=Iso>(}AUx@V!Oq=)ntiGEd%U`B^ZW}DN?Bk~qK*N5nzc#V+ z$0SYNYM|X7PB2-`wXdJ@P|3A`h!(9o?4mx(HZg8m#6AfhH zp6>1L=g0LQ8vvgX>`uwK8_Yn4jz(%6ic1g{BBeIHlS&l9hqntK0To@_HR@EQf)%?~ zOGBOw2s0Ta+f$=YRV^+bXbuWaQ~42DZ`b8*a<{G zA@5;LY|w!L-)E}e1{bmr^In>rBcni)@rEe@-0~xkk0r(rycUs?oOmw>OD6so2%LjyP9Hwh!9(!vHzUHq=Nh*l%9DNG{rwF zB$skA-spP9US&&M0oEG4-r<(i*CT;Ck@~idHx@kPy^1ccxn;bmTV^7!it6QnUFpT? zCF7mdj(U)L>nBrb_Zv7btiZ}yru0dn+7j|kO2=_d+jfwTFhuR~Nv6dC;3EE4`@P}% z-+nrv>--N&Xn((1As!OWa_cqm$vOD0q?G2yR4&=Hd7I2=V2BogqN& zc+j{go242G(FF#qG=E9h72U*)Vr!+ON^jRj_aHDP(nANIQY68p`MSFL? zNz+cG88nq`8gW0{-iCVpv@ilX1oAYShW|bx(reY(iF|j^b23d7zz3Xf;T`61tQOw8 zG+8%0bGo3}ePcfl6#D2vC0fi)yj)>`EgAZI1H#e~yS0QZ{HBuX$+57;d$7eU&jzG) z61j>`J+}8VJ>b(+oyoQ)pz_n<|cNjMZ+v_h`< zJ!ncUu@C8uO^L!5fuu z6O!Z#WBPGp%$}{vYJ1C&na5HP-iE};o`u%eM2 zhgx(6*yCtNu-DL&tKUsET%%S>!j*(7cDa9dGc_Ea`Bsi%qeX$4+*C+>bpz36pp~_= zb!FmRrnmEt*0r>j3Szb36MluQ8*#3F%~hW%$79Ed$Ej6V2E4JWxF7e0d0nDQn;}d< ziV%y)8SBV$++;3kbH+gPpkcDo8!T_M2(S(ghuD(SAg$Sjoqj|p4ncUIt*PY|Z5 z4yKpP!>iEI-m#4o#KFfL7bfv<@p@Vu@4f6O3|BzSW6&heD%=}h zZQ~thR&Irc4zjuG-0&05es6=!x4xqhX%`JrDLdy||M*X){XN8}RzMoDQ9HgVjsFOk z#|}gV!8{+#!j5E@UrjnxJtZI%Z?_gqZnJH%xc(mYyvq%g=^(3ZtQ2MVX7f~07S}&n z%LJueJosif_@O|c49m&$iGh1|5+*ksCT{1Xax)(uR z-!{f=aOi_>@8^>(f!W-bUm9G!9I`EX*YY~Grv7Ua5w-8@;czmvu{Kmeo zpmz@A_QtwK=O0@sr(LzvMT}@9_7`E1UabRo)D{27b5eul;qA|~c%JuWkwMCkzzCzn zNIPBqzlQBBdPmtIk{R+kTTbzp$n4jl_^|D|S|+F07@#tot^|@fH`P&Y?=k}NgF@fc z3uUhTK&G(e$Vw{bMK!1A*CbWJ19<-SGrNcv#G#Uoh{hbNWfR}qoENV4I)sQESynAD z_)iyKR(?E{Ub(7=p2&1bg1|l6+Kxezb56AVy?_4%K?4`*&`L4m^HC{g=aRG$fphll z_~R%kt^>2nPi_`+XV)z*@gDEFid-^3Np?X_9^_!6U;b%r@PvfNS0?>!C3^2A1VVav z`$uosmq^*m{S#JKI5y%Wghlz4JKcUD+*_AS?6@$~xBpx6p}L7-yq~K?=cVS%M}ijZ zbC!Q(+Haeaiq`#TXt7y>E-fvRd?wdAF;kr31_9@nZaJ})^DT2Nru<=`FTTz886nHn z{7b4d_T%o?_zgP`s*538f2-M=yz7`TWKDUEOmuwGv>>;Ps>*>7O-Su+0D=d^q|5Z#r>H#HwJ;A)4<}-v$57hI z)ya`dy!1tlAWPf6s~R;(VFJZ7Uyw|HW2k?&1^GrI2|5*41U5n_2F8L5gF!9-u`PG{kZ@!&&d&4nK3oToOK=d4t5H-U78ub9#?Vz(>mq6h^VYl zEBOs5xGU(eu%7+qJ2#ALKK#8iCAY5|vHl0x#myOBTzApuA;-~PaM|TAD&c|il%3r- zYT=g8ySUn%jU^gzRW@`&=Bw%HVArKi-tV^C`Nxg)*$aMkDxSp(PPmtf3=}wVCU}o{ zSN63yW&}#sJtRx;wHy)71uV2Wof*7|AG+10f;CkS3XA5y=B9?9Y5`zzia$C1BT{-0 zOn!0WVprsPPODb1@Y7#8^@*e+(&YK+G*$6Ogo!-Ql8n9>WX#54DB3$3wJuxk!(1|FC2i^@Ou#; z%P*L6A`K@N(mzFC@t>Ye`n;6A+34fK2bZ<{h$Y;Rie$l8P3+@|7WZ<8M&x#ZJ+N5T z3-|J{nMcvE{rD>E=X`c_!))&OG;CXYv+zx8mQ4>Pn(`95=kSIs0h@Ll)>6lmC;M#a`*MkCDPF+y5XMu*EtnVTm7enj*3t9ei)`+ zo)OXe7pf7Y#^0#)uF{^DM`4{(g?Uk7*I&G2WNq;uE)jo7!|$q@(YbHGBdaprQN^d4 zR`UJ)t>3r(l!wd4^*u!rMx)eS+jM-XW?8(L{EWw+o{fKE7}JGAy1}8l}aT zBxmzDT*jt`<0OV=gFIQ8rGHjxi5XkD=}dwb?D~91xRIPpeZQ*BjpMFMT#NnfKi%0U z9K~g8RV#q0uMC*`4?HB$V|s3zStUiZxd;jVIdc?Y`lv17(L6H{S_ozOk70J|?Tk+n z`teU-Yhm>Ya3OJwqA4cw;4aXYc7ki}456I~eR_*&@|UTqD&5oA%NCb* z`Yj4{LuoGjA)rG8b{NNgDZac!uOX>Fiv)A;09%8d8)9oGMFH~f%uvHiL_XyV!jiU5 z)&gnk?Sy@ee1%mT@})6g3Sm1B;{a|0<%`awD0dvEyC^^vL^t?U7L5V{?xZKUKNkJ4 zv{|hjYesyknhJk)eWGi8^O}39?z-mMU90apd9gC?03x82O=^*Lai)6bfcGH*C6RaVfWLBkgZ=NHOs00W8a95AHI#nO(V28w4vMm}Rzy zQ0G(&@4CgN#GMtOi~3eA=x=og`K`XLH$Q*MdV736H1=7{W5!ZH0vohK$6J?rs#Mu+gMPaBr05q# z?{po3w$=>}Ul~yyf&R@Z74KwxZ1VhB7|rj|HKv-3voHN@X$D=_>wYeIRqt&fadk1; zPGZNx>zR4wjM)<+*H#A9;Qp8`#G2h@NxwstZO=VrRKGQt1Pz?AkhiS+2>a`O{ETI) zAK~nat@Aj_`L0CH#9I(U0sg;#A*j$-MdtK)uUzgy?AE`8-!Es@E?mc^I#f|4sZ<`ge_ucbr(egCuhw^9Jt z=oUYIsW*>|D(x&fN+dF}{~r)b!Zf?#guCih{=XNCkU|? zo3`_p_5pr1>zICZcCb*A^@Zf5U^oIM)Qj+?rOksa9%;Tg*Kqv0N_&=g)N?FJ+#na5 z5_W@O3bNqBSS~IaHJzbmUZ@;Eacsjiv=S=rEzZ23FgyYZdy*ktf16hP^>aqZ(5}upT2Y}WwD9>^DX>wAn?N_CH)bQs06GgOII$XVkf{IB$hL9s z7+wTgrj@fDY(M`-x;jx*E5oHpa7Rp z)CB#rH9vpaBDuZ6%9j3$p+`mga_;Bq( zy@VebolJW6)r8_k1OY}~-Lu6dn&EqYwC8Elm-f#O=m|@llH7}<2I&MrzLGMg^u~XQ!^&oP)3MF%wOvf5KOWZ58|6wPC8vchx46}wLUTA zJZ1ZO4XFoh7q%ajC*I0M2#x62Q2j}oSeP}Z3)5QP(7*XSCV|uz{k;-f9(xLZM|FSi z58UUT;vf~UNY&+fk-z>I;U#C(m`(%%+Cpb)wPdh-#Jw9M1Zk~@|4i-BuuFs$EX^m_ zUa+dzN~6dy_>!exP=%h!+^eq$B%#h1d>u+HYP6>pSGi424Pc!Huc!~vy6QH8usF>t z)zW5PO}3ruQP5QqDaFkJgU-8WCv}ZHD!rI>ZC_1Y-=AK_(m__UtSt?F09`wdT9fa_(UvQmClNqhxh1P%ylfmk374% zpaU))iuC>@|6g*w|9?I??3d%$m-nc*A{6p7B~>;aiTR>#l*fpQ5xft3jNSZqiTh_| zfTqwDCw?JJEbfP>(Vg#8>j#kh&H%|>^-j-%Yl<>#Ro!nmUF3X$7u@$jGa@?Q#7Atr zjh~0ORRtq)J{?F#$UR~R%K>SXQESK>{eb>SA0{)`CVp$Za0lLX>4C%9%6V3@LBdOWAd&&)%WhT5aj|puRS~SWmn;mU?c`&n6N9{d2SPtsocA zXirOGgzggs3e%c?$83dv-evlIZ@6_fxN;xm5P$W1&zS9NZ+P+9ED!YCdfY!x{$>m* zVRxP?|D^Ev#)qgQ5u@Iet3SImv1f-6e)y~lc--?Z@h`NDPO3l z>C~rj`*r8-?I(U$I1BOjf-Vh7sKc+CE4ccl3(nyoMkbh@hsmG-w3$=nnbCi8tMEiJnW9@q-?r<*FLv$w#iRC5<( z*l@|BH& zxV*c+5*0=Ucql5ioh}jD1^lMnFCQ}Ht9cF)heeOqF<8HAeO7ABFHCy83^N#S64qJ> z8OY6S^~Z%O3JO#Db+&X2D8;8m?}TMV@BC<_*x-Iub#hGlv(dO-1bhSQ0#^eUwxK6y zL((~P<*R7s_Qv7Lby&>J{&i*zKE*7yv}nvuH#6o>2ez&~zt+Eiqzl^T_Wx)acx{s^ z+`-!Onz&Z#=NErID1*m>ZMXKET0F7ItK(C- z?I39e$KQN$Vd~Ho{>p5o+--(E*NZh>0S*9bYzKVfq-;6g-rKuPO6#l z%1l=GbI!M*{!KdmqxJM-8W7Vs9ggZPJtBqMS?ASsqXHS+9pL8rHSxH*kFb6USvH+y zhh=EcILRF;DV6QcP8wZpR}0c2&H`ai=y_{*!{lvz95;T%4YFN3*YjYto%4U%@7;-t ze4S+(HA%4@)KJ`|9>oX4-4T1@#ybND3Q9*YpG=$`gQzNVe=8E+o06^Ym1*q!l`$Qy zaba`a1TV?akCa|Vd|IZ+2Am6?W#*@2~^zXYOL;ZzB{=%d_YG{sZ@73Qjy*C{wqX2WBMj@rgStprSG;l z$8c@iSAJ|GZZey+eQqMe{F7M#>LH)T2TR$(tU8F+v; z&lhL2#PBsUS4fM&hsQ$MK^nM#kKN>;eb@p0T+F>TLGXU}VFDwGhcx}gGjVo4YsSVh zM-0UQ;uH}0tNBKW!qW3N>14&%kV?U3)TA6Do_}YJCC*I-)GH9LoSDPEn54{?XC%%HoC+umhusZ0$x;ORIH0zJXJ6--4_u_~2=K zf<-_4oo?B3Q)@H#2rIRP zj=3uhXkjxUC|RBlUehvpz$;&M@(hm`1J2Sm|6DFI?ZZdYyhmcEboz{4DiKx2)gAXVt}Fbj&41>G{*vu{CRc{oX=`1`h}7 zeJ~5R=?k{QK>onP2JX}HO63;X3}e?i=9)tiTg?n|@!F9~bS5Hjnb^GVy4ta-4=B&g z)3S7}n~mifRHr(MhJ;0aEh)5RccIJU zP=xeoTBaSf{ip2DnJIS2n$UvRt*WpY&lyn|rhk9fGml(-GM}Wmg=v;@0X zKG(HAr(4IylgPF7X8F;Mv}B<-QHQB4{l_263?&|}8+nWj4KE3ixl9>Y6;K0P?o)+G zq-F^xZ@PtjBS;u?!Ax%f=M}bOr^l{API0%Qk1}(lfJ&1EPE1vHd;r_97(4|x_e_2z zcP7vHR1(qlxz2)6v&wVKw`FE8bIS*ctDs*hyuLO1gbYRls_$H!9ocf|49*k5tj>Ud zJ4?o`r2p0P4vsI??`(H=J&SuCbU)pq0$L5s{?Jh z4Y|`N1rsayTpUl_grn9P??`OD(RWA_lBE09N6WrcCt=2bG(wHaGkgsSOIoXQkfXC_ z&HZ0*wKUOqfNia>Jn5S`;v7bLOToUUt=Fd04QpAvt&7Cpzax))ClLSQWroXRgr5eC zofKmmWul7^U_`+_$hC#Biuf-1mJB{IZ*OzT&kf6e(Z8&nc#fCb9gP#;K^jGdAw+AO zLphz@DyYnI`H|;HsJ6LkE#=`3x7SD{vbS?4;onKu+JtRv{{;RG1GK-PYipxY_aVIL z{vyceHeUX6t4>&tR}->!%R96aS6d{3L1~|MDaF$BT>{^kYbDU-l*^a$XP7vpkB9Mn z)DF@wpvy>7I}-vF3OKWewy5X$a(XksR1_;*n)MZaCVC|A%~aJzqNQ>#N$&hHbx~Tb zgLaX+F=WVnCRC5U+BW#o+w@{hK@Ph}OjAst*qwxEri79|*)(^}bJIQp=~!RrmGz4M zvPj*E=VD?u|xtmlQ3M6mD()PViPiuk5JxjT>h-kX;O`gb+P86@4y9dV0YUU zyY=~c<)IJDaR0ZzrtNRG_*cKm^K9C>OpY%}n{Q6}G6%atVlLv=9_&wlr;BsFpHJ_p zm_|&eC-qtVx^rWG7D(#Gvl6&Gy?HsG5@JIs!Y;JBUfbl~NyJXeN+}PW(siO3W<_7K;i=(?(UeZ|-^LyD1Gq3-})v6e+2v z@!bwNxsqvr^H#!y%D`LS+QcJVmX_DN?5>trvm z!Sx7saC+X~Hl^n?2#9+bMoN4>g8kF2-qPTPGsBJeF0`aZfLgH77;YC{wyf{frbReW z<4A!$A`qK`w-l;Pdm{FIjS$w*Eu?e%aNLvFmvs3rVE<=Db%?r4Hbfv*(9+YPZCx{SQ+Bv$EPrggf}w`Ci!_G7kKcEU-R_yb`(_|kP=CC3O9XqPQJU% znPV17&$3qJ9oQ-KtS7guU}w7b$$M6Nx0YLGQ`%tkuoLj-@Z$c@;N-ovcS`xn%T|oR zdohoho~dBq>Uo)2YGm1^<4N9BIr6=F8`DVIvWE&58!hibwYE=zyNY7l@wR{shm;^I z?#b2BQj?Nr-XAX3%Q=Bg596+kt9ySY#t%NyLkur1+$pDyTPE(op)J-3Vflx2;23&ur4|;RZ8wf{bw)ld@oNJC+!dVz~SuA zKnW9t>FFE0DOnHUwJS@ZEy2g#lNXv#NL4UB?rgYnB-y8S){c&n{a&Sod)6v=TquUh zl+btH2^(X^Z{LTAofQYpx=lPSX6HuI$6-u&(_&D!R^G)t3lFRsHN>Ret4cB&Ql(d46Jrn!S;q^m-+P;Fk#Vp0lg#VmKZ96n;F54BG zlVh09Zbal%oa};%9MBZb#Ot)Lw5Y99d2ReDfA2fy=Xz<7KF1Tj`@!G)l-=ofFmXoi za1_Z!uq2G)W*>d-|K9w&OmCKm&jPl_n7df5J`jj{XZ&7ABhCk zEpmaffybhT<7g!w6aQ3o`~DB`3Wa$R6Zf8%Lf^WGTfZ6=rCa@M!yUJVoPf)3X4*Mu z?^wKy&SbQwP))4i{x+Xs*LDP^_8FIar4|D=%}eNN@*v>p@F!X)rQ8x#$3)w!tHG|K z0U_1Je@ZB3wA)Z%ZU3*vVSAaSb>~29pZzYMXGuDPm3I6CoAA6FrS|j})Qh$Ji0^o? zi3jJ+u7`Z+-d=cF;aAI&o!TT_q02!TPW?csoHteK>05Iblumc3+~2OAxC=cq;*#LY zi1T0&iVfG_9W__X$&OR@SAl52=Q)Rr&0zY<`K81UR^Um`4^!z?RkXJ9g4sTGvCG)d zJc?|u3tM*RKAJl#aiycaKJw)<$@>B6%3elI@#BEy%MT#?8=-spY!{uCk`h0@mY<;) zW;0%qb$+HzYt4EEJXxayH~K~S89Mh0!;JRJz4;;p@*>?KT1sFPF9*OdvL-mAypPp6 zXZiGE=*im|vT8HhWNAU>S!R;)jNW6MfrQg^or^ss0*Qk1xfZ^c7q}-ev&#$EZB)2x zGEfIHmmXgBO90xRBFdn`pJklE*#P-E!Y%)8`OTl=BszFE2icb3&+ z1Kkulx6?~=L~o+_%DN_@(c3GZhgE{G&N>luBGdA4NYW-vvK09CpmS9%Sm3U0? znN+oMKi4u?iC7qb9y;>SPgA*~pmdO>u?c+ec9V!V;`P?Rrz z>8bDwR=pR$dTQfYT4|u{v0v|THg+GdhLC;e3FbPH>Hz0RPOqx#T%0Mr1APuXf(&(o zQh)feS~Uc_B^&a4kv_Et;-#(RyeFcuMc=HfI zW%kSh{*#=t#|6??QC>yXvUm&`Dm4rLrWsPhXIKI2pjs;OV<9R*OZRcAUeiH!LJ7LT z^ISDtQMEI1d`iH0&DVktV?A9-B4Xc8@Tb+~597>+cHN2Fnuw(OSpP(6+UN)?vHbfp zV^}}wF8aEvku<*VN_MV(g9W|ZqQr~swm&Be9OEV@vZm2UO1RIp%XlyH*2TjwG$uH# zTT)#k_r_Tb9ymbj`J5IQJLQfi%(RW7zEw+|Ux>pKRfeC+e6oD;nkL^cz;)Ol+&DDXlfSwOb%UsiAf)U_e+jZdL z7X{fXQgFZ}>B)FzoLAUFYI>j{zJbfjZI-zR=1Q^&FLOU6_besT+*{4d&dggnbh`9H zv+Ni0H%ddGs`cV?kmrXbO=G&?f6iUt#I)?t>I?s)JlQx@TN%_n&wa0>_gGE$7viAV zT|S-7uv4R54aHHHQ|jyfIMG#T(qyINyO^cp`0QuXw0P6LzVt@>PJ}0Tj=|xWU9oUH z5u1{%((kkRTI--h%^G*tcdo>ZPl|&+nC$mDC%)nX39N}Qt%x5`Ef4(R#>=%ydU|<* zd{weTTTR%>_JNQRFrCL0QIZ~2dvq^t*TjjzdV|XqZT;{UIf+0^jsb=T4vCbuJdQa6 zk`PM=@J=E5_X1}kvDlStR{P!%%$$LRcOnB1p>4YbijP-`pVemg4>m+65aOE z;;j6G_{;`2{LnWFS+PYQuW5l*G3@qKc?$Bt{SFt|1f-$C0Z`O5^Zs&=z*|n1L|v2J zc9+qMYM=7;bDR`Ct5)XV@Hv!BruiGnVr zlr`{;$p98)|M3R@_oXy~SYqKn@QL{Qgy}8Ho}=Cf&{T|~ALBEMX_;GCE$LY#^GIp; zZzHHcg=wkp_z4e`ZQn==bUdHTm7ObQc;xr*nI*%1FH+U36lbKh~u%e-K}zxc4n!F^3*)93S8)T)6#;Yr#zFFW^hKi1)Z|R9}kb(L`>? zA5Yt*$ls7A}l*}5me(qD|2;7GdCmVpT87De8h zTZw>2n%xGkH5J?72N#|q4&05|no|ICJybXN$tr<_!;w*Ym@36#>F(cNtx%nT?}UM` z)8;g-6;%`$SE#YtF7z`X9PEy>L|m-oavUL)x>~V+EB8b*b6c2S+bWk`1=;!6u|ykS z`P@y4wVUWm<2sqfVL8Ka4_@NJ&x<%=?wRTPV+DYPlt{O@vMY@+4Ik`D2`01oTk)U- zY*D!OYPE#1XfY5-Nsy+MNK@jTWfte*Gm1w0LtJwuQ)*X;IIOJ~drI%B<9jVbiImSd zF8eZt)|;hXi9n0G>O`Z?nMgvqCwNry|1jcG}~XU{E;H9q+D#+mB<=!_Xo)jJ~CV0|%< zHUV(0F5D(aY#9oW%pS477^47I;CtCJCyt^q2hP%%#%?v}(OZn*)BvhD$N21Z-w>GS zCVh~)K(W0ewdT86hnv2|M-eQ#>*=M4277d!b)+p8`9&^8{6dk_qMUBK67n<6mSx3IZ7L;BS8L37=0~1TwcyUAZE%Exe*eiE0E6WbamVu{c0zUgti176 zYoY|AspaL(w{w(Jf8D7Cw3%^bI|OT zt7cwjT{$!1zj;+j`RU^0-x>{jW1Mm3=XG&WbsrM4W-Kf z#mnwRvd~7WIy~(sug`})Jp@f&ywbsrS%vBk3$xESM-#JKm|AWPM^6f>6vWGFV~FC& zo6L$a8!V!+?_zN2P4v=9i|Z6IazhwV3V-vp1pY4_1SPv({oI>>N)_Loyo)W(l78;5 z8Z2pt6pqba<^EasJpU{FGkx{yoc@v|eX;>}L=Pv! zHf~aJ;7~fRi&yEOZX8CZN{*2R@IozJ9F*moXP1dhlJ#q0!gHzb8D2D3%K>Gh; z?DJlS)<)!oG@$AX{5o=&^?!s=|HIk)Ur%m1dzT;iV27bfb2)B_|H}|ttRR%SbMg&g z-+xr~zx1lcB_{S*B5)~!KEpnv(BL52e^HRoL^kaj!1%ZEW|-)5E zdzwe&Xvd9L(I(uE6RH+PjZ$koXmG2EDE8w5CwFhV||{ek^drfkv( zOO$6Sz6JdK=HRChY5>vFPN5b6$#C<%her0sh@-`uDNdlYu?6{$_+7{of@EwEv$GFM zEdzp8G|TBSew)@Rk5+N&9F42MlWYx?t%dy=y?6MbqI^fNQKUV53u$Gq${CsvX{yf! zviDu_VWcH3zhZ^xUNAOwyt;_T>p9kyE!!JA%XD_zHljZl^?o;a~`;|NeCeZGLk!T2m-#y@q$d3^7`JG~?kFR$^q7vvOqII^* z_>{3k!4p1lZhlU_D`46M)cj_q|L`oo0@BYn-uBe500qn?=Rfb4OmIidxhC6xiTK}6 z;uFVZidKFfTo0DfAPfYYfar!_xrG23teCpwXM;BMBB}!^}ybt}I)0DFA*^WtbmetChs*DBBN=01e?OML&$I9E`#vaf1L*eXQf z3m?aI)=2knE0T($9lk4)iX3c@s(1-pUTm4o|28WOm}OwBdYp?)z_diOnJ;ax|X0`jbuQXLSXr%@m-{x!Ju+aypL5RhD-V`jO?Z+=%+v~-2= zX{X{L(;qLhq2;K|%jhNb5Obub;r}wUT&we=X;9!iIx*8$Ny%h|)khI!QzhBuVsh=5 z;M0i9{SZ30HYuVfZJM~g9^oOM>Kt`$D?Ys=2v|JHx1@d3hDzE}qxq&Abl1Ff#z6nH zGQG9bjU(-ulQm@vk?qQK26&nGNv3Qh0M3I~hW3}FB6d1ueh^_d3Jm44**jQ(40JbJ zNGn;yf>l;|5p^c(xeC!XY}>WEM~&J?>;SyV7z;SoOL2}TqsD<cZW>>%}{}5j zgX)N+mZRksiCC|%59IP+`$!=+T)JQNcpn3?ygU+$vi~z+iztn0d73=vhHD$KMUc$p z1+2r5gN@bnaj73{Rn`KyGw8O72hHk}-JCMjy3KMqXdLS;hDSijC#54T+td;}&e<1PmN@tXEd%%f9$i%Y2@``&OVK2(TT?w9TNLZALeb!+ zma!;SZ@s|X51r&#uO8>DqmOdvXNB0uYeNibT4xj)CuitpEJAG)UHJ@!o5Tw8>Tkr8 zz+qqKIYZsPHU71Yz4fhR-^OlqbXR|)feIp`;s9Q40whD!KR<^)MY)2eFY^Ar`-~fz zi!3TFB@P@K2=EeRUU{2zH0MgVS7zqwc23IhED25KoDVmr^h4;GaY+Fza3t_;Xd)cX0ng7sVj7MA zCBIp^i|^`8N`yQnsg7XqZ&06QHMvqDLp~!M*9fkr6U_ zQGkQbAKtdq1Bm5@H6YQAY&I|QcyiR#d5p4f)e|nAeNfI5R02z5z@>7MlJiH=Zyy}4 zM<2E+>jzi34b4~D^x`U0`xmIUTuP4Wlr-YL17wMw6sUaBuCFjZQgY7X9obb;&q(HC zn1s|dICUUps$5!dE_oCwiT0IIOnZAnP4xQ;t3zHq}@G6rB z{}L8?0~gm`^M_p@kE{M|yxUM;CpWc+m2uAbFWuX<&!saq3R}vW55L;AhB%ifuzlYkp_6 zmW7`$fVp92iLgc%rk*|QL*c)a1hb?cOP$`GJJdXHi^&2@M$|q3Xz#TK_Lk?z58n

)-`~4#@=uVlo2P<$3 zQ1r&L+6qMJFNc!4sgU9QjsrTkI@Dc_cr&ZYX0K=_d!UJMmoUZkKSC>8mGbfE!3+O< zn>904KRdaVct4=bxq$anuMC3nZ0_9(*33+UyTN-Lvky>H*RPoo%+S(5?&+&uPJY>V zDoL(Wx9*CuZzX@;D8{}{^!g=;p0ymbIgQ+{oEe$!yTdUTA)Z+@BRjk^B`0jU#j!jR zF&Dy}Zzv)n94fAY>E$ng9Akw=3fKNK1J`C0tDSm1`wa-dRT7L`PkW!we6 zajLIHRHQSYY&P8&KXPe4y#(2h%A<@ELTo>~D7D3ZJhT64+RX)x$KOl|im+CaI7FKT zFgW>bM}D6x!$uTW96&K_GMe70!Cg>UXjnF%T!3;@=}`vLeY~@WgO-Id6^g0{!&lA% zWqgPKmfilv`Xn?Nxv%ev z*I&M)TD=bUN5#kH^3sPJzdCD`2*nKkKE+P3wwHtPKKBQzPP%{9bNBJp6XYO z(FnafT66$EKl7ctPSx``!!PLX`+6knmxwK@Z0BI*2=uj!_GHCXbtb-b!In9b^pUH-qzumF0e%5@2UZxG#gcu zan8}7e(z$aWC@}GTRziC45wA=sl|-H$9sDMLZw+|Jbr{?Bp>CZK^Cw@ z6b>rV>zv~kGJ-1}F_wAW=^DN6|Dx?J=h*_ht9we8*_z&JFSu%%QL=*`>6G zmh;PG`t82CFwI_d*L~o8*+2I8p|z}P?uLmT={M&8&yh@p2~Y=dQ8`tg@`2+QR@T13 zQHHRlx#3S2lNo#!|6Qx!#Q0_|G#e^Gz@oMqa(5PxtEv^KPnXwpFi?EA$7iJeys23d z|7c|~jjN>|UJ7XwF?<5gjo*5}1{$)~85SLMe<;Cot-$smfj!WOgSVi=7!Ru!uMqC6+$kG=wOAlW>ttiyqfPTaRhU4Ogu*Fr&fC4L^BjgRv zZO#uOE;~Ddl5%7aU5YxUu^}X+Z7{Gr7JXrM?RUC7B5Se3)=(h}*=lZi?M$$9x;;Mn z(i5J)%+OuMaJwuuN!QaJa;^P_7w7{kTzbc+A0Qb1pHUwW(Bt`$gs6?Z2cB;>P_6m& z*M$zebIHqenoUyr^I?C)v!6U{G5K~}{ zge2+Tp@xrdD;`b>8D@NNho8`3x5zRGygXtxLiH)SWx4U4dK8{eSUhMZbj{x~F)=N= z@1$v>RRxp5k!LTEio_18L&sX(eI?)hGhN)^b<0Y(IOwbOWgxz|T}LEWDqbN=7?u%6 zBc<;pbo26ZDM)SR7O6xOe0&7Tv>W}U6W_0u4aF;*mM<4!p?^~IX${qTuOq%S6t7rm zC{`*i2}CWb@z9r+Z+L~M0bm88W&t_Kwh2UfZ-o{d=p(SQ7?lDz*QCYrYv>S8Fd61o z+wDG~woc4AOUNr@qR;{>;4$27g_zjU<>=W}5#*saaPnY;Hi6K8qd@+*%;ZhvC{!?6 zhlr$WCCPQX0WrF0!}EA>THLt9Z@-fR4t~I$4ZicaLy(R}`RMBvoF-W4E_X-s)8HP( z`$qmz{bEX3&ekYZ5OA&gld25L(`Vw1qDcT40G*Dg>EjL5Qm7O?1FEup+^cfa$*AD#`ol1TysC?6d_xiofHv@$MHI+te&;U|?#0MU7 zLG*w`uO-*RW7(kC?F)C*h3h$5Ap8P3;eyHN*h5@eLR9PWn49~o;q+(fbRN=3f#=Qz zE@m&b9l0hu-bGCvN|r?8d8yK^JQQW(iXIIr7bxYvZE0pjhMqzt<_x3YO zu32Y#&*5*e=`vd$Dtp==f&>#J!Eh(IIkMu2LN-1uO`1`jDzu=lBk50J?Rc`_;D2`_ z_z(IY3h~Hyxf1xi1s_OmNL!lpeph|!FGdahY@1uWmqG*B4P;K&5p2Fl?@BY>I5S&?FX}vVFd+X*nWknE}?gqbKw=XMtlsbQp z0yr6vA4nQVWi!0ckBv1aqbztLv_jgYs(RC4b`v)G$i46;M=vVbbP()z*=@2YQ8e0*Y2fPibN0<~A_8njS@`k~mI z<`@6X`{1G5wPVo6s#>UrB>mQESHj*dhX>=>v5wX9JxTVXa^(qQt%4)bvHVfY8&86b zOLjd2`TuH(xL`jSs~)&eZK5w`lBEmJ{#HMPCy(O3)wyhU&g42v5 z#*y^7EkKB3MJS&9(>l>JZn4C4_q5(LYc(Q5udz%ohKThTkhkzdu~yWPT?n=NzGQ%S zm3xfa{Wk?v_FD3zCz9Mk_#q_rd`tDG0lZQ>__I8Tn2Q2$O(_-4h`y%_uhm3dBWa4^ zJQl*|VGd~J&9fWb^(5n0Z((uvx2|((I+>`0yarJTc>&;Z&Ofz(Mv=i%a8 zs#PI`rf}~CwRMXbvYImL{A2O`y64xbrJdr5#DVf_-*T(tE~lJ+5ucD*EbE|lKHIW+ zq-*-4y5MK`u8xPAkqgJ?y*_Gd4!>zvs0_zzC&WG)!@*1Ks*6cn{j;&b!pVpC#J*2{ zQuxWu{HG=Zv33OQ;5Epi4-uj5*k;P=f=TqT9X{@I1^jb`{8~|QK_Y0#g47|6TI6(I z*{^^m@AECfoMtt-L^=N%I4IezqMt3&EH6*C96h>i z|9fUe`b8v+O3u{TMKLbkSq!t%cld>-rGX!QKwiw_5f!&4uJ#z`f*{5Fc0&~&wVJ8l zk5L_m4ORqts%Ca(3~v@12jCs}f&eQ8(nqCn^4%^uuUN9K;oxyMbq=FJ>YTXa2-u9( z0OGRjE_<&uhNlvOu)Lxcy>I!Ia_?Ew2U@x%Xh@7d#WZ)MQ1S^cr zY^@?plD;T|8|v^%H3}lyDOYTI6{bc}st!Njtkwg5%PT#i2Pw<>DilXvU3vJ8W_!KN zoAclHB6*EpHiC&%U(6slFJ_PppARU28>GpBNLswUd$zTf8RP<`S|ZhbW^bVwN7vEb zPg(MGpyhRH!=$awjA1l`Rs2*CSq;f6>BTs8b?}`*mxRj<@_}qKx9$xQmx@aSr$cMS zmQLRd%#+W(xd$d1z?N(I7Ss5ZCU^xxRA;+^1yd+i2EM+87XD_{uTR+55Md2~k#267 ztXs)}uyX5?odwZL-Hs*3X^jil>Z zO@_z6%_qxVr+zL{EX-?Cgdnk{us@j%AN`5*0%xLrxAZXi(6PTcH zP76;~c!K6+MUhbQ`gL>N`xA1#YB5}x4NI?zr6ge|_U4f;30roc%p#*VN0vl*vUBo8 zqt` z-Vq(w(@Oqn1y_4W_e^G25Btrra-=W{Ac>wR=${xJS%8aj5?j6j8H5ku7Y23)X7J3K zccA&ClsGeJ{<1fc80CH}WnI`>R!h11@onjwueGY9wyFMB3-$wkf)kRWPSUYLX4@`a zx-a*+Df$%Gk1t*g$_%%_w4f#(cRSY?Hdb-2`#-bw@jq^1&E5YNjcQ8* zMzkpdj@lO;#dM0zU9Q>1cVYu*4EVqT;P`O?KHTa4JU~*)4;F3D@s&a=T&5toU-!&v zO5TR&MMvj0LdaHf1bM>y^VHPBq85Ha^+W^aho<3AB#$?Lf3=0l*#53Sm#mr-3P`D)<;L4hD#J9W6DXK^>~;ZRZL}A#vSo$^=h=Sh{3N_(A{0 zB|!F_f2TIuY@2_T^~u5=kkZHCh6Olb0=_N8C3C=Zdo~o;&-L>ioNUM>Skgw9uNPwebXVClpD3PsEZnm@%qb@ni{OTmRW`Q8 z`YPyk#PrqVw^dwBWwI%toB=3$02djr&L+0OlBXiWY2|_?NrD=QO5ILIi8I^{*|Z|hcizCN^ckkf>qJgOsELGo0++@ zMX(W|5m^ez@o~*%O%7L77HgCZOieTX;hx|j7#5s>M^{Xxy!kH&|n<)e?7 zz^z?QjYk0e(`Rs=48)2XOx6Tdl%v*yAcDe<2UsBB7(DxyVJ7*Qv4&%#azLS}gM)An z`<^5oWm=duh)Y=lH=jd=I%Aaz{uCUSi$`#ACcf?q+lLM`|BP(F0yrxC|KyYw3Px&&r%D+Y1)a%MPIR(AYtlfnWJv%aHq#*Wy;wF51b=`L6l~NM!ujq-*@H+ z^Vm6!BHeBSrOjxXNOHi~ihwF5V_) z=YyuqTeu&`WBC_9k;$%HrzN$D@T4n;TUZCi%)e`QwJ8#MADCEi~$ zu*iGMWNw}g6UmWuP~YofCEs&HK7PV08kC_WH0>>B_Q#5mo|jh3GRjza9Y%b1sKg?q_QT-5mWi^a}W76KzHBXm9c8vzx3ZiA(P$;L*4pcmedE?{9Y zxK&CRPytifNM)PtS((f;^#0aPuh|8;{rQRag(``_WmW|pJuE9b zKo?_!9c(UK_FL%#CD#}H;`Y3w*-YmPqEjjASXdy$rdRDDc3t#4+ZxW%Zgc=RmZdVF zc8)SYY$w{Ng2xDc8|9d;uQ}Tm3_{TZ!~Q(iP=B6hzBpVK(tDam(Z;C$u)gKQ$9kdE zvB$5DcS-5ta_}Ynv5$;4N8hNcu@#Xyt9>!%-J~zySCm3xjg*nEsASeh%=a8q4vpm% zfif%!VS!nO?MBKS;v5ck4vcwySoI=+H9a1i$_iz;>ubn@F@CI*3j=R+LTJqP$qd`n8# zum>@|IMm*jTaL0&>t+)1sUq95svV;n14t?;ccE=YXtGZitbQKA)mRzO%}1qJJ-(~q z-HA3OCw(&8wN=-E!Sz%h>O2)$m-irobNT+;%y1VsqSaxX-Lv&;xjZ{N^>@=T;5!2v z{eHJ((AHM<=Fh9D=>5qfaH(_qjW13#p)cANxGYpawXI-A{lT0YC5*JBGbGqR)0D#s zIGo2XX)n>h>;*KMZd>}FF2E(rX+bR;@D(1nD0oe$y99!f`sH3F8JH25A&zzrc5h9n zy|QtnrpG`H=q)bo5kVS76R0cp=m@Puz~780H_SREyVC zRt^NILKi1bkxSCYp&`B)s=Rgk2*xWd=LjZV9^$e(Awxc`cJLOAmQ}cG@vr5-dq@;OV+xwn>A91;uO%tAZ(BX%`+V#7 zAvSu;?bFDNMP6#O81Xe{-zDOd{+_H^-6M%Zna;~c=cbK0<+O{`!m5IVDGvH6h4NL8 zFxU_H4cIY2Yx-XK3Nu*T=i28$um>BBKX6A=8||>Sw%N|D_loD_bc~FymQII{r;od|SHXaK#zlNf8fZ+V+Or zpzKe86CLci={~Q194IqjFBJjie$wYV>E3oo|D-o6Dlb%`v?%HpXS>sm(C@ooa zt?n2n=}4*o=cWw=byk8=bHt=sV6Hn(_M|JxTHJDdp%q!W1QMjkXI(} zXRY$~r2?aM#UD(&Pt!A=JP%p5d4ni>Lz$Ej*SRszsinl7y0nnZhH@PGc0sxELI5n)s3{OV1W%mb9S*xm&RrL5w@(JZ#NM4#bf zJ!I9GF(aI!IQx>dHP~QV^{_yjr;Qe8^h$XLVvDEhQ;ZYpc;j^BhIBx6os)6h)q17> zE~ehG-wp5u-M39wrUO`ph2LgSoKkG)u()amc}AS%*^<}plhzt2x}=&U!bf+(X9{Og z_+lQj)WtZn_Q$rwLj}B~`|^AwMaY_@qQTk@=3ED~4`=1`n26b&Esab5upK!x0owAg z>~9$;)01u%%k!j5?ItpVQMm^)OByk|FkSS>CFsk~x$ZkNzuV=23i=smr^vEkP3NAB zmg-p2+r)_t77L}fXU(I+>+liG9L(_aG~uYbjvpu2ESZ^p>3u(wFnb{I;%de8s`247 ziam)J6sIZ?TK|>5nuZf$AI7@+>K6YL4;?=S+8N$JsY|Ja-x-pSmcV&IN+jfr!s^Y3v}8e^3k9Gw)&uRgBBSv{~}$TCH2 zpyDpv4BV&B9>+_xd-XK>2v7R{M^M``FSFyrYoa!lJ5zji6me9o zC`sbQYdg!p@(PX(b@*2Iz4RuZj>;5InmIvDsMpl5X#S_ zRue+fYC?sjkW{=D^JAK7A+SpU`h%g=*$mi@|TDfjd`9(--QPruL zlI4kAi$%Z*6yVO{K9ZJhduYjxcqfEj=6ka^8B+3aTm;DnpaqVGew=)ep|l-T%nj^= zW+}?&TK0fKI9!qYH5s@-*%`_syjc@q)E@BRs<=+Er-q(P$4|1|mA?3${}&!#X`!%;mGZOb zN)~j5JNm#j=`IXc@O@{=NnGF}0nmd_^2Mb)`TaT(ux8BDtnW=LE?c)OQbR+-b2iC$ zHA$i)I##DY1|n^)Hh3w^#dLq1o1zHushlm2cO-^Ai~bxIYlmK(19qRItof6zyX40} zlwd6kWFj(KQs1Yi61gX;zj{z97z39g>z&dZmt>(Tr_F=Z-)$X(Dc-XY1!0M*xGp_xrGo z3f<}vBf%aj_i-D)=s_!Cd)1h~ zL5Z$(=6rzm;Lyb z{9j0|e*1Ws+8QA%uK4sdcZYw1Ft?IJCpq6w`auDOo}yrkzo&p@kRS`}k`X7x;)$H6 z*EAkq^9e{8mqGX$e#Fpwsy%juC!E2Xk2haA0joq(26{|7 z)6vK49}&!}P^|@WkQ42xdRKeOW!*8{J_ZWx*#yX_2_M8YB`7Kmit9QKf&LVi#cK_u zb@+C~x+n0-egO4l;&4aVVz(KY^h0oR*ZbAkFr&1_?}fhnbkAdtl0mk+#qP!;37cj4 zL!C<>2~wXHXt-`Gpi5xZ*ni2qlWuh+7~us6J6BbryC&CC5ey_#G+P=FW@ ztl8lXxz<0nVX>0#TpTC^z51MGzKMkXWpl#941Eznw|S+vOIE`Jc_4`4=lcg34LU;b zm_VkZ9Tz`h$TdkvV|%?=KLLo3QL-m}vMS)W*k*2dm*<|tp@rGxmVq0wbkFbyfu3aw zcdqm&a#f$KnNqCT1df?93kCU_lcCP9vu<7vFBHU#T*!kdIWO`}3%EH##H6eoqh46P?qOJMIjjzh1R^WARHy zzB#^?i#Xd>Opko;b_>?$Cjc13x9t&z)G?wG^F!BuZw(YdaLXCyzRWbuK?lj#<6AiXbP*LPrs+;FWsB1iqEmpYO-?&8u99o<%-m@Tw~;1B&;aD`&01+3K3m53RIMBP%uaku+A{H* zkarpDy!SLRwSh>Y=r(j#GJVoFQ{l;O&D*wM<+0Hk&-a}oO803uA}K{v$1x#5F)D`J zpyaRy{WcIy2TlgXIaMjwzk~0(|4ab?8-HF*3Cgp_Fe=6NCtAFSa^M9~2 z6r0$8Vq?6~2)=s^8=4{~u7(jlv8<5Qx6aaCUGOskb;*#@hnG3z?T)>y!erKmlOZsR z3|?3)9k-;9H6EOtlu&wz(5_P7YZ*L(s7spZ$bAKUty|z0jt@yy#*HigYgZI@-v-*| z!ryzQR!Q&#ylHU)IbToUlC4!&7m2Rcrm4ZUhYs07Sf?mxv8P8Y+ z$k4wmhvtA%Bo5!VmYK|;Y_r*DzF-r)4fyl5-s+J60e{7?dzjk`qOc>Cvr1RnywaF~>lk#Z~zuJ*64yP4oDTUVCy`)_Vn zwcwECTlCa`J`qjknzjTs=mmdJ9D zvqG*aI!&fYOFR>s>F98o4YK8i&(MANC20cKJ`vYOdN1v57}Y}#NtA$(Q(K~c*P=j0 z;$e^%Q3KcMQ;T9u@^}A-qw3h3PEaKBug;;c%2^i_GafJG?V#HTr6+_ay#UmFSN|AD zj42XE+gX1>AiHGhEmq5{4sgO<+;0^Q$KkF^Vt)cua^uRFKE2hwSOSM9SAZcQwRboUg&%dl$x8zop)^LadhrE4pegrTR}rAJq`7E zf;DduQQfmfd%_UPc91iIp;@x?IY&wt!jZH^=jke2d7xPso0v4&PJ~)J+IFAK*k=|T z9FD3*O9T%ivM?#eE3^LMGQ7lLlDADk?$Xh8RBR-niu}E&5X6sW&n||2Bt!z)Oxc8z z>?y=DVWN(ujS@(nO|zUkmvY2!iNvCW$RUF(rjcop|ph@A0K^ByFR<=?((;@lA(O0 zxZ{=}g@QPl=5pU;CF7hux@R8CnXxn`XtI&uT1*s-^PLYyXSmxQ9j}ETG}e!ZNRV0vu7RoZcRHqE`{MV)wpznoYe=UOEvFpsnDQfNXe5@Y za9%xo+|}e+Sl@&Tx|fStD23ZD`n+)+}dI5>NaDSnY-1-{nAj3=t=u&qX-KEg|>*^Gt3udStW z5M=SWGQu5xFq|*8TwR}i-M2UMM&!b|k4@-Xf6uMevJE2l0_QQ>j5B>*@%+dK?m2`% zW2(GNsf*DEC|Xl(b^28eeTc-uQ3%>|hnHK13$UXqBpFRE!0aI!CNg%qDOxgm-TUR} zY;pkik|08mv7h`jfc<8SS!Q25vr=l~{EJ|V0)-L?-KQ_lV!bI zaKGTmfJsEr%yS^dyl^ndzRn(|2Dg)(P$G(SD(jP*E-W=nU^wbC@xX}6B(yc9->}vYn3c{qR41%#naute!JQL}6r& zf3{f*38?7ctfEiXNeaq~`!Mzl)mTHI3B&0>bL3iSrO zIVM%ed8x$L*S2#*FSP)Lr$b;-5)_k0@D{~|EF*R{O6_HtJI{6?AnZ6R{Xsg zI}zxD2#s{}sR|+i(H_tY4FC$v5K#Z_`_gobS~mWm&Pa!kPY1^QZk^&Vc0A&MuN2P5 zi63}zNC^VNk~flavMco>X;i(a<^dU|`?UgR^MlFs?%KiDgRg4FM(2sBQ*P%AsLITD z2$GHIZ3%1gSV7sWUBY>1{iMF?KKF;5!+_4oxHFPgO(f{E=&(CRKKw(OMkQ?De!hwt z)bUr2NE$z(!2~Ly;n6~AUao#;Btrc#ZPSb#SqahEnPDy9FTsrCa&)Q<4iE^= zmrvKlU2|f%JDrOWBS~p(`B}Q*WW{lYM>HaqW?Ri|C|wqMNO)z-M`FEbz`wH(KAF9E zk(H@czYLDP629qe91V7eqDa} zz)e2|2?V8lGv3kEY9~T9PxG04up-V>EEaf}aCrrZZu@$$0WI?F_s%;L+1TaLUN=`D zBYP@&;c5j}#cni+GEA6HwgAzlRwYqY&&X^#`Jjzh+Fe`pDeiupM@Q>=ZP0n*PHyfP zWpZaQPq=?yX$EzDevUWBGG@4fJlLcS&-fl!7n8F5_c_WA9sH9S1$sQ=mNACXhVkqF z;bZ~+Z>Ws?dXpAhs06#byj-AO2|8-nKmlB|B!JCSIX86IrT70dRGXVZ;C}{*5_%C) zp5UHVHN{&VaQ8OIpV2*D*kxBf1R?Glry)nYhL2D5Q2@Ux`Z)lee3v2mV5FxGCF z1;b&H_{-(#Yxke3GxZA+#EcO0l9B6Z`TxU`&9|gK_EYSQiFx}uF`|0nM)r5;R+&pN zkhZ;+m;%uX+5*yz+CGZj7o`27`6nKI?K7yKzlnp>9o*Ylq89{O;Xf(AfT+g9vRz(Q zoc(ro23J+^t)*#iW%PKWt1rezf|clmI*S0nxeavwi8J(C7f)60{rv91Df^rcxQ3=B z;PqKJb=9C!gVdwzQ$kS%)dSXK{iOF!@z`l$Z*5yK6V#*`aSopCS z5wdXqdarQSNS2Srb#>B-3C7hjq{srW8=)`xyhRn-YE@{IVs{%pm74Bp;A|Pn5c_k6 zm5LbIu_+X_s@#j)NgYf#92s{%86Oci1yCt4>I#zY=r2 z(vOLNj|GAMPpE?PJ84mxW?o(iP)ja=kevF)1fDu>WsJkd{uMoGllY(DqnjmXgl#f% zTUa+|50iG(Ih(FczsFz_z|JJKyb(o0>o-;@_ts;J-?|ES#5{Ac?OmheA8XA`)&+oaqEJZE4C7PANAhw zW1_eP{>!IS26Tv2C2tNS4scb$N%5n8I`ROl`aJMXA1wjQGDI)Yu>0x@J#palUXMk*!cDg%4~cD@s_mLaGS@zr2j*u zj~oL;PnEF3Vi6~;=%ADLgW8&#zFr`nWdbl$?bdAyA-w%~Txq@PxG5roM;Ot1`{m!A znWw(?4s&*$1Zp5yC&$RI_pi=n8J&!v?>>f?sZFD`RN1{u&wxs0fPk10E1K*0iG zru`$`(P!3ZB+t}$f@F!?29G^JtDAI?T0MReX&=h?%MT%JO1Dh#zm44{cYpu((f|UN zv#Anj{AI~<_(Z>7KX?@vo0~eX;no0Uw}xN{5-=8!4QS>(&T{slrF<2x zykxQbF#nQZMZ1NhkmT;Mj00Nh=^6Ip`F zO0q(h6ZT7{ZX_yl`Gn6GxfTK}7zVsixj%XS+(XZC9}#59k@1!yKUnN5_vX*A<@VNa zvW3+4*RXj?0#8PV@**3`k`VgW{9e$x?tQ7R_Mguxy(&LQ2qdZcClsve_;MT}0ahB1 z*L~#UzI5q!N8d{>w+8z*Kh4a5sYD=ErfypNz@7N=bSgk$ML$qtc^X(cD21eHy6tws z3V96-GHY37$0&}{fhDpmb9X!tKUY71WqEVDg7N|XC5e;1(M~K5uKQO36-dDX`aN*+ z;RToB;o(R9wB~Mbl8wKu1}3;WS`lUgm4xJ%nj|n+jHQ1vN}8WqUbsP*WFUA@=*+U4 z*$$9I_>hDXS#k8c#>`4MA1ZV{VgIY>$0>a}N)MkQ=Z*r6i}%c~_;Rw%0cf=inN&O? z!4TodZ*4NsP{@sf%o_?rfVWr*>nPFa#{ieRqO4BF>xCk$FDF|ml_0)Xx)zY%N)P8e z5fshUc1I@pwZatvG;y9@-azlg|6J*cbCN`b$3G=TONgcIV~u03f#!*k6-w8(V?o>p zl*_iI-j*Zz^|=`(VvB_L-YNb+C^AIl=a6U;MjzI*Q>=+U`ZHkK7U*!l9O+Yaye?uZ zah2-8^4Jpf;r#W1BC}SRa)YEs6<)f;Xxs4K>c^?ZOTyszl_tUR2cyEI`}OvVjfDGX zsUCyI{cp5*GxmItVPqdR-33+Qrna;Z;*B`+9m~{_on)?KstuNkLPW@(7kr`}I2J$*BW38C?I0>i#fz}s`I6T? zqpzFP{%$K~?1ufu&V%O0?9r`{Y>nPGQc69b=ZAbJFC)$d#^(YwA<+MfB?{nqB9X&7KL!4;tq&o&a#yJ15Rx`{+!`#mapmO!K;WyXh=;}O15iu+~k>98k~ zpUX>BZ&NNvO2BN^@vZP@H+x40fwX=Dw~F=#l;r|kqF^Xwu>#(&0WD`$+5ip`jxRFb zcZ;7et4EO;52Q&%R27; zOl($zICm(*V6i9y#5jbA_iG-~GHeky?Z{Pa{12jyMI#3IXnlz(26t!sm^O58vDJi>u!B#_qA| znQwUYo3Gv%ex~}2{P8SgQKxrGu_d#N6&_SN!`O+~G~GQo{L#HcmX$wQd%@ zaSAa*$f4pSQx`;F#QTlnSuvUnyP7zXYFt46bc2rvor~|sZ>HS5CTgp>S{&%883u*N zhAmGF6*@I5vIjyIZi>fWLQ24tskkNwfkSU}xU9D<02gA=feThoEXR=mIM;s00+`Sk zT~QNkAK~KvJYlN%@cWUrFNCPrZ!o)_Yp_LmVH%MpMDfNeY}I?uCbdA*6!V4pvK0hN zy$~BtsAaX*KQF)CGVWuREPsPOzJG?F_8I9UMn3M}Vx+yf8T&kictiN-Nd+eI!dX4T zll1kY#riUDTjw2ehQ6yD>{O{1vMR8q9o2z4a{Syj-0&w-~ zHrcr^vhbrhnve4*Z70a8qd$U51v&da78A0XNH< zpQo5`(&w@5{dF6h#VjkO`|k7 zmWl0I{?5y7&zZwxVO%QhgaqJ;oyU`L$_t+z)0(#>K`W(ONFsOs??Z>p1HL5tV(I8E zJkh!FPY|&`$DX6;FG;8=DwhWia^_5?huW@pFVe#GlpREBX&uY*3RqpX^z^dDs}PKgoa`cO=7y(<_beo% z-4o}0>gIimLL`_`9&dT)M%fo_o#U$AmK63gY@_mQ!ON`{FT^$9ReXBVv%+qhsAQB2 zkp(xN6rtlwrSe#QmTtGbmln}B(`?~zZHhul}z zYS#16qY_cze(eg5ys_j=BibZp13wp{d3WdNuJ#bY$RgGNEUtvQ0WFNE!D3eXPon8K zA{66fj5zex>_Q)xA%#g?t|6f!%RtHsuA6Y%V4=k9*HS{jgVY({{p%0wR_sEFF8v#~ z4e~YnbmbyrnPGU-lce#r0rUcv)?=i;4_VW2+^7z1wKA1yPgqQ-?$FQ0)a=jad zPCg`-k>_uTa=c0V&L+N9ue{P#htgYcpc^h(>zfB3@TsTt;C%@lf&*3yy`*|e4J0_C z2JQFtxMP5bFuf64l}mUXfZDjbrk5C@`?lSQ zto<@zm{$f;BRSuz5iAx1Tu)24-g>A!UZ2aAV(#K#XTGvw z9N3gnH4;hTyx`YY@`7_kBze*hYKsH`Te=D1ZxyzY);3u{N#J_e0Xj({4S;dWfG)4- z(vD%!E0rS-XnG7&eYa7x8Z&(VBLhr+gpU&%M006Dj<*(Hf90z(wZx|fc78erDhb%j z5ooGh$p*^Hl3$RrH&AjIc{yyqNDq?}EEqYoH7!GP+polO-RqlWDlrF!V0-6a*sIrl z2fWS=(HoVzICo|(kjRAC_cUMrVQf4mHJ?ukvS!Jl+IPJw^iOeBGJLGjzM-bQEpJjriiEowqmown zVr*jnSu``BQfF)((>ln2;sG7IjD+*oW*yvf3KhF5&KUE6tVYR&=p;yT+>}EIHCsM4 zkI`i6zL8yN#fG!h(T5S+9o@^?$7q1iEP4=EWRF(JgtY|6e9h>e=9a2gE(WtCkX|HSfpzxg( z&*;`}BX z<1)|ixkJX1xR$`LaaHuTdas+3B+fOXh{Y(%`pLqD;soOMB7CREGl)7U<#(lV!Ka+b zeGr46<0aL++e=-O^^pCK?<|}h7>y%!Q&rU2t4^tI;pWN?OD0$5!%y6XJY7}P@^V}W z*jjbQcr)~yc#&`EweCvS(&-9{zbqGZB0~R$#NKt z+f|mA?Z74Xe*NVFe85eUe_r9LMNQ|rAC@Vl3DsmiqJO_ljK^1kTU5;bk5W=*$t?Hx zW|?CH`Y7FQU^?Cjo_HBJ=eHQhu)YPn^gYTV&T&KT5~3!?!*R}26@WuX zn-&D4BEtSdz~@&jCwrrV1FGssl(^_D8qxtf%$tyDuS5sChuE8MBq4rPw9+V#hLvjX zn-XFi`>SJ7ec3LqzdAa_w zhUu3>&(^60GTQ%IK=I5`R-mZ;Zo}p&n1MMU2Mx#{X6tW|dRc)@ImH4ZjS_Lexd_$q z*g&HP|3fBj7MTyQD`z;5y)wO&wvek|L3B>Dm6^{8*s-%+Uizu8V|zA|Cgs-YD0+Ao zDcS_erww9FTf0y3?y!K14j3s(!~)5fYRm{JcM%qSet(;-Yjm2w#YO2;0Y^#@Y@X(=Pz!l9Gyr_pD{Jyw;k!SlPJ(_(NVLTn z3?6BxzgycvT_LatrjMV`^yIWP_Okzov~PFgC$#%6Cdj7cn`Pw~4hj(XC_tvRU5xSG z>my%Q*f1ayya>qC|0bfr(z9S`@|FfVq)iSatg`wJ_%wCu291hL{&e6lAX=9nMSg=S z;I9gqoB4z^jq|Q7dbj{!7I+~7m5`gABlQXc*T%O4siCh%ijTn+;YRsT&Gat~} ztX%0M#Aagi3;KPUSbBmuT}Sb{*rv5!^mVGGzj6HUIHovzV^r3*(qNp`*Ey zt}Cc;8izb7ypZayH8a4i8}0p{yIMt~UT!$lA-I~E-OL8=IIp{&16;fK z%;qg-@u5k$A{_I@k}TF{wZ(IL3->G(y-RWWmpR3I!e5k^jBuLBEp3iBpQ`#O-}uZg z8D5>GKfW^3x%nJ44{)k=W8Qk42#DW`g6D1i-V~Wl81w&bsl;E~Bw%y-6^>6tb)hw~}KHL_!Mash0J@`*#GG?PkHBD!s=uTarKdwkfX|9i-}2h{+Pv z9@~*_*ELJXzNtFE&{vvzEXXo3ZyOQb$W@yX6=U%Iz4Aols7@WEg{7b002 zAz=k%lu#<`H^c3H z60@EvC=Z#8sR*4QCV9A>sxre#Td>Fi?A?TqpvnplSUS$RA2Za=)zOiyQ46dD9wo>F zty-hAg()>oJJt8M%ZmdmUz&C8Zhj$#l$#%zm)`Tl+f!8-4z*UyBA?4EbUL$FEHe7i z5zjS^!0W%nl|)WknV?b7i(kC?YOOqk>4(*@=QcC3AmNY~i7s=6L=t4VdcUc{a4^xV z_0pM*;aQJ+3Q)tvUVO@Szxh}e!K7<&o*s%inc9n8QuWjnyQeVJLvJi$ObaMhJo}k< z3!YU!P#&SQLJ&-vJ>7q`qZowsefrm-f(?ye+9c7gAhjq)E@ZA zU2Ic@oOOeIlsli%V2YsbEc%k`$M!pBD%&`G;eDR`pgCR%pw<~Z+q3-1yHluzRtdz` zUN*~;93*uLw?6bB2$I~@FC)|T-HmNQP@xyE2rTs_U=4BZC&}&K1;~a>A{;%!yh0!S zsnL*W^baSVK>{y1elV_FwqCiljk45yhgYBPWosJ;5-vdnLH1RAW zBSz6kmG(bn?7>Tkn7v?KmG_xLuxY3qPfYklp|VV+0_rtWOnYwtYC{cgMQwOQw8r=Y zehgFlil;2Y#^{oVk_AYoJHwADP<#P$MzO_h2sOE^G^zzJqQPfGd&DS9zv{r3JWBFQ1lh*N-KZyut^RWH z)LG^;I7%Gly~lY{h;f4AgTZ*#6(aImYNoR|Oq#nP7OCHZg1Vj3t)IYlkkA1mM5K>p<>jDIuUwVGYUgT^^CTc810nyo(Ge$nk?G1l=htq38tJs0~)c z3K_N98&eB7pJ!&Jn_V}OLLkFAH@lo~7PKzXuDQ{RUV59k7PJNu4F+vW_4t^C4(dFe zkcOPlQ?+dM$=_V5RniL$u;97qHBu?P9-IY6Fn?l;qZ=93;TH(I5 zxWH<|mS=SCjRxC^(uznAfmJh0p&(lBHHWjTY0ZV(k<%{We{|4HTVT6j(>A!m;SLxp zgupC`ehs|cr5l4^b{cGyycv~Mbuc;~#_jIq;ai_dX3#QEJjE{N`Urb#?Ip@C1t*A) z;6CS9VI%`+pP<{_xL9@Z5|~-MPFlnL3)??p6_pZj` zoor5eZNq@^s7dX*ug$KBC`rb%rsLigc1n}qod$VrzFtm5HO160#isCx4)2&cDf@FW z$2F-1$^Z4tX=zKTHk8;3WN2rSihlbV zcV*mGEmi^HIrZRJ=M18$MYL>WO8ZtdXK_Lm{Pxjo*nD=2)?~pw1Gh%@o`@R)HO!$4 zyLcV*2|>!}C<6GGU}!`wkMFSE&tVa$nz%OS@l&(S!ryRxPO}los==B-1FZZjl-=U3 zH^Ib*<2sUp!^TYHT1~Y{14PYmrleUZeOKAx2)!Fy7Le1g5z1oZ$LHv6hxwPZlo-}- zON+J)vj1jz+1jB#yAWwXl!QRwl+#ZM6=t*SLi9-0y`lZHVBY*i7ueIaym03KVC>q| zM~$5e>4yk1svq9jdv9ZWV_J-cx(e|5f-9kY(7JwFeo)|UfmF)9sJL9K(PNzs9i)^_ zCoqX}nC5MlT*jWFC@)F8V6O3mA0 zX84}{g-oiSU>*CcEB=Y-i`Qfr?NDeU_GV+g5fzTp;&?$p(TGvaBrsGrN(^M2Fm_|P z8Wpll-yyj9Fm&)DMS)+D>r$LUQ&EVa^F8MylsnR zsWzdn`H!?|Ew9NCn8nlF}yazCEO73hJwdQSoF*)^32U^XxC-DQdaqrw^@;TQsmF0oq zk66z))D8eTj@j2%(T$ed4lEB{>v+8B8pT<|Y>=*;+uj9t3mL}s6K~iv6B9W3!&n(B zKQU0c5!1!YiQDA_wW0-=^p(!=f#xLNxc(~dwE+FUTV;}L477#DlPS?iei;_#G14>D Jt=D#l_!~jQHq!tA literal 0 HcmV?d00001 diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/alert-device-details.png b/windows/security/threat-protection/microsoft-defender-atp/images/alert-device-details.png new file mode 100644 index 0000000000000000000000000000000000000000..6791b18a417e5b63fd0a297d91d00e60a990ff66 GIT binary patch literal 35743 zcmeGDbx>SE7dD6!0RjX~Z~_5>yN3ix&|pCacX!trBm|dXaCc{LcL*Nb-Ga;D?z6-D z?pCeTZtYLLs{Lc9YUWHH3Yd2%`5=N&FC?zmj9z69dNCeB;a=YL>z{NHL8p;kAX7OK{UmV)p`FFoI# zx5@vRF9xQ={*8t5jhp^ykJ7g`LS0F)kzX>9rKX~y8i;tw%7H=3jtNhOHlaP@s(yT- ztZNZMYgg8th14}a-$3kMdYPi`A_h5uaYh`&vAv}}yXtgNAViFcc}+HSRI2a+GOe&2 zGdzA?ihN_}ZlkR!NT!@Ky3ha6+~V^!+lN0a3^>>RQN_~(w~lo`AoM%%J>tiTya`9V zrq?`&0cF>^z0i!hjVf|C&%w7XGiOpc1Lu43uQ=@L`Azz|8Qo29fYbHlIV7szYlUR& zwOQgSfGwaW%UW3W@d3PHmS#|;_zSrZ6I*$DPsIGIQ|-hd>O~+ahwqjsVtiD61K&2_ z+4N-D-j5D%qeEExz>*O1Nr$}v$cfxV0+Egp#mcb|*?7UP(B-zihwszV+S8|_$g3NR z^(0vpn)?aMZaKF%JvXYu!bN+_!AWzt%In6jytshe#mE}J@ z>oc1ZXXqe;`YxvNM??7M+Q^nr|r-7WNFoKXA+Siln_d4H$wH7W?1m%@gdn9aHAjxH42lwAEypRe5wjBP^*iBA}i#?ORG#& zy1)1ft`<8KuXa!N#-u<&mLFA#&-<}gBkb<@RwyQ3*(}s{Phv`blz_;~wN<>hnH{85 z|GKF$lr%$D^U{wHo3)&J+WJMczE#7=zjEef4#=&VHS} z4=b#8K+@5x)Ud&eJx~gE!NYN^#ZfqCoDo|6!=ds> zeL+ByviGNd2{zEhs#on4!p6K8qxk-rGJQC$`al2BnD(g+|7mFu{R|@bt92msetIM1 zSuIt+{4_2a$Zy)yp`=2n?eC8QeM%q5k9phVSX!5__Lf#lLkY7;WMHU}jnKrlFg;@DELiR}M|O>Y|73 z0l7aGT%|N+wfOt9-n6h1vhSbYzDqlhTfq7J7kv)V5aJR{_PZk-arsO6|Hr0d!~5l9 z<+OTu&V8!gG7Ni92w`a1B|$X*^$by#A;bu!<1Q01b389;$2TZkhznJaKKuVOo6SFY zBL;lQ_?`JIbI4)xF9}@OAnTS-oNTfkbxuI;=b>;C4W$}Rde$Vjp@u;D*3MUMEDQMW zdYgm0T{gz{UvQ~JtmH}}{N%U`p*s6Lj0$g^z+ii9#eB&t3YWaBIjo?Yl- z(7BDXaGLhzx!X$QoE*YRgen+g1dxM1iiI8`I^GSGp-HsqHn(We;YY|(-33K%9AK;xAYLSV|Y8R||>9En=XFqM-j zM@>AxUW96*j{>G0Noi0XY3Y@cjrZf{8n4_264r<_n_hzr4kM|5a}wdOl6pXkz(QLy zZo$Q;!J@P<4Or&Dj95Yx2JZd2rkGGxA7Vzw!CPlmeoRWkRMofpRDApMc-h)Ezr9BN{z;T! z*XfLL>Dt>6X-r;wLb+z#J`PMz^l?{P?S+2H+@2@0ASK)jy(&*VgWTBDWRDr z3%(Jg*dkV8?WPUL_{UpDES$kD3Aei?@})w0PmZwOOUh5XiabiBhd!3#s#nZen-A8oGUjVao8Kcwbj{jdQfcQQu&qv7BSB zR-|2@E+?i_^Muq2(0vi`?0R-h`|U}qm5a@&MAR%)_k?kD$XWF-c32njbQVZk{|uB@ zobp}Xt5dac_R%9NR{XMEOXqvd^R+cd7n1B}5fiK_>Lwb1*MOIu`7$KFuucO@v0XRv zB*crN*xg7fT>N+Q00$9E&|8TV5=wU0oppx4=a`g`DNZ^gQr-t^06wk$T9ERRd>+ay zad-geCkaf=0xKwo8rQQq-8_Nl_lj`hdD;Ud9wV8>_>UjTS|A>$R{DeH>^e6S3KjRM zjkuo0sg1AD$f@zf_>#e0l>zlRWb8?*JDq z`n|J{4?2P`!iJE}6!0%NCF!}wp@s9TR!{k2x$us`7rWC%WZ|FHn=pZHToTDmml7#e zrZ*TC<2`jY@`OGySB6b2s^s`Y7|=(O*r{Hdal0>DpKL`hq^k+d{r^I!#?L6Zf}!-5 zuWMP`I=8H%h!hr6%fH#wLRi9eyV74-NSPW0lP#c7;yu}7e@{8m85$QU?G*?LnXBet za2&SQ7`sZ2{XRPle0eq3$?zv+PbKUs70=ED|` zFsLAp#WY7_?E$Ur-@d<}ZFME|ApuuJ_U=Besm;X@g*&=*;>=het$-S%(z~|H!|ISU zFt!HwSEe=xa|}~xAn1T5zF~BCa@e7z4#E?~+T;o*J|b(6wXQ(J!PC>g{^kyzArFz{ zmY`a+ph^SpPfb&AI3yWEU{qsgrRJ+NW@;D5vTo?(6p}>pF4Aaos30sOw+qdZ#~VRs zi^LkcHk&_3%qKJ@Is_Vk(v@YA8ip*h=N(7#2Z&v(1!sIhR~CaIWy;lR@#amqZo;oH z#unlc8pFl)H$x9n*jkRLIi|3V#7c(@$;I;S8?jYA`ASdZY~{O^(6>?w_XVK1u$>DD zy!K9z9SvZ-Deld8fSbjtTJWy0W*Wu^nyq%~64JB>b-MpKH$#xGTUafG z@-!cTXP-TLEM*bW^r0~);-g6<9>rZ5>WB{U%A5(Bc3d`PCd9o`$qaeJ^%PV&q znqxUQ{-fsig1qvW%bD7o(-1mWL8Sdj#XOrdYKl!y>`QTL8dZlJTwR43i+k^KSw$qu zqxc&=gMUU%f~u#ziMLux4N^+)Y$Rv_4z#S0Z|*=PYVLmE+w>Dkv zrPrH6=R(F6Qh`$p{o@VZC*HOVi@OhzAUa?oHG$&z*V-CA_()^(P;r>#UaI65MA}m5 z8x%}I`R%F(TG>rJb2j_L5f%_Zpbs#8(=-I>2~Qv`5^`!7w_+OWUA8@VB}P~B2bHZ} zOwP^k24~8%jc`S)hP3s3)zsB91HtwD0Wf2E*`IV4#bA}4=2VxaY5rJLQd2Q`gL_WI45ALKMaTa` z$dAB9d9A0y2yNl&5dMDzi2i?hm|r{e=z4EyzWTG*{_8T`R%qYSg5&m3$OAGurCpmR z@GU|d#qA%p-Qih7F{v2*bkC9|u}tgtD#VkGqCE?XZEf_wL2+w|`mT&XZmJyly{zzi zlb^-1I?qsQ{4(B4dgy9MB8stF$A5q`1!*IY%s*5eZg zL;GENCsKps>P}0ktj6i`SBZf5nHCn!5mhJP*8rZVE0e>niHsT+H?*YKcuZXsW)EdB z-%f3vnY00aPpbSC-z_(y<7`rft`6DX!@Ye3hNo0}rrEuL42(pNABI7%QtGs9TD&`Y zY2*~E$rL_XSERd9nqCS8k4{cul_2d)e6lH?ePSE>qgqBy0I@~q_K^Wogf|5YH_G7+ zH0djsCLJBNf%ya%GFU#epz(k$?6T(ZT7UlMoy=Vw2Y~ZFU0#u+T#e0FV3tS9D_l$hba@* z&XTQmK9a-Rz9lh;0E_K#cq(WWAYty~MmSt@S9YU}H6i%`s>G;r|Sp2pH6Z~(>sx%cAJxbP$m#G@9 z?hhZavR_N@Lwoh=n7Kd#@7ZVe%1{K`@KX$jSCoUWU*<^{^82emNCb=M^Xoq2Q_MkG zeKa`m3juQFLC;`-7}5FD%J&7JR1T>4%j8UEyEbO5devJRaxNxx#m{7;e0qVimo21g z&D}$VmJgX>jcwR~*ka2FHk>Q6WMa$*lUuo8t=+OVgQ?rMW4`mOhb*xbGX+hvrv&ZN zeuy`a(FMtjKMEbfZ8DCio0akgcmD$shN94H{)0;Bx!4mCHiXOn+V6P>jS|fz8A4cc z(f!{}ClQ3v&Wb`in08vTmm0Af7R)Q^^>3Mzq zkV(2rB!mp;2qYujY_(`_V4g^mFX} zwfCP`&9@r0L-9D^0c1q2QrNnLq#R#&S2}jOW_flu1dIuN+tntRHjXR9#<@<_PIdoQ8qkj9RZb1HtZcd*go^iF{AiZT zQCvz)_q9?g6|FNMH+o5M`BrjP!?z8A(rwd`WQM3JJGOog?(%+gG-s*N%(M%mSWUHRS>FX|;Eof}6i z6`u8?H1J|c#4Q2eE7EdG4-R1c(aHPuH3jpJ%^p3^E6wb!^A2@xH)H`JsR*xtTcgmN z*+G`eVA;rKbQC*hgDz6QRI^|3-+9g~aFSYWrdn;x@qTn{@s{VrG@hxM&7hh~_)bGE z%V>!9Vt)Zmx#dL@!4?oOd*!*|Qqc=Kl3ai?dL0Lm zHD6opa*XWU)B2T6R1p|7hz2?ZP`Z7Q8P=>N4`yU4&{s?)&-zpr(K!^@I(CL8*m+2G z#Y`033wf{Br$n}ug4M0oz9%)%10U-9c3oSX{|Njpk9+r^v9pwuJh^$BUbziNU!<)U zzg>sIeN_|j+;9mu@-s^-u}#L@$JElZqJ!z*A;PDkf78X7IMYS>(uPx^z=Fus5g2*JMMr$wRT&Yb5YCZJXONzO& zP1*EY+FY^3DCzHyXA@d5;)d&PAOM{NdnWB`oHb8MJJ5C?lV83m3@`n&xk*az*d zmTkhiADU_tLIn~cA}p7KZIIS*qe2b&)`+m2Y0!7&pD+7qJ|M!9IVU2kp!hB|Wl7ROlfP3A>grT4nPynJ|51gFH7gU5$iD=# zt^TT|p5|RS{G9|-=a&{sV)~#eoQbr3zwfEX(RKi*_X5D5rPNb0NdrPd>GK^9J|)i|=w ze$kJ52l+s|&7{6+@Vp2bMWBAo9z{s-sgelIcgxVeTH?lW*V1@%KVND>gEeeNl{=F8 z#P{nZmO#*)JhTd1b=HwYvsTdV$yfg~5jY?N_Q!ba-Wr}mMU#?^YoM1<31Nq11)?uz zq#Pqh-E@gClMtJdLE5k7nmiKXH70Z{34W_CH|a0B*Xl*vArc`21FYs3VlSMk7I`mG zS3TcTd_|7J6jk`xfZlXL5zLsf(xoO`w4qBFzz_n);rC`I5quwx<5F@ACd*71{uS8D zULnr!FEE9t^QG8LR-3%Wqngk%9_xGJ!ZGhY$wG{~^r);@EdRvZjoxD(q;7W$;1w;l zY%laRTs17OP%q%~F&;FlRsps{Plm-F+ds^;X6E8#oil6Z%sA)O_6E(-kHfYGH+UwG zW?a?6_ipg(niB&{Wqedwd}u=DwxfoI?^z*$?yW&xnJWJ=sYZ0S|MEWbjL0pjb*Yu( z&i6AKOUmvK=4T(}2a283N&G6;qUy|x%SsuJPByfDXcQktYg4n>^jV{06`?<*>c5^y z7S*2190_xHG~Q$w^FveL1gt0InEHdhK7FF?re&gu!&Bm7Ul2*wRK74Q{`58OTJFod z%wS7i{Zz@Hci=G^2ij~t-R|D4|6yG7IOLJD84 z3@!uZAt;0iclDU*e49o=)oP1GMVgnGl>BPu<7w>kceX)?ZLhYI^83xX*E7PuMnhibyGqAytFJ;b8#11UW7kYUpFX-gcFLqG`pzBH@nwGSq z!c9LvTsZ}-vYNg5>@lN?=^+lMrE2P*Sm`YhBb8P3$-B2Lufol-`OaMAOckPt9u;VB z`no*Xo8(BwWn|1eT=#?TU!bZ~YK^dr1%(|4B+$U#o{CBr{O6(J^{4J(Niq1fy}JC! z-4u_Sl6dr~ABXzmI1bFE^ap;yJ;@w5N$pY|v8N9-_#0!$gOY-IUCQ`&Pe4RR&L159t$Xy!^>Y;jV;IR?kM%3} zlYH@#L9jX@!l~}$*u-g?3tUy~_kJHBax6~KoLK|l?|PqA5l~5Bam$E+g-JFwrO-b` zF=k#@#TOC7PW69jQ>V|y&;MOv2B52|RUh6dV%StjH{|ZC=s3+dwzA_Wjt=_A{$QxO z)%R`uP>oS?>Ld4-mt6CQ=Eymk%sC`7I16B7GZ(9}%4ZQNVxiHN&iWpjk17U~8DjgpynS&WehHG}`M1aaIb3UV%T zWcbVOX87)Z<M;}`5bA;}vbBnvf ztD?o2NqDfrcn`m?7rnOD5+Eu4BL9L!B3rHw(;D!$W4rQpy`O;x^Km=;vHZv>AC+M^u-Mqi^qv%E(G^Str#D=FmldX-KY~lLm7dkkM6SC=R|lPhVR=5pV+0A+AW$I*emPNA{zLy zgE^8=8Rl6*k4Sl-+mYxf@u|1niI7(t&UnAbki?MnE3pXcq96t*oz5#ZK&PcM1&S*J z_9_L_!;)sH`BSs_|1p5 zUa!?#)6eWs1C%b$k3Kl>tsYE@3dAk&XZ*rxmC^*^f@ zixp<{(v(sL9s!@NARb)R<9g6o+cwdph7aQ8jDCF-ZSQUw<2wG~g}BpL`jFTzm9pCl zjk(T92$tA{N_7AA-BnV>*2=x(lEiYGwe$td#0TH9ZT{JnQ_?h%yJoDFcF-_jwUgtT z-Dvb&|E*fLC0V??+l9c)G}Gnk{&h6do^0xQzE_V`5I&C*(3FHVnaQf~sEOe9*R&Dx zo`h46v8uq(sruyr>C#siX1A7`lCag0wZ3ZL>nJUb7VZ}3KqvhlVrjs2g&IfcvEO(rmM1Jf2ZTMXl(Wp6jm%laCK3R*zdL zDpNLPgKgfU?S=x^Od5casDqe%5UUkId-CK#&tf_tt^bSBOIS8QV zUN(5I4LWp6z1CyZ-JyP!_l6;eGo^i~`PK`QG3zo)^yW02gD5g`<`pjgg`n0OB}xm= z*HkbXJGD9oo(cpo=T39B3GdG4A*xbGl@M45of{AjAlSo5p_s$LgIrFb*aY^%-<$0=*e@1^(>RZc40{= z;WW{uivTu~+Q8(=?q0=OoUf}3^<6|n*>uL;Z5Zkbw0r{^892Uy)r+B-(n*8CiwO}x ztMcp2N8nZ4%wwEF?nN8B%+u_v>aW1?YtQlw-?<$k5+)k4E?P@R)i$`9%-+}l*@^F+tJ^K(R?2!p zdc_i$94d<;HaBwi)X!e zy^R+O;7f3Q{+`$6QoK$3v{D$@VupjJv~Moro=9L6axIi}kMr*oG`Z6yv^-Y_Qnvy9 zo^4u!tsIdYI~=t@x?ne#_R>2G8DWb)jxOZHu!YA0^0mRe*RwSp!VPT#?ma{T4ZB}w zYu;lmcJ=-sOouoYeOq5($196J&l`1mSi5D>Au3vrl_%9^L~2w)Qo?G^P7h*o%;D&8 zMpQ8IqAXeUtOxH>+2UMCCts<%p+`r|&NdxR4nM_?e!nBrsa~A681I5IpWU~eRkNiZnV;1ARI1wjJ+ zH5oeiD96s1_x9yh%Io4hM{Kh_-J)f;6i2SL#3lK84JCB^l2SX9_o=s^SC6dzuCPUy z(T&1>?mC%*Y@*ZXHh3yoa%L*k%SS;JF^Yr0bf5BBC0*e~mwz7NcbBzxiy%FL8=uyg zt7+JSd%1F8YZ(J%_Pb6oXY9jV>xdTm&ccH2w__WggO$K*PzOZM`<4d0>^Qq9KhSuz zc{eLDY9ag+W_%#IV<8L-hns8!m5o?>PSf=@wADbcGtcS%^}>BEuPaM++ti($4;#qG zg{5B#MNp`$ThG!I+4w6m3xdD{bDF#CZ>^vOB!e%}?hh@NWcuchn)XBGYt@7obBb$Q zVz=kRTBh%GYx9c)-LrLVx<8R|2D*BFc}XO+G?Si5mE61&XCw{nExlQ1_wPOMYs|&2 z^Ag#LAi`@RM+-9f_-o@jf25D^F?xUzY}35M7QX#x4Fd`YShTOt=%;Je`8AX44U=ZY zPm6v&dzEcuy(69PW&!b7&3j~v($2%!IF;F{JQhRuLCLtqqyP&B-|Lq7_FgAp%8qC^ z5&WQO3QA7PM$-9R>)`TQv+fO-OmYh`AV9S?-K zggsD$)n!#+-+JevcN2ZkN(Bpi8am744HVnGBm})Q*q4h_$@zENxbCJG!QAoIg31u& zLuk7outzj`p<%vAH=hq=qxQ~F%#OO+7-Vk5#n*W8?y3AOIa|C8=8jmI;dS;UJWhFI z@(Smd28l_0e2JGOVz=I5{xw>;IjcNykTIMdVbnj=m_C~cluItC5~?3~w6TFQQZ3!r zUflDuO~INc>TEXJI0>yoZ zsMYj!qjVV3>Y@dZ&A8jo-PN4Jd4H0;7GqCQ)0gCMyjg~#rdaVCWE@@4*VXGw&h;3r z`!~qI+oC0Mj2u}FAG$RhJVQ(B+y?&5K`+W$my98dAy}%4u|}z-Qoi9h1$&#C=2n4-Qo1*BQNj%UMeZ~Qu&aHtO?O3hJG z3sI--fEvF<(FAx)#2Nfj(z@=})y&wHjd*`G_}$UZE9J{@hX2WXb4*$b7^8k$*4a~LQg52KjURP7+ zc|~38GiInIQ5y9nB!`*bH)+TvP4yTxrzdMHf#G>_PG(v>rK_Wrv1J7pKOTj4GR$}~ zRlM%D9{DrEJ(h2y_hF^Khbz|5h-k3S8@n<+uxn8NSpr~&D&ZQ1k^7IImM2bE+D4A( zHAqMOSAxD?RA?RD<3OKwo7n0Rd&;ZpfEh{ieq$NqAJ8oVB|QA`3l}fE8-29`p;z?RlYQ`T;r-X?mVTKPk4{D`O3$X*wd)g zEU#2d)?II|Hz?86U;R=oxzD?hwN)N?i*AND&`Ty3byTO|y7j3oqY@j`Ik4_+ILBBe}SC6D$9sNCMw$Yw$kbh-LA5G!2mf%fE457Mm8C z9$u;i9YfW328_AlbM2hQld?6B+Sf9Lq;cFVpL3x{gPEKjW58AM1F1?D4fM5x1rF;) zLjM61$9-H2N(Ogp=Q_M_=kt2DGx7_y z=me><)l=l0=F#%*ing4gyfS1&(#C35C08bB;E|&^2i;Khuk@wU(ClR_xp!HIiWGfu zm_Mu3JzsH7dMw`kPK&&0 zRLQrQQ|BeAh)bL%bDXnU?X;$`>|m5#$S>+{>Hubbq&~y%sWxHLAEyaK|~GzB{HS_E?ynfxqC7U1_ep$_15VryCZGRhTUX2+s2OjStwSn9^`JE-t)&#Af`#E ztbijKv`^<{iyq0(C4<0p#;zu_9!2m4%hX`siPpcPa<NikPK)AEN9( zKzS!UANI>TB9BWvU?es#Y4@63tG$wMos*oY@kFAZNZ4k`V!{o5tmfCg5rX=CA7~it zWI^LDXLP+2L+EDbPwY^(=Ju1%rftfvy!7b9RBag7H^$|&LEs1AHqsPP>cvzxC6SHL zc?o&!x7dqPIHzFImoXk=c9iDgcf%Is@b7=zMI0+wz0T`P42M#X=S2-aWoR>{v0$tVUhO)jF4|i&(QdAWa~zKoMIP9HwP`*++M$Lj(liidw=hI z4lEB=Q^OMdE&0xGDjkRs4)@|HUI=t2t4<9Va(#?oGjUrxrE@gsNkDb@+dOr!AXRd6 z_i|rQaq7Xgi(9$R$g{4W$MCnwoFg0CmC8iA48DJ%ibpd65P@!;}-j2>!dwh7f@0Ou$jthW!BJnn3dB~g#xW3 zfIch_E z_4Fz^&q=qXd1kt7zPW;2#NM@@@_w5iE^mK=-ly*QqLQWOu zTAeM^;kpYbhk#aI(tjOb?2vU2swQivJJ@PQ6g@KV6KV#F+d?5RJsvnxPerL|hZO zXSwDPyaUCV|Gd6O!(eE|4)dMjOy{#SU_>I+#O6QG_~Z8?=m1r$h{S2ObvL>R;-<#C z|Cz6Ff?*mGT*VGTOS*hC@p-%?9LW%d81{tjHNJF`TgGf#bV5;{eZYpxwFGCT*01#k zon_fQf==qG8ZWfPoCOhr;F=g*DVVxgpqVJT?ORW{80JUe; z21wZ`Kk&;w+`W+|K<|{1C+K+9(HKP+9LFLyi-C|tksv-wpV#t~;>K_gEta0hzhGcX zwAvE+G!tD{7p_d4@Z@N)QNB~*43p}9x}y7;dXE9$*Cxrr-kx^CQ8Zo45EK)uuP9=R z>kXYH@6I#}+c@rt3F3@`U6HwKBG+Fp#&x>kVy^}CVeBy!EjGC@K>?-f<19K&V)8C^ z$^}2OjDoOwIdV>UM?&Vuk8i7O zUg6(p(cjbmns?gH)U37atq}IQyW;th9d3xQoorItPoG|2!ubAl_@Q19QB^$~Wp;`L zl;;rei;zvX`(KA$lg!j+{ac?VecxurDZRKXz@zyv)8N3DfLfNll0DU0sP#^xDhqD4 zw_s=2KGFHybx$+5++5#0q-$Y^!)S%Gj8-|Dmr?Q587wJteHFZorGx9M(pK6)(s4fvl_BCBmi;M+(is zr(bb=blU?tNB| z%TQuJa#&9NsIi_OC=`jkZFYl&W_1N-X;g1Z{MwsrCX@&#+o}#7N9X30d-+4ScBSp{ zj<~C;G>Tf{U(O!a5{#VJ`3J7VlMkEE9l^FK{LEBbec`Ua8mn zdDv!FUprSFfaO|O_fthN^g3U<6KB_3ecB)6GrbA9?@GU!l?T?|Wug+7kC2s#;UyV<0e!yuc}!&OIDtPMWbrYDD?oI zV%KKCOoy1yLHDpBwn5}hAv?>(g?hV;V)={}R(#WNgX6ucEfex2wRqesi?*xz)w)t| zD`91-Ma$K;G*Ak`@#7U;?PIJ((IKji-m@!f5`S!UC)d7%k$B&3{3hSXm?|%s_dtQf zH@>?)9xCd~AF+IB=LLRHA+k@f)WKc>xMg^9%Evi8MY$6&P zVj7wdrR)ZebJODL#wG}?)V zNn#k@HRXJEJ544}se+TWnR~8TZww$`B-TVR@)fD3ayw)S&PcPwG0T{XCS7_vb@->5BDN?>YPttYU30sOO-@3L(FdHe6<;PnF_rgFBwZT8z*++wizY8N|vyDyE*irdGT1_n(L3GcsNZ{z5s}hk4 zM%c_Qfh%Z)Y!^^Y6p`Ba`&#W5%S>|gDWD_cgIEkBayUFKN%8QjGrLIWsecxh<=LlP zm0F#f^WTb>N#sh|_~hia0y+$^=s>utJDPv2gw*9Tp_C1;7mNI}Id^8lA@abggY@6K z+ntQ%X)s=TlgqKKY<0{Z25hFk0$H_|B=;X-wNMcne+}4;<(Ast4B>V~AU%S*mYSN- z;&Ho5k{SVz4hg2mh=JJeO`NkO9kA*)2D-)5tv}=yySGX?ydMBHa|j(>3v&SXD0UxI z6uAo%S9g3+K4uSfJ?|6&CaUc35UGz_2pvxC+G|}bwoo{&Zg-&GsDXVoNb%OrZND*i z7x?Vh20A&p5;eSqUD0yl$s_{q9dkf)f(=ZBTCF(C^v|ZFF?adKRLuGOWc1_zMM)_b z!85Dtf5Y&|r=>=E3B>HUu*3cro=#(grEei-)$-ucLf+X* zyVa|8h;Ap1-~jO__N#BL7B6}mxZt7(+oi$6Yb7}dA+t-U|LLn%iLgvTi<$~j4E`h{ zs|ywpvwD&HI#_Y4+r}5aL}7mVPz+N2#){}A!f>_)5RA=jhHv)^Qvcu&Atjvt&oQzI z+GU#|Y2HKMl`V+jUVPe7bXks8{>BzTEtqjsngzw+&Nj&rrI_j|Fj8W&axhhHd_(t+ z59=d=ofQ7wC$0XeB=-l%WupU8(>LmqFpBuOv>eu_4;-W=< z@QYkJz%-)#u=uhrWp(yOvr zRo}MTZ8<0;U)%b}_!dSI5wxjpqJ>fBGtKhMNMs>4fAGN$4J_0{g^*I|m^GQYzD+2K2_!+APHvm9jQ zcB~;QF*AnecaSly;ZL~7f2w9rtXE6jZ@@isZ6>_H)z;T+*OjPkpUh^&pdJZGY@WZT zwFva>=go&sZZc|6PmU?spoaqCZUpe~;p%2;cy_{=N4}=kDN16+#yjW8d7$_2!>``G zza&-Q9cgn~MQj9RfO8)nf@#;Hk6%m~l!6U;n@_%9lPAU$Qxn)m*bRrUz{QoK6H>14h)=P#g^;7QS$P}PP{D>rSP44ij^ zN+RG|&tdJh9VCC+QK#vC-m18(P|X|~Ul@vYxSv^w&X)n!34?ai`hnSF?5(ZmB}K>nl%UKm#zp#`!up}vy97E8l(%Q3(8 z(fDsQ6jL!JH zFYSe$7D0d6#?WPT-9k>Rr%}O-V|fg!9f*}XUdp(P;4AM;vOk)CXqi`$_Lj~Tk-02h z=JssgFw5B=-KU-6BkfXi&qkJhs=y<4{lR03eBoUeKid0516P%KTnbHVPwKMm8O;8z z37Dr06P#g7Qyku1vyF{hz7sc0*?NmL7g`q@@2zgr&WOT%r9FG~VR>3z4@>{&s(njU z9#IoGDeyL zIaMuRa6hZnF=sb<|0OoQNL-Prh1hX8C6Ga{Z=)vs%R5LMTr8VwpY2*h_PEd3qpdPEj@cq+mKT0=6cweCWN)PH)uelGlXgy=)jsAeOwV-7QCOk|h zd&Z{raUeiDn!#s2bgq>Y=YEiwj3-`gW11sv<=$>6k*UjfE?{p%jq+)iSi9+wJhnj% zLW>w-724;-(ol17T`7R?;oSk_+y_OinT@VqDf|F&()KVmIzU%BSJOs+C?r#{Ymb#WP$YnoVRfIMR8i-+ z1G;9}ve5g^(p@bJ6xouOys&T{gL5gta*#Sfa=9SB4iousYWhl0@$anjkaqYAa?Yvr zO-`XoCFR1 zPNFH8KQd?}cru@c8%zSnUTma94DsdjF;98K-W2ZXFXMK&z~gp3tLL-!aC=U#T9TL^ z7F-o73uJtzx(9QHK8J|^=Z8$?5hn&r42V4#&nLlj?54LAmc)W0{V8AR?gX5$H34k? z+VwkQMj^Wr2LIhG@rEQ=o?aQ?A4%-`d0Z0d!%qiy`C)Dk-m-1(Urof1+dfQwN$5pj zp-UpFfw%wJK-DGu=FNoD$3$rvI7r6|iIUZrf)}0gwGFqKrf#cUV5-i?GXU%t*uoEQ zXn!XAzeGmgy}rZ||{^Gj(%Mwsbly))L@XehKrh`rk$e7{Yi&B7!;IywYgw$wt&$(=wi8C$1g$bkEUZ+^uRsqLjpSUfo`JOvq2nt7&=oT}K4Wg* zCpx|sZ?F68JakG`o`Q?^`y+KoN;TU|l@bf%pcG(lq1I}dPrZ>C!Ch!qZ+LTizSFlm zZnu_~@Wo)a!r;cSN9_e*tyHrS&*NxlLw9smubgv6uf^SAb1-2vNAqfMYY-O^W5(hP zVCr^S3unnfONNXs)PfKHwgH1Qk2m%gYDu?;Q;G|c zcOE-42$vRPH)35qICY_-Ch8G-`L~RkRPHzx*yy?j>l2xSs=;rV~UIh?CpZg?>`tZsXwiVyWqKie84eYBX)G!VTO8UW_P z|8=~QFpo}o2uvh0O7`#3+wc+Z35^T)Lge;hjbflW#jj1_$M@h>PQfv+7#k_|3JSIQ zqh+u+B@9^UVs*`HqPOWe@RZxTV0P~jvsxtxBMNx^m1(N~wp^u=^JnUbXJq$Jkr@16 zTh~SqA=8$how}tgi@=Lsr_DOc>4DY~*@Q7m{-Qd5ZDcl$_F62TKDOD|i$R#a z#cI~8fhC{zaf-iIuC34MlW`YHK3)d7GqBRqG=4^;mwVxosKj)d7yMwlpsJkn=SYl7B{GR;2_8)t z;EeWD><^190KS>Z8o}T4g1epL77x_j@QN$7h}pXZ4A{e8D@J3jD!F5$TF_2fr36p0 zim;~AS8p`kt8-@GK}JlBO`hhJXQQDPKl3u-fD4*EcyC^&k*9^rgJWqQFDB*trTsUz z8I~WfSM8SQ^M>Qa??%(Un$@hHNyf*y3<6vFF;zPwYI>?{nu8)=_d`x55X$`)K z7RCM2DA|Z+Hxy>QzddISh-K{hCNt!j#&^rorTR}6 zyBM4hIV+>f*T`#}+Uozaj%Jd%N)B|-lf;URr;ZNY+PptGSQ}bB)hZu$TlKPfAW+f) zuHQK1tgc$Q<~)-Y6+=s+Ic{y>ZCraVZyhxl=C7XJZ{CuA>257~{GW<@@2IG{Z%gz;MFa%|MKTCT&YT4Jj2meX(U0Z?dZ&r_Ky3&4Y%S&vG{G#qKZ`#yXUd%Q(xU!Ac8*?WQ_K!$%g(RR zUo@S~yaY9|aXPH+s9Mc*3*}NKco-4V0?(q-e1^~F_P&HNyYw<=TP>15&w)iSvfkI& zz{O7Gb3w4;Z3#I7cOw}Pw&FTT4ESzxjS>+bG-smqN3Bdd_OnaM)j868)-YM0i-d5^}g}qOF1ifFqwFjMpQg1-~ zc-LpbDn=9kDpgYVQL!%>svnuAeJVijVk>?EBa2oDTDP$DrV&j5Ht<&o0O`xQL<27EjaadiDKI5}?C+qkhwG z3g1cHaQ5F|I|<0-CYx|7P6+o*{B3;8PWJ5KO}kNg^4Z)+{i*Cp#|@c?n18hY`dopr8NKtOl=AS*jz z$#P5O!e%gpNtcJ@d~z#D9m2A5G%$F$>jdUIbS8KA%VSemSbX}E9P@sDkXoxOqZW%k zPIR?nh-)3R14MZG@lVLjaJ7p5gN?z6ZyrLK9)f?47H-lc2BmzOrYf0xh*&=>P|jpU zkyToGH3_2Ym2@qQQ1_KEEdMfjxp}Mc2<}gDQA&1RhGVp@CDlfoJ2oht!sV8*wXj@9 zmDNO7TBXby+;{|QS36D|Zw{gRez+CfwmDxQI`i5oy1@73;&}n2Tqlk9kwilxaBwD8 zIWGW^ynm5k%JF$ZnWZRGgXuEks+yMy3tEsDi#RJvUsFF4a}!YJC`L?`1RZvE&Ul~h z;&VgVlup?4^8pY{U?qitRe9sf2kK=Q|7jS44I#@$LA|xMdC52v5(+-6HL80&xZ!)e zuVfr9ibYuNHOdA}rU=bIBxibpsh$W0+zXe{tTcMm1HlUymo}Fu{8zCQecfMeA5bZ6 zBtl9a&$6GIZVEzED(^XolNaaT!)ynxURYii>IQ3bv04<|+KeMH*i*;lHExys99yck zW-SoLy}7Vw)hBi%uwB^!1cYG~XfP3Gmw+8#TG&9$Q4wEgwrw z1*F`WeBP8n^HQ|!Z-~pRH%P0JD)8Gb_uuB{e=%EK7C*S{kxprKR~~#PJ^8E%C?``< z*7u_)uJKpEZQVzFojd%s{obI&G`3HTu1Nv4ih2EpJVmI3c^Jx-ltRFT6k>fBB^t^> zV$Si@u-35?Ap4h>J0rkKJ%ogWLzz;(E47^YDyfnPJW8m?f?O=4GR_4_#djcp(zpME|loaVLpq)s3pXOm2kMqKtfu~^xnJU`9R#(G^xtNR*SBU z(1Wvzc5lzQ(hK($?9~QQEFn?-2L%25oqhXJOTjn}N$fyA0tm)|3Pk(l0fF~0xd1{_ zt4ODxG-o|)17UvD_eicV}?hW;?eFVo+CABI^ zt|jIk;O_Qu-OjCSr4+8o1~_?{^R=TjFx&7cnuC-ESZ1<>Yj?s@KDH3wy%wqH&*~ay zuJgWSH|OG!g?-SkEH4Xi3@X9Z>T6m*?TAEX>tY(E5hlOs#?=R_?ZRQFNCGMy1XFWa zLTzE8rN6!Ci2k@zg+=wN z@^yl!S5L=qaNp#KUu|Z~96aT@9zG$}%bBq6Pfyx-`w5W~{w(set7?fQj?JKI2=;;r z)zaId0-ypq=v=_vjezf2F)F2}{;NkVkP#wDIHt}0R*|yvU5mQ+w#&~I(&bYTRqnhb ziD68=fM7w{@Q@t=A$Y(uEz%^{4M&P)V-vDYy!Y@NdLZrrD@}Ny~3jBpOq!D%sZ-bapqDB0a&$ zZ;O3ThddL=jLbax=SxAXXHq>CYl?EsnHWqu3czE3Zx~u zCN9yzd7-&^>SIBwqD3K@Y5r+hRDDg9{Dfvhm5tm{=VW=0fA_8a>c#d%kHh8F zT7X}^iV3IB{HqW8mUp{LnmHQ=Ht46?if=E+od>S$pvf@kTbI_8yYqezx~*CaoPI{Vw70RPxt33tSG+By+fAjVro&YMLc-U z>{0pY(^r3H2}NclA{MPj`0>77AkxM@A*}H5aGAHP>RCBy!pHJlF@@&S_}K54mX>7R z#~fQ|%NqdK>Ak2sw`G?aon^PTFHydD1unLP>+N;Sss3!-B)=LuAY8vO=s~g~VhPYZ zMlg^T#?RL+Bqp0rJ|7^NF+K7F3tylPJJ!octYT}NyUk^8v|fr z@Q-uB$k5qvL)bMc7i804+Twkb>E~T&Bvy6jOdaCq@+kYoU7#(?4^cglTJFKMA`Z~4 z8{P%yKdw?$iD7#5M$9qa8?_W4j=*K*-Xv=|bh~0c;Oo>A`>%2D9_$%CShlPj+^jr}GenAd0FuxRJ!g!$$YvNtD~KKl)Fc`}L# z?wUiqm6K1=LMjOJA@y>1Q%|qD1bneGpY$Thn0%UZPKH|sM>rAYl)7Maq&uIr8e!QO zO4QlNN*Ec?c(So(|3mZE(Qmkv?N&81VDC`!VrA9J=n|O>IMW_f2Oi^R$dBJ+@}ArU zvrk6HS;{xQLKX-M*B>fq!$gu8$JIuj8Ye1bbc<_x~ z+`%Prb4s7zvc6mKJAIK$OED7Q4~78fEoyUglW0ae?n?NmcvlhRYfIr+Eu|3ACx*qN zJOk55&|#DqH=e<(`e-+_3fa?r@>+yXdiEzx$Ss2qb~Z7X!N8 z0rLx=QAAmM?C{)Kx@Z(9GRQ_Jbme<@zq(%Zea}BPg`)(^Z=5oq9t`g76aGX1=|-!d zY<;cBa9OK()LAi_eHZ$W=s4TzR1!XE8D@%S+JRW4>bx6oMqI$}4nmI`^8pnGq0-Mn zQzQl^o%c7KULJB z?>*8FBk!d3!>g<+3rTZh?GPtAUZ? zGF=A^X>APF4+ztE@>>n`qj}{>3M165Y(PcBA^j9lCADyfYkMm)%m?gPJ8d8MD2c;i z?gO&yY-!~w)K0+UUB$0{q=-?erUz>%O=hJo49)KMNMne^>k}+dPSRb;hMNhOdDh^W zb@sgM!1>@}&&BzgLX~8<*L`amapN$aOf+m>*Bq>jO&Nkm71&n=%EHr{korev+}79K zA^8L*(dl0~ta9Gyv6FBz6lh|da3k@lhm!l1JI6#`=2+1@q6Ulf%NtqUb02iFrpFKC z0q>uduQOrt0+xISURY&0zdZc{?nxp=Gt-Ao*hDLza}X`-({K0gL~TA7f3i4rKVB;} zB%uug=6WfX$UWOjzoQyZ_U-sBx`a>jgXeuvyWVO0vQN)TLXU^mod&xLV<(SLLX$7AS5_At=Srx!emDEw3n{Lu{r>l~ zjBZ;m7Ym?wa%K3&^AfC;NvgnO09!&S>!m0)sWZbT0 zpczB1ZiCS9W>bp_x*iPE_pW4Z0Et+dX)~yweZxe93IMDy{<|j?y=(ukQV0O+ffhg| zEnaha1v#|dg`ewCz)PfvpT-^Yz5WqL4N0rVI-i4t0-1^u^gqgCW2*#qQ0x~UM50Q) zQs7_L&$E=u=Prr2;63F1ESR;Q?a$-NAU zDX)`nRI#1_q5=x8&0Ef&7iDE}HNKcECdK6-&5$fsi^}e6o-pNFd01>rrM`brYjJb7I$; z^iim8#!4>NjxbA9gXN*c`O(>~9*WPp&yWgv=JDZ$DJpj6Y*)jeb|(?CXepNDzuH9r zns-fGt%WptGXIg`@TdNu^ zud=>1)Y5F<{jC!W?cEGG?&pVsVpOisG9;yBfnibO3HI5tJo;BVyjKth6c91Ga&Cyu z`-(1DCSe|Lkhgw@P(xxMRn)N`8tvkH_FO8O;gMuyE1%!Ylf77&{c5gXD(4W;RJ+e! z?a}*sni%C%0q^yn9W+Fp?asB|POu`sO%9X2Xfeq*q*MfW+OGWlJGU3SEutaiKNTE7}Hdh`m9JH=BF1OILy#rhy$sSe+FvMZlI;--hSwGlE^{1 ztZtR8pVP75Iq`FzK7fc-=V&VQ?d$hbLy#028XB29Ky3##rx|4hV)&C@aI+%$T9aIL z8HJO~8RJ)v-l}&IFP7W!^Jzsy=B7-0!(y`M+K*7>vefNSl(U+~rCp{kTMw_)d;W6D zNsCb?l4Bt&B$G9-_E<@B5P6YvDaUKQq0bmqHo3dyxv)82?6ky0yiKT-<09d#%@Nm*B)UQQ!)=Rwyp97;&M2Y(t52Olj z5F|tXO5FC}PAC@qg*28ex0g@Sz)aMij`Le{l?ylL`MaH?|AF zy9mk8I9oJ#uTmiO%d9H}gYwT9O%k0Mka2`LFkJG;d<7tx)WvjDZ?ZZksS=q_AjdohL}gGH=IJ|>|BBa3WbPPx!Km}x2}3Y*Bi2Wxwivbb z#cxhDD?;W8*>W21Zc&jM38k$jx%ofTeq80|1J)g0*!Kn|C4p_NC(^%FAJ z>|47?$YLu?KYMnrWoeiE#y)KaSkehIw>dR8aTDx;+w)!svJJ_BaQ6|o(!k=@sP%#G z>XIz9P*Y!K;O2mUZf^JLdbg6ZBBeN8)rz5;M)jY~+c;y<&}Mt_-zU+N7O3vtw`wL2 z674^x-3R~SMzvZ9Q%0{*N40-aJ{0hgz};XDzPhnlj%Peh9t8wkn%%N>?xZ)SNzw%| zL$3i%WwwiWYtY^mc1Fj}0}G%+&%(;YvfT8>K~LB)$yhap0s}|;PzmRXCNkoC=^h-K z#tGVHcv-yh9vXKkB#M_Jo^SJ4gcYEHYn=$nGv8@&W14hhuzu$$c|$g?p0AG&O%Wnf z-it!)l$-wYo;ueP@ua@LeUctlGN^?B!ToLy723@}fV4Kw18Q)MWpUdpUL5XNrS)lA zu%j3XU%OTw{+XovtH+S^r?AdLf5R`Z#WCl-rmr}?u-snfmykP^NPxhz0P;ozS1-S3 zsu9}O@&go7F}!I2sQ=37y!!R()SD=dSJsRF{T9%DmCiv zBu?#Znx>=rdb>eKxvo~~eI~v7#XJVhV$T#engWG%CqO%6?{jEo(RAp11uzyL^?DV6 z^(6Rwp2)E6GE*XWW#_u)0j~ zn?-RW@7#(=v?e8@gZe;PyxF+a=X0z5;YG#a#nRy|I9+7W<|RsLGV%YdQ|Y^lsPMaV zr4Vp_i=R6`swy4{B)yR|v^~!W`>v|Rz_=Fwwt09*Zk&I zk3A?!CN=jvOF-QNvC)$qD;Kfp5jpm})mF`y$>R4{tK&c;LEV=Dl$v6UXP~ib6H}8} z>=T2rrqXkF%7<}h+j74@Bnhrxb-wygXx%>(!(8c)<_ zay;~>O9Spui*Q%c!*+ae5@gINftBok1FPv*-wlPE@VO})&GnjRVCTjf@o)fWXU}V1 z?K?%YkTZLHEqr#_J5z{vSW?2hQC_HU#W9P{ZtFS zf1%lzH;5d)Mf!gb0Y*hpttGMr87bMYaq(BXL7f{du-W)iGjG}G(^vWH`zar3I48#2 znZpc&d@`53e@~er{m3<654xmnjF_zD4vzD9s8}VJRD2tGettbse7PWYI-kV3d@LX?Ek7(sw`=IOd)@ohGQl}l=vnfkq0a$eEfz& z+p|WjwlH?ZadRBc&QrD+(vw``xV}BLv&7DIbzwatnMsj8CYa9x=^a3dP=pPknq5f< zg?vK>PULSIRG-yP=!DQUWcskv7p1+qmE+2f{N)^NTVM*5fF{L$a_m^5*7QUYbXK5> z(Zg}JzZea8fP^&Lrx%)i4-eY$=~UB1E&u`dsUGdoi(i^aL+&2~Rf{`wLx z5k?f|7pLKEf9^68>eERaN)P!;jplSr0s_y!M|w7xI^xLKra1Ua=i{~iJTTu&*Iss! zvx=i>A6FJ{Yf>i3#W+oKPUO*BSz|CRuPChuRnn=a3;AKVlwzgGCHXsdH{?BjQMcoT z&{N#XRN??hsl8E%&X&9ec1-Y=+6u*{+cbT_Sg!M^yhAl~s~}$Ml7U{fvM1^nug=$t5~x998tlsn+w305 zaH|04t?~SR=o7iq230!dw%3xeEoo^6*-?WppphD8ZZlj&eNEJO2fplux=ojsqU`rb zG6%lPI>!#)du3)C(#|5-eYk?)Wlxb0k15`0LG85zDvfCI+l%{vJ!VW(8OYJV#|kv( zQ{!eJXVW$^%%f41!d#Fm_iWSk*u#mViak}a%Z}!h6GM7ep6I?tz}j#wG6B}GU9q(gfGTl0@u*NUiXM;~{Sp?ukH}(d)p}5$zZ>Lt))3gC= zXXVgv6OFG{yVX6f@OXX?%?LIAh9$bE%LE+SunJx3X{QT~1{!S`L7>i>5BG%CXIku0 zoqxW%G4q>KDnLu<)-M|iboQcuQr}O7`e-sSA6=5YkV&d|`}k0ck(Gqjwm zu{yt*m0@CUY<@HsQp&{yl@aAigZIUultsffdP=-K@wH~adTtj zq0XBRFOj~RnW0cyzhBD}glb%s3T6r3@nT76^6EK5j#dM0@V?zs?2iqTPUJ5sL+0qE zUF^S_?W70G)HBOJ#g-s7luz@}yvo`wo4L*jcAQIy2_RKMKCh^5doPMNFpAin^pn%&r(%c@%Z;nSEO8$nvX%#2D*lRjg5dpGk0Lbm4i+=Uk|I9qQ<+Qs8F$~ANw9V}}s8aZLUg3|%mAJJ*0kmhb~tcn&ME5A3C znL8XAW+4`;FWKBVWN^=)m{|)~R?EaId4pS3e*JiOc#Smvq@+M zs5}50#?4Dp;I4!j8=N$f*Na1sD7UoG;NrQb1Kup`CYZRTih&PR&(EGRI5eylk(=yJ zF8+|L1n?M^FFETh7%H`2qS5yC@At)A&CN zvMbd`5~kEt4&ym2o}Ld&B0g@}x3RE~JM>i`+`| zGsAW-TVfJ5;c~4~RMo+_=YZ$!c=c(E=n(nnw-Wt;$*gk}T*!usepRNfzj#F4^;?Rd zo3%iS{M&D3hr6|l4Mn>-U`{cy1rkmS`A-@xewQbNfw6z+=v~gRFkIJqtakPRqY*$5 zT^azAwCm$RanUFm7M7l=fPyTgqCOL9E6zYn-ctg$agC#Sc`AN`dKwVqi)sL79<9lE zS|S=n(CMgi`N>Hqqz^5w|wJ*Nd+v-STC7MZb!n(7r%~k|9HFRX!vSz<@teT zfG1Fqv8MI5rCn+MpL9|@ukY-(Qm=YRb4@hpE$xeUy+jKR!TK^PD(cYE?eVvkXIB8sSOc176mg~1^jVv7De4FMi9P}#jP*CbfW(7*Y`vxk zTEkW-P>Az1S@b)ORL`=CInz}YIeaitVr;L~d1-(53PX10!)3DSj9#jU&&VUj5l;H| zBX~-M6jte$-z)GdqA?%8c-_JvCD+JaaP?uPszCk7vYNXx&(NXPvf*H%r5M$?-@;pC zukB=z)6wG#897s)sY6Tt_D;cxKc>&SldTt>^h=+JpN?tn{jpjcd^;gqi}$ed1Kk#q z*iYMw&`Qk2P33EhSpp$8fkqZRjSSU2Cf$;hG>dNza^zKGa=*TsfiO9Q_0IuXK&{r% zn66k(Ehe9{lhSK0@F6Z4$%<8rc99P0id9Nn@w8L~QC^Onn%pd#eR8SUCMOJg|Fm1I ztLe9Jm%*sUW9#2SVyN3(D~LN1-8iV{cZn`nY(5UXmUk!*Z9~hwzm@E3ahP*sSd>F} zvdE*+iWvnz7*+j|6g9@KW$$Yhr0^6k~hPc?9qHuPYB5f z;ClQI40Vr8F-!m3+eCT-LHxyfz(gFZ4Y9?nj0iA!9TLuj{L^X)V9Vdd0o|4!6RlPa z?puT$Ms;THz%$E5wQ{|33KhNyj|~W9xIIq4gV8T+D|dU*0}QqmB)Hd!)m#6LQ}bSu zJ7BRqg*mcIN%Jq(yKO)h8$EabI>@$*qn%lu4@E!t7m%Nn}AQCGCkf6D%R1K0!AzD{FRv4fM zZolY9TiI~+sMpRG7gFD(g{7?YCGoKKd$(iI{jQZ8nwt2JsIz$r49yFAskoIxxA@+8|1-!KJZSsKk zrLV1bM1Az}(b(RYI*Gh5$^j0QxO-c9bvjgbDSmL3GS78qBjkKp`(CLmZ`=vG@v!eV z)$yGt_*>y9UTnGS>0Z)|m_E@)_?>@XCg*FuNrLhx;mnxD_gT4XWFNcvDjQ^=@(-Cy zgx4U79Y?y`OQ)Q<0i-60Te1B@W&sEVfF6jW0(4_*PIB+dy-LmN)2s!ELkn&mf-c9c zy?qBP{KiUo&SaZIye87P7}EcnWY2Eq-xYhgQc=daR2LSmjB};n{rwY~mWvOsw~4tK zF^ag%C-kex&S@6>%h^gkBtZ)nuN1r*xk10Yi+e}MrV{l*!kJ@MZ%lEJDn5&!)Wu!7 zAAar?YUh$uzRR*-(~6EqCuT(N;aSHELE&8lXC=>AwrrPIYb(pH^{h^y?}J=BkFqRN z#Wv5TtUg@YiK-NCwc(<&?Ncir4RDVByQoiYVuaP^>7K^%gMx(&5ug6sl=W8`Yz-}0 zHHH<>S(-0IB*$UwjVt}~%-A@R&h>d=?~Cqf;~>v!og{pYv(%{cW3GPYE#_Wn3hMw@ zG3(@!04$zG7wF+v=C!7-p!y8;%(E!n1$L07oi%X}RQp3+H&BtMJ*NM{{kPf4-WZib zaxFruKvk)-f=OHHywEIO_nbkO>L(p4W1yaM=&lp~e!}BP%dM2^5q%^oVY~dV|4}Nh znwynK!{nwoO4phlPOPzJ;}L`V)DKY1ds0FX zn*Wgip#FnPMbbK2Nn`-zZrv>cq(F0b`d&C8!1Vjgc zWr)Yw2P;dDQkx%kXC)5jclpY)n`$=*IrT0#a+Q%1V%Bf6o&2QAw1r2Jw&<3A7r zNt14==+mFpHf!7I!Vi-XNc*~t_*YOlK}Mq(t2W`x{#(bfeL`=`nocRQWXg%Wh17(6 zQ(%_l&d$osv$n@$m;-L|227!7J@BrPqhEdMkricNbnFBvkDtJ79(sf|L~20w%B@Ek z3(r{C!hfTy!S$gy3i|qBC6byNjpbk7FN~$kwtjiEkFGVh{f!IzBlj)=2L^{D?)qmu zDJ(BoQ5ar(%xg~c!T6rN<(dtwt_*}NdCY5nu|8dOHwJr9pq2x_Y6LzgUu9_#c%pX` zr0!u`1tMQif5$c6DlXyR{vfSf+p5PCM2JV)i=H+s{sJssW7pG2^;FncziXm9(Z3Lv zdxE9>_>aRJ8x3JTbu{e58Oug8mIDNK7!ykV4Q%(qkwbER945~qHcrLekkh+){{F7| zzT!Q{ADr6RZ%^_oV`s{-Z3Flkv;ECJ{{7Z5b>C`Zul1y7qJ<9^*q4)X!<-GHMhzR~~d{<5s)~O=Xes%i67*w^zOHw(x zi?{?js_v{CQCOe&kUq0e*(B&jE9Vy=aJuyzswLUw#Gql@A>yg;#)HJ@YxxC`!?Sph zM8?o*orCd%*A}DSIeAHZ53`bc!u5edPmrY9G$mvgJT*M94{+#bpu6r~aEHI2=#EuY z(u@4iz{-Ffc;KQx0^2^}xiLKE=1@+=on+&rX`@!P9Z3o7Z3J#G;8Mx~?N}A!i=q&A zKT1?I-6K;XY(;zTmydFt&c-Rm@2GS*!A-n|T8x&1G3paFb((E@?Z-QTmQ#Pqa(d0LBXcT|E3yu&Y~6*Q(QWi$02hvy9q^8S`hNO0_ByfLs@IXk zXU&qr8Xx&-BN?Wh*544-)*x;vNt@8BfnOTHeA9c-pcSf;@GZYrpv+UmB%r)p|J_Uu z=GEYIyXZdO#cw~LLnf(piz6#QE4{=-daJz3NM7jt~umJ z`{q^4@kIfXSyB7s^(|+x#d)D=IHOry((Yp9ef;w_)bR_@M6gQTo!o19lyRPgKG(J^ z2Ry?$iTO#8m?4z2K}Y9?u?)4*s1|Ud~VYDD`4UPMhk{?$F-zU!j z#8=h+t&LX7pvmlI_4?>~d;-F8vx9XsliwkG&iDx8POU9Lw#g-KoM?h00-k*lxsL=QCdfF!t zGbWZ)S6e-njHQAc=yjXT-6=6vHJD;nq#m+xfg9+Ym_;Tk#gl>lw`_tzW4A;az9p;7 zIakNDU94=F+K_vh5*tsSH7=5f-HjT2kgyu_DgMg6LlaFA@O3-pwD7h`;!)x76Xm1y z_CgX$rrNuYrJTAlMGd)q=D?lYK%XNHGgj^hY-TZ;GgWxUw&pIL(OB{PXOG>FR?7 z)$gDC5jn%tg0JBIQJCd{qRh#4u4LATJ;bG(L|4&-Zz$D%?9S~1bvb0;`a><1NSSXP zO))XTmk^(`45kX^w0bck#0y$7ME(6wp#h)*n%80cL}l{)S!^BShCkx&6zG|{Z94|@S#_?7-Injsv|6K zs6P%_9O_-jh&Mg+CB;nN3nZp~XaV<>_%2rIyjT8^IT5xt7|{`p${c;nKC~67{m4#` zY`=;PbF~1P_DnWge&G~0R4JMUJQi;+ZAEY%qTbK0Nws`RBsf0nwX1)zDauYY?yDkQ zs%9D}7gfsl>D)hX(v&oaUF`9=0!@`V^Uido@VE>LUM}uUiezYlP9{=Kfcirpl~4!= z3jaDpJa5JYMUp`16$%^eOKG)D`@KlGw&S9CAf|r@3D5 zhlgd+`U^Fh6^NLjg=PYY+|7gzv-N*w^Q+&U^IMzW(LuOwPr3N6fW5!rUHM;^`X<9) zNf*#;46W7p{~5YUZv*ik;mJ<}%yEXjA-ZoArW1$_Z}gs|(D+NCPtu;w{mh+BFe~(L zFXmCq7kw6zPx&ZFi0U68&^^O|IBo?S%nBRQUu|iO>MNDBh!$8zM@GSLEO9H<|aj-Z!qs;b$NNrp@kJ#@; z-m<`#;%;*3V9Y=usDr2{dE?himH8Yf37qLR+`V8X?kFPE?-=b|v^_$tFE$?f7}zkw zDoRg)v01cEzt2Z0e;)R$m^KqHU?GGN%~IFs*Z}{bl7Oelapb5Fv;y3Kv<=#;&dd$z z=x;h^@Y)P)ifJ~W*&`s3b^9;4Vg9|*-G3oY`p*xQL)B;TZyXC!aAz<1?tZDNUU>7y z$q7^l9if0xoXTT#P4pI*tagp1Y?=^Yj-{t%fph*>Xea|xn>`Y!@D#afrHqUPI-USO zxyB7a`US4zhkB9QKaQ`tpnlvWiM7S==4?e{&@(l{ra1$fk6|p`J6`(lky!e_BC(U# zE+2TUp8$4Bp54#>u;!b(vK=#qAq+Wj8z+1PPrQkHnvO=+q;*K4$$ZAR}o%#QYp2m0EO8_~Le^5DBIgb!D zDI7@4EM0%&EJNrGRoP7Rk~A<8#0xh?L|ZpSFl;24$3PxB3~m&C^%}w{zHY#0NsVaN zs$N*r{l2s-7;&iH+A~FcO17ZS8l&Ri_Ag2X#%KS5F|L6PcU6N7{}l%%^j334?Q9MI zurtN$&}iY51U2(|ryeKe&hv>$^cUGRG2X*Y8(xCLSI)~>@9(n#&=Og=#280tq4iNF!&!_fJ<>@}_@g_<~CM6A)ojeMQPhy?R_ z6*tdbN*~3g^0b@boG>bMllr)aq#v&DIK*I;_Y^lyWZx^8ul^4q4jgH^ec01||F8~P z!KBM47p;D@s*K}}IHSAealTvZrL~QEIk%Q=S)w&8*?>QlUS@a$Z4V~yKbR`>e+-?^ zk}<~Q$P_VR>8FO9V8eh#PRK3}@d@&_9i`mQ}r(e>p(HX^q$NTw^E z^QmrrvhL3U%!hLb9@rO;KK}ew?W#=W|*qWRg@(V(Mp&q$MZG zb@39NdLCr`#EQ3(hnxw&7k;$C zD&#-&0Z*r_*FDbUym!S}lVJ@2O+0fG-fiF@$C`;FsGvF6{~^FKv@&Ndpd?n^7jIkd6t!|n(`5$Np3KPCMi z$*1@&+T6o6f|;_XDjcaH)8*j;Mer2S8d6ig22w`Xd*Q5B*ZwKu#KBE%ZFTKN=!MVJ zU*g791WhOn&Rlgm9&T+H=h{YLsomL%%C8ngngC>#O4=#xs;Af618zRHH9WyY&x=V@ zwIO{{981itiOM|xXe*$RA36vK)W5vxWU5~13C-fFvVSac{=3(k@u6D1Jaceklwa1F zY~=m{SqmN*k4{!R^c!;&zGN;HwZ&?sPr3hc@8*f*;}dT>9N)*7Mf4y2FgfYgcN53? z3^LBEytQ;uv#evL%(TEdigEgnyZ~vo-QccJ;@_Y^Jp(Oc1!!ut#r;32X!F1GF1nsh zdWG?!xA)#V(F_rd2g0)tk%3CCCtgiFdpJVP#xLS6r+mLFES}+K`(lcIr3t^-JdLe$ zdMo&vqfpjonyUI)K^FP%VjU!jr(az;J)lSmTu$e7s-F`Q? z>#gex-UH2pFV*}{)2XzRsCtR}L%lu?T2xoFH*@mrrHdOP&%EX|w82kePrf!54hg_3 z^|BGO=fjIW-&P!pYV5yiNSl^^MqG|)SMTn3Y}Zem6?=ep`CXSOS447No8SX9uX^5b zNl);D%CU}q)U@_ex_IN&Pr(9&o=QWD-=Nq6MOw`$g;0ZaZP9Pv*7~UAp!I{Mc5qkk zoxj^DYNND7Ky-8FvItSJellOed6yq5`eS$CcqYnMe;-m6#b|51fU^BC>)!;P5-J&s zGMsQqe^IM>CA#5Kk5_bPoxXUy>OmE?Cz4W??n!k_>8Y%VLPGF%HWqxToAbXTKKP2F zm(6IZ7-S~<@n%7vf0&`mL4!*`mdO`-0lP*AhuH#e#%-$RPf|Qz zKTxlE0}YJ!&a2aZsJ&2+-t<=-_Iqy||LaoJaWq*P+4lL~4=ozoS$Xa9HoK;4ygwrP zh^*%YPl2)fuXPAh7JDS4LOY(%JltLhuMi(n&wRAN3?>k-PzG8>597v$l=iCepJT9O zRJY#0qabz)3ArTdu%_90uiG7O3saMAIs`HQ`XmWZdlvkV8(gU-4xfAmaGw# zZhHee3|7(NGwr?I4Jl*M?kQQr@YtnI`kjg9k+bcVEM1q)0Pv7A4puBq>$hXyIflx( zLvugFOI49wf`Pt68E4+#`u}Xm|4xFEJ2UD;H{vbzO$v_mU@^v@0XP2eX*|$zh$>eR z!PYonPPq3L8yolCaW>Tet?SQHjre=sO*{vKf;vp~{!#QM7@yqgrH0EX0~q3AME#$S z>caGEAal2oKc$rupC}tx%?=tPK1BY39Qe-Vm(jA=8o&FrKLiQC=rUG#I7ghKd44Ib zikN^iVsfwOmE0Fh%OW10s0kqSoV`sUkGAPKhod8fm-l>GM$f81M~tkZ>2IH(<>QK` zF+FF72s-?uYL(ZAWbTr6y>It@&%;M~f7axuOUVXtA9yE!MwWTlRUBj6%~V6oaS)`k zWGh#i&#Eb+3iP-k-UW*}*sYXDS2&rNW*|MDREQ2T8a1c)ocN~#Fo&tqM?9W%3SFlJ wz4jE3|MhA(vJGvG`A;*i|3}|_^y}_E75jt2tuR{Me}EtPcPi2)l4hU&9~30+ZvX%Q literal 0 HcmV?d00001 diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/alert-landing-view.png b/windows/security/threat-protection/microsoft-defender-atp/images/alert-landing-view.png new file mode 100644 index 0000000000000000000000000000000000000000..e925e50d7f9a19e4cfe3444c6e6e35bc11bada80 GIT binary patch literal 80610 zcmcG$2{hZ?_b;r~)}t++R`D1@TP-bBt(hQNEo!JSX3^FhVyIaRZ53@5)f#H1=EO{b z7*Z6iA;t(IRFz1Gn5P)7w$E?fb=Uh}@BiNQ-uJtfT3mefHV=vp>gcgNK@I zr}<7ZF)^_{(7I>D#B}lo6Vvhcf1NtIGx|2s}w~^*urZSuW<>Q(|%n|9t-6s^b^`f2pdF!`$5@Iaw$UM1dLU zRyB*XHb3W8sL~;;OW1P_ly__jgSYs_zF&alHRBeoFyc6Lm?{O_8@-ldqqFdE!7ex< z7-i;4UqG#W_Brsit+vV>T#hM-ygwT zOAk6(4$rFqy<)m_D+~`J9ZTT^{`8tuoUP^?r^r5isVs|jzh)m3$#S3oS6Gn73?b=T z`bxN!6E**EE?8Ty~~$hbh)f zw(R`D{p`GFwQ-r&V={``9T9Et~jK4{#c8b@R@Yfsl_n$Zjs6J z&e#>HeV^|Vd|0{jb9nQV;!})wOML$*upfkeflKQ8)>5kVb|bLC9u@&xs@;cz^@^e1$!sTY;WeL+0AujJI9VW~e8F0Ukpp1=Jv-+Sj~@l5TAmtz z1NYDL7dc!x{S(GZkHvaI*-Ye}m*$(f4ZkbuITY$ENeEcgy>_ zOsbw%?UHdO58S|m0nOvc)<#v#)35dt@L3!BRe?wgTy)wxt`H51@4Fl1m+oTgRWRa? zB0frps-d-~U{IPudKPBY1}mN`y8AVq5~&+M_@8g`bBL{P@>?<>4lYK}t~Yb8d*OXW z%e2p4%Ud(lcth9@I4q6bm6*#xu?X8KJw;hzwMj>c$3w0C@rs2k^3V~z+WB};fTZ_r zhRyc81ZI|Sb%0>=osW%P8}_#B8@}oh->$`LN47=Ik0bR-(OCmF!gH?1QUpi6{HoGB zj4Z;>G$+K@$?&Ly*@IW~u*`wdz%v=Hpni0bcls3Ep}51=ze#Y%cwLDd+hh=)0e>>Q zC_9c8J#Q>DQGKWTz&xDsGyNfESCX!ip$ zs-8A!zaUJ*J?6O%8~yfPV}ghLn19X5vzO3+%pDP$?s1>P5AML=>)bYD^+&44JlD#3X}}X zTe1XHg%nHC#AAmg58hqe_KGm^+zOGs21A*htWHwWS@CJ~PehN-R0XZ5P(vaChWvbv z&_|Haye?FA?3C{O&y2M`IZ8bKAT0rj)r*QIQ+T@f*M5}H$-)T^kl^|x7&^D;jL&6Fwp|Uf|6)()Q_26Z6iVfQpw_`3h6fhIS+5BNOe!iZeZipujVBzS zeRm}+T^iz&63|Ct+&gKR=9V2~Wb7-XVurQgEH3aEPwes0jI43C$X<8bIi=Se7&;rK zPWZ;|`E!ow&&{ksOmI4;^OnFp`BtB?PkGf++1Za*p zS7!#Z)$AMUiN3`Rx+oGTN{2!FB?iRFYEtYLn)_v(6Ao-+QrRQ@IM04m757H^Z}w4guOrn5@&}Bb8o)tsdqSw!V|-U1JnVeHhR*|wvH?iK?o6KM zpueJS6K&zz{Q+|Wew0w zV{d?7a0}2Mx&Lm2Yw)>#V_A5)3V^-SYL1=YOAeU5%a5iOH=EUG3}&51^}e*jp$wOO zeg?@AI=VxP7@oHL^8l6WFxR(jS*YR9nu{u^jbpxwq}W&FhHx2)+7D7`ftrh+J9hx? zp_$F(sgi}sfd=%2ACtcN8ZY{darnRSpj^dxDi| z)q~Ko(N*e0rA})k9>2^&%~&XRD2I$vrwEstEat;_)(zrfUw5DVvs7O3u_S49yML&8 z(ks@>OH#Ms^~)B|d(pVyOOD2ueww&PM#Ut&3-Y*ArnL1HzrCmTT&$DJMqxA4^Pk)y z9Nt%cGv=ip(ND9MnRlTHCiWN0wGdg@;6;ZF7qTivCS%C;-P7|)^H29S^h!|~N)GQr zRm(nDj*szYjy-5|f17Zg*swL&NU6h>=o z0;ca{l*v*Xd{qX-#rdx*B{(_22-;RtyG^dq?R^0xE!Zu2-Pf$wI|%oxk_tmEqZ@iSP}*3fC6aU4kX+4Vyv-gxwOeWfd;Ld;xGx!q5DEoT|{x-UNhq zSytKYP=g-|jo5pxPI1Hf-ZzJASP}kNLrUkLVh*Z(>+U^DY~HAqj?A zAsuwTm5MkKG!!vI3DQq6L0Oy+VkR~ZR-fX<3$p~Tm*o!+np_gx7OqY8{dUj>9bL4} z@DAm%@i&h1RNyqsfCZ_$5;U|`(LGAFtt$v4DT0k`ABDH@M3+tG@K?X#_ooRO>KUdV zTxr)DmM1(|v_F~_=(=`p41aIT7n7kGI@&7{dN_td)NFm<8e6U!WH)t|c*kk*4(Zx# z3xnQGAlZN!3$*35@j1~>r%lsBHFyzzvp17U?DfOiWW(U;C>Z=(C|!2g*UY3gM)$XA zd8jOV_J&T4A6VCUKFK^S&o<^vg5~bE&~B@rh|lsfHwmJ1LF&A4SU(au2kik{K+m)L zvLig7?D<_(7rK{hr7RF6Z*+ONr{m4ks)GP<3cr+UAC{xP{-7uNQJ3ng6Fy4CR0+j- zf=aBfBafan+7QX3KloW(N?5XJXVFH2@3!<{#}l>_$iJOptnwvXGY8)|4Eb(-zWK(= zSbi2p&ASbXP6%b|ZP1T?uZ?!~B;nW7O+U@T^aH^KGr=A9#Mi-GWijEq3e#z=oLWA8 zS1#ql^xENl3+ITTu5GSlD&7~F?mFkC$4_YJ0`Vp6T|E%G_+yuFiD-!GiH0u-5ceSi zX{TYtJSW(pA`Z0}r;}M7c6$rOKe|PAZRkA{s$E0lK(EhV55dpe{h|F^X79l>=acBV zwA_O&3GhIs6kt>62Z)I5XNj-f*N`!pQ5)P?^mc8O2Zs3?5V`x}Op;?}YD_a^Jhhu4 zkhQu~k;#Uin!KncJSvrH_cv+yD9~h{g>>dh(A!w@DedX@flnx<@rNOsZ$nqqo==Kb zvl6DInrefJPcwUTlx5=syDBqw1D*?ZNe6)h-cO^cEMVK2oTt*7i-+JevxGpSFIKK}O`5{veAoaB)O7iIfir&ouS!FV7)&VK*HvS5KkMDHV_-*QPU0}KUwknR9W|oOe zGKBG1!ZQbo1Siox+XGrEt~#t;7Hyve!6vDrB1AeIXY1oF=+xZ4^jO_yJNL1dwt^${`!L)mf_6r!#z$RIB5N5VQ(R?9ey`(`=steUR5{|@aS4V|$;W;5!fx`(QD$2Q?B@4iYZ&e@8^ zN1!E(#)%07_wDF0jS;|vtil~xw6$F7Sya}SH&!;!0K8wf_r*X8PqTM$zqc$#CJ=0VIyt8 zLhjw0k!4`GjA&SilH6KH<_IGClxl^x_<3F1mg^RnkTD(0_wrhbWEs{zZ_A_Q#hAZ? zSw9QBc#c!+rg=FR$Gtueh~_;ST2nO52fGOG;(L5OLx!~zi# zeSnm_;~iP!)~XC!n_9HFbL67O^toJ}s7=H^8aLm6t`gSa(p5v0x?znNRE!+6L;VLBnnh`Sou!z@ z_=6hyCcga1)RTkWhtzY<%rfG&nzG|xf8$c$zl?l;)#gXAa}fJy3~cO{<^@>ORZFt` z=NOah=Cm|l@P_)T*c&Ix63?oy%^)848^L`8{F!yyQ|qL(<9Nm304-?aV#)6Z zUUWE-#ALwifYc0<{9a!dSFqRO0hcwd<)EB%>H33;U5Pouyr7AJ--fN(@>l-sIEaW} z_g)9K5NL6YCUD8--&Mb#@JVm%Xtc7OUVU|Eu!F-o)f&;?3*A!fk%Xm^}BgU;f`~Q|8G@`&{cS0 ze6tPlYoW2(hLF7R$#w_7H@SB7=q<&CK#iR8^vwN}e6uC+VQOx}L#EG_|4OGQ$6I#! zdFRHcFwUt}Z+DV>GF2+Ca2I6xsm<>VV$lYk z=`N@<%Q2?de`n&E<%ofWdL**p?s$c?eH6gdc|)CVV&*c+!#}=EVD;T;kX&20$*ro= zQ{=Rzd_FfsVxQdX4GzSWLsejt^bJunta&X#_orA243XXU*7ow+qt{6>3%T7SC^eZ< zh@JR(gN@0+_Fn~nPPyp$My|~??L$oJ{5KRf`rzv1$p-E6vTuZnj=qJmb7wXt&Gd%X zo`alm8;*$PRO4-yrXb^_A%M}hsHvfkw&nf>VcPyqO-LttsMbkFuTP?4Q7enL>_U^! zJXunqJLoay=|iQDK6oD{HPXKruYkkVpy}ka;dL~N&z6IPuVuBjF9{}JJezrPd>K8w zTr=b|{>>2+sU*=xQEm5ea{2zUxofvz$fE#TSuXAN;Vz@6&OW1LsCkE(6spM~TdB^( zM2Y)@4;wHx=}ESBU>NS2Og%zji^H&G z)LZt&0K>#1FMi33H0jvXVH*;!wEj=AgNN}Y0VXQv9{^g7woA=MOIQ_sGTuda5JZfs zN0hcMT=%}$43PylGiOatq1L{PHb7tQPHjcv{*keX1MN0K;KA8X=rz?!u|TlG|#i^e(a z(ls?dIcrtEwat1^BMK+`TR!vzXsWMa=6@T@BRNne(%iHdliTY352SzZjJX#wg? z65?lDxKh!Ok4ANYp8`{M^S`k9aDRiP-;@MqW7A3ox~ZcS?3HO+5~yA4l=kW zYAH2!KiKwI5qmR`DUbPR%0I8ficSCO>(TY!+r=Zx``Ifhd5KBEa(jvC9s3|9A84k$ zUPeO*LF&oY#FI=~PDg!=1^#;B{?$hKqeqI4>sm+Od|o+9Y#jai=w+bQpXHg)yN6eg z(jN+Z&Tao~zTlYridBn8JV(>N1` zA51uFEdE*vf~ogy7T67b{#JLn(o3CzgX1xL7TNYmO67OLwLvIFJw1n*$zsK()KS&n z&v>?e=aGeN%Eex`gY${cr1NKbwzY~e<4;=E*v7$6legt$QqsoP}K_hmTYhrr3+(MKCp1q7kY^v*+Wrv`t=v51T#dF~_;y zzGZ!Sd4)$?W zUS;_te$ZB6xPsE=JDtKtQ!AcM0rk^{JO*2Am5aBGZhQl$O_`x~N&Y4RGj!x)8Q=Wg zwXSacXpln6`MEhk9ZW)C^^4FDip?JswUB+-#8mnHl1bg{$*9%axCnhx9dz;ul zcGIpiXtt!=dlRT5uYin6K!^=Q?%koj&u|U`S~SUAdwQ1U^q}$4qbYZ;*~trv9AovV zqXT{o>9gD9&o7nlH=qa$I=v63`rAPmOP<3h8i#YLFKXAZot5oi22N$<(u*k%(4Y+3 zc%B|92sv{d4Vq7QNF~8?JfGM-rN#G1Ra@3clwwtr)2fu&t zy3}Q2XbHBw$NxF2R5Db(XUip#@y}i}z`|fUvN8r*6Z*N`&8 zKX;hZ%2?Vch`WLP3`D#8?tJ$`3x)Cb`gQJPkc$;;8(pP>Y(lkwrZ$b=pmPC-f0S2^ zVs*8Vw1L@2PbY@%qN|5So-x!E?Tcw^A6bBFpB*~D$X)MH_bV6sMf6gXjB;Nre6{^M z^eF4L>N58C;W5SC=hCX=>Dzl3DV`&MVDpl%W0`{WmX3^`y)(3MCx^~Y=xvz!&2M@p zfa-iHpc3OkVMtH^r+AE%k8#A`)t{tjlMb=DhfFX8z}?6>Yxw77@=5?n!(*&{fvc+< zYZp(djtoByW1{f@uanFONVQf)_EBrrSO4hF!)68UDKjpeg%mm` zNJhE^%moh49dSUbh&(I#J|AM6LO=eYw=;>a%tuJi;7E`XsUQ~`WqnuF zGij~2_uD|2^33YR3J?RXUdssiEAlf}U5m@|UO!w z;mlXrtLwTHRbz=Uc(y>@Xwp3^w{bad!8*tpRSivTWIcGZsuRjceX!J42D*t5v+aBk zq*!rd%_nWfw7%CLc_}r@40Lu)``DN--P}W`c5J16XY*2xab8#18t(^Km=r~jn`pyPe$LJ7Nf8hf^hZ6+?SPKmMi96$<1ePW|*~m6t7nJVHq5#o{FXiuMR^T zv`?fRi+9DRiOB869W=ke-Y6#|wr(X_nEn)8>5Qr&vgz`Ss)?CnnTh6pxWBhm&g>j&|#`qod1idz?Il2kZpvgY~4-ZZ(hN9#YzaqxCIh1Q7BP<@0Ati zror)o2jyvt;rV7KZ=w-acVU)r4tohpB1@w#%1>xqk8;Of?W2|U*PFo2lP9JJlUu|Z zxVF39KaId9j)CX%dblBG-Maiw>MlK+?fkTvB9?NAEtc&{$WmMN+M_J2sz8AQdj>MO z0oI@BrERMr-TCB0fil2jY%YR7MJ!m!HUhRcV>!0osYq7Pmm;@dPuaQxjIRnjaKVE^ zKoCT-DtiBp5H>Gg$hQ1usau$DgwE%b^I?-ar;|*Tk94zz`i*9%J+gC^6Nt%A;#?-+ zOHkEG_5vh2vINJaj?3GuB<4?sDzp;0#E&GWRk!XPz`MdcS+W58Xf9)6h9LrsV^p4h z54{KW^;fOD8aVUXUpX}$aM+_!dghm6B0OKPB%PZ!Qab1?^;^XLb=gQepDOmY_!do8 zi6eM=@OtPse*Nth$-l=_qPkvOK`NV??b#VJCZ6Tr<=T7%cgEeZ6|lMdH9^Z)y<1H1 zYqdr>;fqZ{lWLg7^R*-rIAupCaZIu5r*@(K;45KGvHjsWnM7#H}y}5{EP`+aChY*e# z8#rJ7b1fo64!m;^ExN}ec|x0Vq80Io(&-6&0-HSsbn70Nu4U!jQT0|;m#dqB+QLF?We4&}Jx`w? z@S>xgH>@s8SHeRuRel zAyPRqWW}e0>!Q3c0tuJ6pf4z_K#GVS`*yr%o0asK=? zMcX$=LuVLW8%LRXQavOi^tLHarejpQ)X>?G2Ox8wIHk-dQI}vJ&%Y_Sms1RR*dK`) z9`|Qq8deJotf#$~k}?XY7Gh%BxHo<>DQ<6`8_+1G^E#6uu2l4%M}LTh<$ow^%2Z~@ zYu;R2mvtKVjX(m3AAa~Y{UZhAV5KinPq7A`Pz$;Di1i}iR{$UD@4{nFtqxZT81)lH zPP-_@80j#T*zuS*Bk$Lz4ZEz|%J6;lJ@VGOtj(_;GidBKs18pg6Ndj)r813mfP{OnD6=DnSkh6`!85oqIv38PV-sgbRxY*R1EKq%F zlAKzoOzz>mX6Z0QeBOl8T}W;82)^TmhPK~W0WIh7R{nf>SPT>iq`>LW$ER> zWOu`QK!R#2vTu|^9qaI!bDsDv;G`u6RRTc^nj!v0uhrpxQ2cvVz5&;druQRW1BMUB za+LZeUcz>rC*z1g;l{&zo&M0EINhQA^xNu*-bwNkzD3sb#;Ut(VRE|3d(_dSW|ed2 z{=j&MUXy4+rOo_ZL(DCW+~`h9J62#IK7?PUNt5bjr$^S@z>^o)@u>UKQbbDXr6HNa z+APy+DrteVyG>1f^+JcM>5)$IRqDn*P?i|DOKq&cSRtDn+i?;?3!c=DgIDi24;mb*8QfR>g~JBwlNPkSMM$;9`4m; z^`=5Kd5vpNbOHvv_Xnk4&0?5iJ^sY(&!E8day8!Cf|M?|#2imuAE0 zL)YpbV}Wu6Pszv4bL6Sen47mHN4yH9yHg78T5+KeJ36&x{WX_t7UdL#hR~m+4-vIb z#Kp|k>JqTIVB^T*Zhxzz27E#v^01|W)4(|#*VnsF_j<;v=VfSBXFg8d+yinEUzKdi z0gR^m_5#!Oqt69VIDulZ!(|Px5IC2UhrycS=?g`u20iiuBCE6?cvv&@Y1CCF_-*rY?d$q^>)CNB|CeP|okhM;j}sfO6kxV=9o`d1P7}5=lYI(9F7?)c#$W%?UP-;3 zzE(e5JPO|vi!rYn%9tc3>BzLCjaOpEQu9cyCFE>vBd<5IFJj3D5%+fQ(% zaw)d$QTSy(ifomkY0c<)Y}a~VXz1&VIlkV^K(Ku#w_oNn3FFIz4X{o?jQ(Kk@TV>H zFq93Gf&crRn?D$*)qIyp$1Vbbk64P+`bwkw3+cjh1A~Y55a9mT$PhpKlZ@CKSUD+J z7FP>vZl@mU35(EJi2Y9X-1PK7ma1k_*t{NU=iu`)BUvc$=A?2jL&!pKwLtz8dCV<} zFH30bb~QPEt|gFJD2#Z%?~oGDw&nLKRdjb~PpdBln2y>;cv;`=j$8K-2c*+p31kEqH7vb_rVqXDo`Jx7 zSyXtugT)&(GQ3qp1Ijpc7p&8a>2yvChpj%o-bpM?bO#or$~_dPi&Yr3T~T7yo=&}e zSMsPybHCwEh`b^3Ji{vvycco=B*N@59~qYw%Id=!YjtCE%ZqWD3aZwjdHMn7i=8{{ zL2LEG>TUbIcCo#&!b8=}L*sODlbAmU{4;3x-Zup{jth2YN*j%BENl9A_6uFWUcKEr zfFOtX4hhs%Y*nXg+p+R-I+1F-xXcnEVnrw5WWwR*!;O+V zj92;kY~W-T@ua%9*YG-aa41zA40~`n%4B=N%kr^&1?>yl?z)b*wJM>I-dIFIS#n|G zrQA~sd8Wn+`$)bDSI3A~Vg z^B2rk&r9mT%Vy@WB)Qk zF47zJa62&j#FSzDI9kKvmd((In=L7evUZEZZ$r&oLb&NcGh5f11K)X&un%K?Z)h9%ifM-FcY=4An|Hl~8-)5%P&fbq{xcp8~k%LB8mc2u$QL#yW zt8Ee?r#PEWSJ0_W%`6*&#p37Rt_`o1tx!27nXdH?_a|=#K5tECtp8|=zx8RorB#a< z|n>@y=cR$wi+)A=fb(6QEV1*0;4$*?zij{ zpyOSwP*c)PGfJ7(yzj0{Au_%}FDAjuT|Xw;m6eR=01?I*B7{>JRZ6EU8jq;`s z+_u_8zP7QcbWwje?Pcgrair~|sLsTri8{ErVtw&1-zB1A8j8O5b-!xQ$o~vd5~#^s z1*^>*de{I7sktv%T1^^bPTtN-FY@h%5c&Hw>CV-* zpSmm--m*j@XuRmHw`e}9n~p+qkWXQ?EPlY6?E9Ax7uP{ahLj#W%-ePlm{`Lwx0wx- zfq6lGpk@NbDN0T4JAAjqt7hrJ&Nz43T9=u#Y+LFzbNi^h_?$P*FT~;(ea%STK?IYS zg`axK1I1X4y)QJMK*nN#f8iY5#;DReWEaM(lvQr4*cSWFl;%|s=M77Dk{1?+7Zprq z&1?ur6uY^W2pY@!8WiwcIkbwDdgvP^k}x4Vvp0dccK*r~%3w{y&%hg0>bI19Ae=ij zoPj}8y&J-;bv7orB~@=s)mt27agA^Gy$aE*g8~V9ElwmE@R}%*g!Y9R$%a=?kz#z)NISjRN z2p{xStQ{V4KWpvD1G5X*iN@z(a!8gUc{bt&u_J)ez3TR#E1exm6`%h1Qa zh9)&{yq}B1Xp`k(rH{p3>Ft8~;wsaVAmjid1i6K#Y*d?H|QBxzZq? z(4SYYmX1>zP0>J?2S?mkmBPXh6@$UG1*1lzk9gCS@$KDW7XfEq1rX(;Vxp_a_G+Ha zc&3oTBuaGc&B3a0cZRE<0?|hcD7QNRvtpY!ov9m)FLrh3gEpK&{oo=8O@WKR=nGD3 za5(jSZl!l;WzCrzhk?u4o1xpys-x9uar+-<9>@NUeDl&W#Lcd)OA_rI?6(MwSJzrE zJuf~DFY21(+j5z*b#qG4fC5()X>u@A9B)}B&%G|Ih$QRWb6%5}hCs8P3L6iW$qC}8 zuEEFW(l-1WH}~Fi4>peuMhHcu=Ud{+Ofnu{QMg%%#xFbhH_+5^4W)&+GeSx4xNYR` zMnh{z%^8*lpHG*cuwL^DS{WjZ@2#Fv+4^c?!znpa+#$CSXrI%uGX!fgZgT=d9#5I= zFO(IKYtD}iq1s9v1M~ApZR#tla672c0EqT&H)k`E^S!$>+8wyR8dXmViKm! z;`~Z1G1fp*Dhao)Q|KDxkbg@rEm4?EX$LjsvT+K3>(mjtukE~}EtFDt-(yT{CTnr{ z6GQZC`Nv{+SR3ARMoHY5)_RAilX}Z9_4L*#K$@}9B_pw$OW-G1kSXsynX0sg=(hRq z!mL%tKJjw&oH2Wj&t^yeblQlEb`g5IEi6f;`O7&62Q*0**T^9vlOt<{8<*6lm&^Ag zoUoxO3g)^lX;Ni_!=jxL$bENSp!Lv!xvyK|ps(4GwrIw^I20Ttln&K_Dc+F6FfMNGwrmNwTR(kZaZF|rA&3U~Zf zQPRPx9Ew{@Z|Yw|5^A*jQjFd{_-2Abg}!alP7B*N+Gb=sVbk+;Vl{SX(PD35iJu0p zQYqMAr&;gRgT_*y%#gyMQ`!fY6_4iNylF@0Z^^$a)3&w9JEzh|pxD;JeuU5#pd?p~ zZ3j-MDg-d`T}=HKn>1`F6^LK*k&ctzXQLP0Pk;X~zfXUtrVxGaMWT8Z!lzG_C_F2} zA!>N;$g5avD1;LSYce8FPIgT=ErY=)E*wQ52bpN1#juBHk0SgP%xGr0WUwy~P)&i5b?i`R_|1JszWPL=ZO*tgrN^NoP=La7nyTo^l{%u zWu%x3&rT={9}quhxCS2VuUN_J?PNZ$*J*|-EuuA<5vt*%HzK=EE^|d$CR8Hl&-acd8cP~rx zI{h?Jzly8!u88>YNydA*!>2_m2e?oY$~q$M1mwj9(>B=C%`j@u!DKTKy%$_p;I1uT zQ4ma0G{!F;aZ17Zy;fwmJ^`mg$yhhNxpqIR7t_AT1IvTL-sf_v8FoR$yEJoYNb(h^ zm25k_!02dSN98^34dAm;hVUQMsCUza5b2)$s1&Lv&9j%EYd>kZr==TZx8k``GsTjk z(m`pz^Uck>!m`fE8GB($ZStC?acyH!@&00#VR7MQo@*T{(TlPlOa!7ZokB20JtPU9kXm32?$Z)p^rps z=G)U(;?5`GP0Kcn3td7|Xt2TioUu>L|0L<3`8Ysc%G}{}Gr!J;?-$}UHRbsa!^i+2 zRN60F5Mr}+UrW5zLzaHayKZ;5qr3c}!G?5&48ELUotssc72HHVD<+v`4A$pW1mW=~tw_s**TTG! zJ`dmy^8%!K{RZl>3|V@_vdjZTNdnGw#5ZXU>pX`uAh1TuG}-{!Y`>qyUMjd;$12{b z!?Cj_QD<)DvHAi`h}EnyY9o2+XneiN`KJRLrfKYayWMQ#^$KG=!I$E9k2X)b=6LhW zIkrt5$yi&7kmdL;-&mz}NT~$<{`B0ll24{`Ms$&k^_%yrzE)UeHV_eajHT`fZU z!w+4x?_+ed-kWVOa$OgLxF^as{m%Xw*0XW5!{gnD$~v?&p`2J!=UUmwG6$Oa8Ybkj z4TkJ=>urp|^M_z{*me8Gd2#k1!3+FVZZ{6#mB``m?)M1yetqgOuHFE<&&**k7#V3$x!i|<80{Ltjkj9 zJpQ>-?GILZ1YHm{fsP#@)?xAbhxdtn#mmA(0Q!FPuFes#V#hG#SnKKk(ULBr*@To=A6c=#rShNd1h!ifGA!0KmJB zQ#xF`A1G;v^yprFCQ-yG9FIrozSlyyN&}3CX}Gl73Wc^=SqV9rjX~^&9($Hs+SoYZ z_kfp|7mak^#y4}i(3IUpq+_gTMCFuIqHODjTVaQ_1VdiqAP>iaO%t2~Qu46e#%Ne&5qhOn2ClsGo(S*6=!|ColbsS=+KkNBIETP?gifD6nDD+X5uel1Z0VUggo+9>Qu2Hw_x5_Bg* zzqEfnOCO(szF=pt*5e0J2>fEYvk7v4^s%_d)$IC(ja5M`M(Qm)=aE;jHpC`AQ|#&1 zbc>*}6w4|dwNRfpIPAWkxW;L07#ww)K=TaUG<3Xp<&@`>%m1=MUtPb>n*co==+7aV z=*@%FEN{zLQ*U>*E2gFv0W@UI=KS@F=CA@CmA>((N@_@zxGoc*o8?ryY>e>1q ztUlV-NNPae)@bNzYBA=fAYzuVIUt*Cdc%f7$zBnNenU-qt^`dPF0eQzCsn59`7EE=_|IWUFoV1dvV&e(&urMyDbnZJ-QdTZI+RSOg?69k~?Uy1R`i%>m)dc`VmWEbAdW1J|i_fyFpZfHofET1@ z(r2f3NXIPgx9Zo6DdQ_2(u*8^0S6mq^$^Je?OaTlj??I+l|X#HFur|iAev>d2=T>4 z7Hg+o512M1oq)P~ZOldy^^!9hIt{~rZa`Jmd{#s9FfjRa!j8jbr*T_eV6cRb5 zfO>SEg*x@nzawe)7X_bMsy+_?eg(CsPvlQ#-BTST_4fT`!gH9qlo@ZmyyfVXjo8W7 zu*5EXDB793K@ufB>Wl;Gc}Q-w88|iR3l8suFV;oj`tL6ZK+FRJSFQ))Z*Jk;ZK2Pm zA{|SZ!w8d$)r(TNLCI9X!S|ldNB_QndbgLkyEIzndxPA%H*;I-PejDw-g~WvcP&)H z^XUjutaGq79tm{bix0uf?Qk2y^hAvK#&c9*QZU<^9=VVj;h%@Oj)|v&hujy;T|z7F z&9$qetovLB5-8)9Pn^@2fBB>ev4HJ{5rA{vEc5ZOxx}02fFUi3w9x#fLs$6B z&XgponL-#I{2#=R?`=49?^wwtGYO&~RN&}aij?WAf!GTY++v5;`(5F5 z4}vBVE{xfUSdimR>>`#`Y0q{E@gLNRX9fxRFZv0K9-_2_>b;xxLUB>*sx;wKI**vP zEAL==okF#Ad(1kku#Gpm@8Im3qZ6gO-Aa1&4l0s?B~|dBi@TeuYx+1w?RZZDDz~1y zGd}r|ltSTVX1r}V_g+L|R39&iMJtbKhpr0IQit(WZOxmNXga*GdoUccbrB@Hc|LaN z67Z+d^8s-#y8aXN4^N*`Fe@~AT8q+Re8tU;@3ql5^wxN#lwsiJ+H5#@?|F3flXv{u zb_hR%&U*2Mqx0w==xG^M)OYk1)^$7x+w|b+(rs|_vB%>$Y!C31y_^j+NZV&LyFKgg z|16~TsJ_d$Lu1gnz+_Od-|?Z$EcHQQlrUmh=zDpt*zrN{1#ZEGBHE%6Vb3y?*L8YL zbVXu@o10k4DwThs|9-2!I!KQ zxI9a#l4AEebLu5}VEQfJm7nRWU7Igucaq4wIFC?;q(ANKy5SgP^IT7xz>7E#!KS|{~?z79WpHcg$O+ijL5eM}fBX5`kG;v@f z7e?I$*o+8{3@*f;nELG3a7P3DEfJ9#GaV(RH-s~%rg!f@WeGVi*n5)P{3J151bFZo zPg!Vy1bx~|InL$hS3C7TvC=8RA`NiDK-gsP%bTZpCL}Hx5DpC$Q!BGqgRCt$k3PdV zEOz|s4Sr%2CubUZ4bW=z--(%wH;!-YW$yOg-gwYy-rzG<@*i{WHuxzIB}P zkJ+Eh6gUYv0{qm-D74cn(^}?S{7D>q5xBu=09Jq4b~~fI(=9)0=Z&P@^fUM;dH?vYqXBC%rGczDmJP{wXH}~}?*3jA40AsB zZ2-b_rBwqDOq?_lr;c*60U-zSP~DTer}MbJ0$bC z0l*FX(udQqS_k(85F=sLS<=?}M|CX#ZTe)UFUYpQ8>uhTpj$2W$mf~;j( zJXFW#A};Br6ug91x^f6dD=a4@1{y0t4?S#HNIoUO@P+3GH4;;m-N4snKK1eMnv)vJ zwsxztP2o)EU;B^lWage1uzlYr#%s-2naKe-Q~jwWf3{1p6f$6qhjum4uM~cF^WWDL zD~qb2naC79TahN*E}u5jrfEOiP_rD8Ft-#ZQ_Sh4s;w&BS!x(=Vm;nq4_L*#<>1uI z3tze8xYQY@e!i!>ayIhaI?{mx?zf^?AwC)u*bx1*kU5b<1uiIZ;v7@&Rvs5i0g-5M znw+py)T$TKbjLY{1(8)>avl+?j2KalXJnZNXObz0{7W12z@==~cGXeaP8T&>&|@;* zx3o@KN*>IIS>yq@K?K+Koif2=|3L9vg~-UYe4LG3X3Lc1S@H{wqt@iOCVk&-HBzI0 zc6urlxgQQ!7g3M85WwXfGg)q{*a0oxt}qGrZQvnxqVA_y+!4J~{{XxA-A}`AP$HnC z?Ryeyy?wNk3o^f8vH`JGQGB;0rK6_28V`(@p!j8ZCvw|jxp$xcFIex zuX4~1?CcihkERw*M^5%I^e8?DwnCSopI>&acIhwuE6mLK2f#wKE6H6FB-;}%=0eh4 zRb)^}#uD~7{VVi6BYlj+g`2d4M4WT-mGIdT87kq)C>@e+u3|W=UGGJEFeE|CfSPW* z_0wZxnvKUZY7#u^#Rt%dx6NGw(-H-yUBEJtqDP68;kI@Eme7jJgvDn zl2)@k&z4?-;LtTqC;C}d2{G6e6(y75xH^&h%ue7vWN$UkjR;ADe zz(mazb$ZL{CEEXi7USYR(OvBWCRF<1e^3{jv!#Uod}u|j6uUBm&IruDDi zTw2ffaX&oWGqxXRTw`ApkdR&ypP!Kx<4rpEQbwz{$!F)qLY~{}omGQ9dwRQhd65yO zV?RUsMgZ`U^W9p?du9uS-oSYBJa>Ov4oHj7!}~cj4>amD?TaY9so5r&y$71zUhP7b zd#x-Pi`nkRkpAHL{eHWQl|tSJXxJ-0|5`QY@mxTYtJ8b7OP}>%)d4zM`7ql?YGl-; zBF?{y19Fc-Cp0#A-#xvdKk28E*+o3AnA6VU`;xy>amjMr$3lT5f}k%flz`-0o6A?u z-xFTT%{!{F_pGzeii($aDdDWGEfkj7bC(k(n?Vg-v@{R!Y<1){i$&tO>xV8x-u;!1 zslIS2xCxT$u3~n5|6@@K>)J%!h%$pn*mk13n9ezhv}8Rs-{NP9RL?(_X6$7QRv zK#?ud6k&uu-(Sz3TOegC8A)*WMTP=^>k^j}&jr`W`0?7w2>hYtp8iz)M^1T(WXw2C;DAH#{+>CN|3Q3x(dvTZCW#u1@BT!cm@Qs0Q=a# zWe+ie8NwYmCDJTuz$tQ#lS$-A|8;c1b9ur>ftK8ukVFd7dOU|uF4dX}VN};HTfd4> zz5CTPsD)%%Q#Y_8xa@bX-M5P)RfK5{3jO+MZFW*Mo~7ZCsV2V}&_RA}Lsq11ZeOW8 zCc3__m49Dwm|7SPb9tCWsox|K;`=bTn{x~3S$^ajbH|K^QdE<#M%}&2L(2@ik*~~E zl6scG_bxW%*-AF9sRyEerwIksMg1rG$E>oJ;LEiG&zjI)jdw_!4u+Pm-k0#NR^Ky? zn-Jt(YR-C5afQD(#k1!ov|IDG^Nyi&J+)nElB70tta;NM6T|$fVOXN<;9OL5N3fLQ z520SaE4Gl%q31a6i5$LnIgg3;n0ub4h?an6z3e&tymAcWNQ59Pr%^1%HfpJK7C)N% z`pKYy%xoB`%72{?-JM6ZV4a>Nrb@rEJ#V2)Xhcp`I(+kimQ!kPj!5%t>X z%=d9S5$2g{p2c=>tQkm41>)nplcKB^&E3ryEet49{Fm#g(@5pFue#{N(#}*Qtq{th(WbT3*5UK`i-C9T0%ud%!TqtLMaiiJ_A3)m~th~rp`UtTyPvVX?4r(qhb2H^vAjQksn#Y z%P(G)tvG%fTh*EKn8@k7S6cG}mAjmnu(BE+mxc@-{}>+ll1J3GmhoVRy}^ID1n=af zTREpce>2V3T(Q`9fiaDoR=Oe!(mUQcUW!TMTI|u(9AJiz6^rg=EYTnLzJKu%+31d* z^j^3KrR+#eJhsO*w^_APlAwn-p@QQa_|2upGvRKn%?f=6xpy2*Yxp2zlM*9*8_+pZ zkky%y>0G=_;jPP~(W)h4YkqU*s(V2hk5(l0FIfaJ2oE|P_o?`1X!ziB0{2#KkoATR zW8Z%nNeLrKJPLGleZGwt9e(k8WngUnG0*cYFf79aoW7QQ3rW7Y-2h9Z_Ixj7?iWf; zPbu7|LqD_~zn`ABeCI_Xn%;e$;tcwuo&EQwaK%ex*+ngQY`NB&D|mvz(%=p9l@C@P zukd1us3PHbEcV>)rh1`TkFmhuUMY0qW4C?HAaZ`i*%uJMhEXMB-K*kPq@`E%%#05_ z8v=IVi%Rk}dm{$>_^HM`u_LLg`ZCGs2rlcR(qSeky^*!!Iu0*E$AQ@EF>$qbm_2)OoS%mvj?(RF~2@O2mcdUtR*M=F0=kmU zKyy#DAy38 zHRJndMy`4z&#{HGPQsxb2y+lQdB)Is$fymva3JUA6emGHPQv+yRM(v@vms*$&9yzu3VYm@qB5(Bq=_mf4{g)R<{kSXBjTvU^Mau6N)HR(qu#7iEhld#0(*~ z%ZLqe!Zmq~1CvvSkpZyXOG0bANyJ2`)(TcZ%5xt*iD&;q02&=2I^PuAKoCjJ%k%l6 z+)?v1X`THc$5f(~^TRYQ-}hHMwKLg_^assM*-Xd!?Ix?M`CTzbr6ZK3^*1c?XLJIW1^QM4ty!C{#t8Q1~b#{%@3*{^zIAM#1priQUZ>4KQ7wo z(tThMuDQZ4j4g$0^Bjun8pH*Byw29BGkfg$a4oo1wXm1oWckQBVP)r_RD6>tDN~xs z5fvP~aBX?_E4$ha^QU$ZQQhmE54ytI2jwQ6*y4{wi}qRHJG>i_&(*m07P%_p-fK`c zj+TP2CzrUWBMfb}4jFG?>dSS|ldI+DfoIAS8fd(O)?>3OotYMe_KrMfN`mpWt~}nk z3i?AZis}Rd0tTWm)L0;o|ApRYbgrm958q{Q8y2ouW=9$Dy{`IvLfc2J4EN;ey3mY7 ztlThipL3KrZGu1&UI>khl+`*l?&%#u_h|U|eP-tt>U)fUyy0&Sa=o`BH}w?5WX{M$qE+H86)}gp!kHB@%}mL_ zY8K=(^Tp@p@1GB^VJt*nN)aSF<#^)i&&xGC97jv`ll6*CD_xUp*t6DJS~A1HUj*0( z3kS-cvc<YX#UwXAIP??OsRo@ zHP?aG;1zgY<-X1G{92z6*GshGuYWuBOf)5yf=rbpRhV3Pw zSBKsI5I8+lJ1bl^QGOT+z&a=63v_-AO`22>mpMEZC(P(L%FcNRHBy?e+uiU=MgV}! z{B1A8n{~W4g$0U}OHrWwk@KXC@i zU+rqO7%kZ;rz; zvD~#}cMi1vCz|(v0@(f6f-FGs7XB}QU2Y@??zjL(XmX}3XZUli0U8is7^jX6z_1a$ z^xnO<+uGWQy?W1WZR_OOq?}fdiUj_%fyN(#gYW+ZapWxlAU~e6_a|Q6F7?@}cTbK7 zfKgTdjZ4&G@_F#mFCbR7o?Euj!$<9tv@$Sr1Y-4F^PQewOT~GnYj=PTKw_s~eEj#P zk#K#{RDF;1!D*3{SbxPOZ2Lt9+xE0rDRS!r=+_iaDO~tN5a}2hZz^SMVoW=n+Mk=e z=T#oY1vkvi<{F;XHxXY(^QQ7GtNs&26qtzj`VSDX@h#vtL|Ct8MWMUtwm;1(UAe3F zUf=Sk$DsM zx3Hbra!#l{4Dz1xw<4pyuvXq+lYhwGdvH7`oLSbK1>He6bzUFq1uh{+FS zpGe{>#nPZ*`)8|PfC=0sN*ve#vUc`Ni<^wb0L1b24>@<8_&aRlmcVaMQ^gm`Y$15e zhRtdwC}rvV!Xx>|;%C|Te49B~#jfF&+ztj=%nzz;@V>|ZFQatx!rA2+Yb5in*o6Ga zp4FFS401^ch1}VPyLXytuX#c++r@-a7ThG@(AONHGj^(hoLp0y zH9bBLf|?wuiT%k3Arb=c;+}CG^-zDf8%e#aR7+xMitLDR*DjdMR2%)>wSlO!D;b^QFW43zifL}8t@RfeBW2HrR5?6p2{O81j0273fEL2ab&WvabfIqBgtna z-X4xHc>~ke1>Ld^ebDvPaO~X)kfs;We22ToN)SG3;IAN9!uB}o z7IkXI>uMr-Rxc664$~v>!l?F-6@+rPx;MDJt+YP(^}wVqkF{Obdss#SdfoaE{F^j>Oki=psCN*yvH@mwz5Q$nyadB zR?4|vGG$L}-+QPUr1a$tqN5uKV_YW6GOgz~Q=lu~Qc&VCKVizXPZtGosN(?Cy^gWc zeCJQv_QF2uBA4VwI0ow7J>xK5Dy8)nC7WamY>=2LwxN;?OVK}@-d758#`Z|bnuUNr zH$;baUD?A{_o%u5h%q47CHE4 zB}rvb2u~!XL4zDuq~kIDrjB**Y|**Ap!qo*KhYeurn&&2+IQ2(`rH}6w(Ku)axAMP0G2)v8-_kh&BoQ zO0}xjj$y-uV^E1WHUl@O`fg!d>W!54TJ7GzpJMgJC8i^fL=5(J)|N4|C~$2z#ui~2 z^4vVuYCK*1zC}qzg*)Ev8Ln^(q3b(Hd&${Xyi`bi&?(obaVkC6K&US3Ax`()!d)k+ zOi2H8UqKvXUB>p4cVX|JjCpheW#&f9azj+5nCir8ImVuotM>QZ!d&6{4`rKPo=>-h zIvuu!7D!?Zf369UKnu&Jo(Doc^PeEBb|IX%DH66J0M~LT{$F1DX$o`=h{p!^at0#s zaT`baX`nf~HI14304O=4;b*|n2rfZA>Vfuld84zUI1F9`aRK(1HvZ22r+__9z$eeG zA)-$M^K9buhT+;t!E~VIANZ)(PkfY5I6}7}@50!a`F7gZaJD-671iJR_d5;-c+tQ) zdZl7$U1=goS%}Ew=Qzkbe$W-cy8hOi?B^+0HRrnRI1^rYtp0S5QRphA{z3Nmm}Mbl zy)6`NJ2S>gKF~lM>74pVO~*An6T^zIbf64}=E(Rl^~=3CmgDDpSC^oNB@t1RoKAY4rIj-%C=Zvx-sC8LI? znJZYgp#q`BHGaLMsUa&j@*uy2a}-af0B}0|by7Uhn$f4UXimKT&9L64fja@#G~jt; z1OM(=F4}F94U?)&54^+){TPk83xu)K%@NLlZn$}gz|meAr(dyYuJ6v`phg?!GPF(4 z``%X(PdmUgeuBAEi}i$VfA_D$vJs*EdE}nYj3cPo_30qV*w?$Hgc8W{)W3XzNzP?N zb4#uUu}j_#($-w=JzfYWArhyuY*i&!0@*;|t0ISrp!CE7`+!}4+f=dRIVs4%zJmIG z4M(yR;++ZY;RIL2z^f_w!s}1SAFz3``3ud}=gW?5ham)>N2nh1yU7g`_Vc0a3$NZ1C3vS z1acVR+r+sq0{TLZBv0zhA_H=_x#0s`>7UG}4CS;(1TVaS;7PBc%AubL)Z3Ix}FP&rR~7;59^6-x9Ch>^Uv$#`fr$KLQAv#|GU z!F0Q6$JO5zKkJkIJcg6F&Mfx<1h$_=H5o0TpB+rm$xRpeP8y8Zw@KPIZOT9l%u9&o z$Mm2;QG<(9#HIIei+8?h$VvL6$M2k_T9qN??t+u-s<|$wpw0f;lZZ~mE(OEA6qW|; z<}H01sXqkmv$Vy`Cdiy}wafb6=U6JCI0UbU^VGYc`X`9MlRQ(wY%kA;yn>`>F6pP+|FYJfzX8yc}JbjOd}K zKt}0v={;8~W}C88cy_>bm8?kD!L`LV_iHg_sD1lFQg)6O2_}i9l~4J|HXfj>(d7U7 ztH!6Uq*hM_`-CSWCHDEtGXYbs!^awCt}D09{HGtw)p1wsyj2}$nr%jEzG%TT?zaUu z?myA3w2-o&Xg=#RliL$`h`vATnE2d8JGAqA#fHdk9LuaR%IU(1UtF18~MP6Zhj&+ZXYStXi zy!`V0bv*P>eb(Pdj&%e$;pWaI^@9;n$wv!gnByAdgqH_fa8ws8`Pvr9Kb7k& z*9ez7(`xg=3>Wp36S2_2th{lLfJ{4{`WRC4P=wq=Q-}N>efpZlqu24IZ558-xZhOB zkMXHRY5^Ya8uz|m^vPWkLZgd0*ta6#i;6W7TOBfcKSZ{gQqucB1Dqd5kju0Xd7*<> z$}JwHb}_xvlVWC+u=pmArfT|V$!DHGzdeH!c`*>%zTE_?8q!Pfs5Ryl@iisEo7CV^ zL8;b7-VWg~u!=s?(BOR@!Dl%vPZKgZi>a8f5jZX}D?Ktk=lfmo?&6es>R!C$+QeMI zsgIb~ie0>@D!R|AzdJZ-`C^(Lj--j8*e2xqV9yl>1;mBdARNZfY~dBRhWW$nh7z^R zVCy>brUBZ7V*HU4MY~81UpRcKmwy8T=rL7d>BojHO>oD^TmcODV%| zAuN_W-N#o%E;T=${zl3}Ju+a;e zg=ugNS1LNn{%SoI2&BbIzd(~_*Y7XQ6Dt)&Rwr`L9`9xVmF^Z z`Fy$cza#$?Jpxr9_X8fjKSu%Ge<^SH7i!Y~Kb^V$8x#1)#hMXuV1EBkbmQdP<)r*u zL_=Y_zA^V3?DSixc1T3^#dg*}YoTBK?E$tx?mv5|;)CxfJepvGzWaCPpnY$wg%E3w zhD3^2DL`%lLL|i#B2>xveYSYz_VyJX`-2LzYE2pUX?2a2;h~-DY5h;Q{^TMn;r}ix zdepA?)EkBzt_D)dQw1i!NLd|NY{T7-bZ_Bp~0GlmH7vx9zFMtz1(|ZaC%~X%JHZ69ng`>sRH5O&b>l+r-WFf z9j7^akVTMc@A3$X*C29>YHJUFl1`Fm2l4@@36vdGYQ@VZV!>U_tRi6X*g_^F=O&0_ z`O@#2$8hRcbvEWwtj~LffQz4s8Peg-JyX<957a7)SU6Bn_RP6{>?7$~Af1+s;vVQt zfcvX@zdI^83w|91r)1k`c&l<-j0fcW77r;%aP&Eovek40>MK>a;B~piqer)LeY4ve zP{m;k@fzF3&T9k1X*+GQ^W3sc#?EzV(BiI0s#x1p7I<0#I3WTv(tKdr!(V;&JAZ!> z%n{H3qXqJ#9NgZe57@j$ox4CUip2ySDqLvXnK~3dik4rQ>3pEZsE^sJ6s8!-Tl@FW zDH{KlCFtqurWGD2Fsj)BCspel!N-BjRK4a23>$~F)R zK&E~Oh>2*PqohfL=ym$h;gTN&2fsp7aaMQ2ZLQxs zF&G$J(rIG!(8!>(tIIJVHY&=p?&Y$#zgm>=a$o-r_;YN4DNudsB@n2?@~VEE6krCC zkM#gE+c$iVrH#BXyA8=$rv~)uRiq%JL&QXJw`2^{a=orq1z^B^M>F|0Q1l#Q354vg z7W--74mj|lTNH>-wAe>hOX~qLb;Jb#LOS zd3!iV)~<8t452#cJ&&!eYVBUNjMuc7OxJrXP$H~7ZQWsiea>{~VJ8s*)B?d3&NX4< zRe3UZA>mxc^BOmP9%}`uNI`8Ug?K1twEqCx@C|4CI}HW()|U(@5?{(Z3)}F8Ke{OS z*)&tsI;2o?`navwKeeVCY|9BhY*9*^)ns!9-Jn%8xH|8oT!t%eQpo04cdo&)*i^Ty z(Ur(gN_w{{DILkM7*>-*ow#`FC#HEPWfR6h=#@E-qa6splwr#4s@OC}=$5k8~ ziQ7p_0^Q8g@EHQ_Z5+7#FBkWtXSgxZuEJ+2NTJDnoe#_9Zb?v{a(SY6QA;(4H4$n} z#+$CRyczRnS_@20ZD&nKb|zYJl+Jj$2L$1`Bs8|RIh>Ch_5{Y}y;dYhUoMHYkDCRA zjRgB1ob3vur2TOAU2W9&G2`m-t+=D?+(0aUyl4L8+A{n2)MH}%6l`t0aQBe8w_Iiz z150*%;vqtnbf~su2sW*jp0qihJqAcsL)APDo8sCr65LaCw3N?EOhtyrj-+8(p0)8kif*cK^Y zG|*3P?}8L!h2j~3{ID1xY3%F$pO*O#bxO{~C;iIwoNiS$N`21N%#bGtKwDb$dx7IO1b(h>P zrEZj4K8l^TxZh(Tk8es$wyJupo4zw_x>;3ehUpD_r;#Go*z5z-8=ibma;d+S6FM@o z&UKx*-4D*pJd#P%T)=D7Oh-P2{ks$fkdpzXmhYP66R%)|E49HVORgV>gEUq|4G})fg$`&CQ0W=Xs@mb}xx_(Sa1R z<0S=n|2jE0Qp+qjhvH#190E5!m2NcFAu}7Pbcp4yYOzDHhjeLA$Ipt5*pxgtk}JDA zD1_IUf4?MW8U5gV0B^2T9bDp&BT&ZOtCv;IB=&P08JrZRU!uKOMxfEs^ltLa%D|<< zV@g~DxM(+y%dQ;ECbu4XcJlD8zsKGg+_P2fzXsh%4m}4+uxn-5rUPz@Ayr3^^{q;< zn6*cvvX!PkxHQ!#gh)uuoClD3S_|ODUEaR zT?w-r;niDcv6K65n$P3MGB~!wh9S37I@thXj6W z{F_^QD$|$AjdS_UUK3-FXF8Xb!IkLzO5=Twz!x;C=6zz^@EZTqa9`ct17c5@v*zKy zR36UJHYMf05l~)a?g)&_#7lwPZ^cL()1Zi9D} ziiKT~!f3dwhTi7jfnqyV%{-T~)613D!smOHKgneB-Dgw1y3WG@E|xGA>W_V1(V7}* zk=2C@Ia8{d2XahZPU5*cin@jlP8WJ~RU%E`6Q}Ji4Xo_Oj#q8&;F+$_*gF^X93{E6 z(`JnsCi9!ot9QwZR5k4!Hr3h4yvqR1gA;SR(iygYMi-1T3vjWx0gl%Qt!dfANZ1@D z6Gf(k{$fj#gqd8NAY9}O39FE?eWSLg&(BjJiesz`ckR`^3<}u!8rI&T;&H^!zSi6* zLw2^ASPS{Xo!%Gxu^S~|n-+?&1>vL~vJMOE(91AAiW8TFUv+IX$a?VgDM&leJ_|t+ z^An*EG{$C>gABs%xL{Vj3%rWkYSS6aeZd>?V4WFG60v{Ut=@{M_ULdas9o@G_+Mo7 z`|;u3g-Lc#>v1V=8VJ?H-P0&f+BVvbppjDdaOJ{PuePzqA594r;$LMalGjLH^tJly zp21OzUP{PM4y0!LqmOYCGV}B%yje|6d3$03*(k9KRd~8h$76y=v6-}4Z@m@G?j&E| ztN=W_ow*_JEKFT;Bks->Q5A&qcVdg+3ic&_D?WT<{bTWDbp1v|E!*~b$mC$Or zJ|kn=Iq)sqV84x8hFBk}7!P=_XTSQIRex@PiZn93?NlfAIPO54ehHjTA2~+sraJBH zHz~OfHfne|M0MF42I^_AReAGpr~H<44SLkBOJC%zUhk!hcXxAF9QYoPtq`vJSc0u5 zHdZnKWn`PSl7&1_iZB4!d1%C;y&2&SHMc`_b8LZGfvhJwK_h69>4CiMu{x7_lWG&C z+4<mW=BM`U{^4^oa8OuiRUk+ z16n?~6kfm+kl)9Pl|qdeVGb@eBYwlcy+@|*+Fj_d#ne=uwV^0m7;oH7ylwOL?~%7A zv~n&zG!bN24Qs4ChUz#otmiBhQM$4?;M4c`+lGR)lC#fVB}b3hP@)C>pAx;1LNWf?{c z#o18eKpti^Pp`+MTAsXp>HNf6nx}HIR^gVpP=8T@Yt%}q@syhDqvHsb9j~klQ;S72 zvjGU=tPiq*VB8cT9RsfTzQdLn&N zrn3C*J) zk(D$_{5#r?>urA|d=al0;!Z+*vE*qsN3>|4jw*z)Tzc-FW@V|?B_l(<(?R=3D$UM? z+)wID=z{4Xf!sM^=WjYDpGSgcHt^wu!m;^$r%DL~f^+?{l8Q2=Lh* zz4)*$D@`eL$r+J^Wa${qM_$w>)S$`!*TgTduZ_CS?;5<|Y@T$V=Pc3M9HYiLX<3y% zcJF4kDbZ{kN~FlmrlmAsm{Ujeb1g1lkv{2*^xWsyGzUwZKT>%O5Zd0f8kPD#appQh zenl$udLkQT<#a};>9VD4;7VbIeQ&TkEG_i-8^b3qjmJ92zPyGAansk*J4eunL=Ve zn-DNmW5V~)eU7NrjfZ!VZOn=rji$={Paki{Z6EfNhs3KjN@E%`-@!dl!bkKt3y%L> zQLcz5j2^Ye%6Hi1tuV{y(Usy6NaltWIzE5L;^fFWWdlC}MV2YFDLKNv1Xb!?*pfac zwLCvkCjj5rh7jo<%g-=q1%^Z;zNEBY9O_oHtEZ_EAW7B+K8!n^e#2BlrWZ+Ey|+3B z<9#>m=%U#D9Eq?EmlR1E&EfOz=brscFr3$fsa1LfW}XjA<$A=X_u_$ilW`vH9VW_C z{f;j9gcPZk^yMPsjrxJKjLPV(NjQ((Id_3kkZX^A%Fxx1}ako1yg z{qskOfU|QvSD~PYT0zn?1cw=_W!3#NB%xp31!ld-<14Gq_Ym~`mfP7TgsMYQf>Vb` zAls#ZhDf$(ZduLroL8jf+hmvn=~TQgy@4c#_NvBtaSDDuU?l0|sNWh`AJSLKYWk6O zkLTO=n_5Sc#>R4Ef&qH!MqqTN)2Dd#50}aGfA6GUOwX`t(c`LKQEw*xe>(`YGWz)V6dA-fnuj?4Tj&NX)tA8Ivlk(Sp;*0iC)&~k8Oe9k>9>io19ld_z=ZHk8F&jmXz94!^X}$_Ar0NrEjp`FANu{Ke5Vq4whYRIz>Mn@ zvJ-cESBl8pl6dg$&&PJW^8dz0h-|Ky9Q}VqLl8Oo7aBrZI{32&)2F9=9Hc^ohXHiH zF#3FsgYEQ;+yV9GWh5j-4fOSGeZQ>M86Hz>VTNaD_4BuNH-)ucyM^&A&2_4t*=s?H zY33Nu<*9(@ud5;HT!Y$&rAy$Vj>SnI#7vn+>6J9VxTg}G%|5A`4k*khGv836ub(F`xE85;tyJL>I_*%`q#uK-FaUy|3j43(!X{u#1jmp+02U(~$M#394R7WDJY)`Xt zij~Tc@)mvjf^{)vdgDlud$mb=C+261pdpnHq2-0+G?xK zBS`*ipft7!gVEtdSg^m-F8hmw0Y}cZC(g+i-o~1SR~56g8TIB&Z&Qp{zO5lUBMe@< zJ{G?o^~$U1Mzmad0gb~8X^-1L-Q$#s#z{Y~vS71CE##J%U2^}oHAg^#*TsBT@IR1D0n%Pw3gt9N>71EOjalD*xAnD{{tu1V zI|)D|Mya{?;oFKyn1^=A-CW_9jO@QKf6f0MDP#PiV9!P2dgjkV+lsY(f!_^Y^ORA! z3=LVT{HW%Gj3?9H=0==vk5mM9%Xh{rbHO7?WYDLI1m)A)w1L)sRPhBGKqbTPq>|BG zk^a9CkVTRD{L}&jx6U4zV-`bO}%~csRI91+IVu6Dqf*# zq~`LN@Tu|>=omI*_{&`9gz8R}mDC)qMP2aLH`{4r0I+@eIqZU(H}9TsfdPxBpF<1& zySM?|*8gbzm+UKG5#&yD?%v)wG2-sWsY!Vi(xjU&1iRyBE4Sy2yVq)xV063-rTPB8 z^jt>K$nHePK7qHI>y*~YZ!lQmJ9SV~w9*d|EW@#TLe<=@;Mn^F_q6RF>CTj#$Pu|L z@DzH)?6}HFL*RXBMC6D@1f5*(BEoJjW@}c=LH^Xo;eV8ZdZ>IzlfBrg15;E@t0_>t z`EstBauu*25Ki;9(Z$i6Dk%MZPOOIlu4Yw-a?cE!$DxC&kq|M29vp4&k4A)Y*dm|? zlCnDc{rVsgk2gYWE9$f0u@Wtrfnp4Y?Vc!h>~JRU$KtMaUCw73{ERsYRw>jE{*2%L zk~C!gp15c@|}N#-N@cwA`;;^Z5%F)Xy*DS~v z_@A{McNN3tKbmX3k-Xe4Z-MwrdLW7D;fiobDRVQ85>Efih};Gn+93okuX;kU?Oo<> zxG8aPXFjdNjX5uD_iWr%3Cp=%>*6!mnKke`YpZPBsyL+p*RUbx2DO<9QqI-TJayOn z7w`B~L|Osj`vOuiqRQDK=OLi>r{FcPN3T@2i4R+2P={@PcGHBwYb3wJPboF2JGH<$ znN1fx*81BYH|Vv;-);~vK}x>J6>B2`GE` z;pu@tepjrLlb21VCUePZj?OxNJ8uGSkZ_!>s(8c)gF_iZux$VO501X}H8mmQn}5h; zBf{igOgW{$-{n^Cb?8_1Ii7_$*zVuCJ{FgmQsv+Ngkn_6PC!{jo|a-yEvyP#0?H4m z9PZe}mY zFjt+NlLQomfW%Q%PsxbAhRF?@{njzQc@F3pnKO;F#%Qh=YOJtQ#}<@`9Ph_&UOCjJ zL0q_TyrbNcycw(7SaqnP_K$lCREa}DoXu4k+5T>f*>sslM2|$#|`3 z%?}5ceF1ch%CRm5>o@ktQdMCykqBXPSut5NO5#9J0Mq8Wmu~L3`jk~gSe0H-PgyWF zbGF;QovKaWkzU_`-e4&rN&aYEWl6b)3Np#lQ7<%QkvB#xa8#-C?{62Doe%;i{}Mj_ z-728x3N)L+@GkF;Itog5ZRS6&j7Fe?%kq02J|=ey%9Q=sjftHkE^kdVk{TK zTY#R={(w4i=$domCu}BTx5@n^$v0>(Y;_vINKC78h%#%cbe!SG+f4Kg6WPy)&?G{} zZHzj5JoAChXUf6g3jem1>l!| zxJbMGKvtK*)pFj)*2_!P)-PS$vczW%`6>1G|6=VcgW~GCHA4s%++6}ef&_O>u;A|Q z*0{R{cXtR7+@*1sCb+x1yX!RX`+oO+GgUM9)~(q;po(tJ*?aACmOSfOYbz{Nf~*iP zXK`sp*zSga4ae4f@Lc|bj@|s|`F*8i<2JXdw6Z&R;PUp5hj3O3-aV-LT~a z8|Mx}WhEO=34|q^y(ZS%77IJ4dy&6ZRVL%oA*Nwz6x!Kk)Be?yEjIo)Be$ekS2Xma zQoPh+gm9drQNuu$3U3n?#-lt@1>F$1b;kPsLj7U!7vVSPJxO7hjYJ`J_Jh;Q!*cOX z;+H>-s@ipzx=PnV-3qezH^M5I#Oc;BDu1{$Q%pd#b;1_l+D1=Wosf8^9C3B8?|%j! zg8yzU{4Ou=kFZwPFV(mj=5D25xqO)7EN+&1NC+z4ksgx!63(2>PR*Z8i(@lq>9zJM z7R$_ubi2fyUBJnpU^u!>L>c*wn66F~QqP1N0(iWIjQ@||f z(5ex(t^~xUvx6b{W@4|~gOnJOYBdX^g%R*7V{IO9s1>KgQr7GF5=;dr$Z1D z3+>DEr4zvoOTU{bxbvYo&KgkErt@d~`xL+$BDClNOmWIa?4gZNV;1}MDdrrmMA{_k zx;PFd5z|!zSY&0TJ%?Vz#K&RS-D}*+N?TuDAE3fyEfA;8-nd@OKfEPt+z?l#sf&q$&m;Z)(!oKB?|m!wqfnihYYwxeYR-yT zhlFz^^52Jr7vj+`L*$(6qmuBQL^KKiQ^NH>>Jao+aP;rwn}dbOV{gUgo7H;H>rpUk zY609m=p9K;Zwj5I%JJP(^euvdrsmO$q_C3{@Ug~rv+rcIN&Y|BQc#McfBVRhKxCgN zuw#X)N<A$Scnv0+=E-~0h zuDO6Dod0&r-sK_wf2BReH2r5{UGWHs>faOV;2IIz-$FIUNpn_H>_#Of#k%ds5C>f< zH=EaNKB|B5ZnyLS z(_;`LedqIIphk$Gk}q+YhX59L9ziLavbK-I_cs;zw@Z{C0Yh%Z%;n1QrirZ-t)p^0 z$a1%$Et|=aIqfi!Cyg8f<}P$877fMrSk8F2UZd01Pnx?pB04%Nt*2V>G46w!aZ26= zAKGPxDQ~!&oIadJaV&0WPx`Ji&bl~8IX`X6Kl-i8k=JalJ{mu(?9ffe6EQxbzdUar zwJ%ym3AUV0eAGWF`8?uW7f?Tb-!o5fi}w*Bsx`mZd5P?itz=G<-|?yWn8T*Qr41T6 zr6P9p2)vU%pHWmvh0CUZ3V}=-tO_E#?kqP`D%S%=&U-5(xaKRx3DT$W$C7eMTxJ`o z8F+D)L=#Qs;%Oe1t5ph%vy$NQ@h#s0o+(Xm`4s-H$Ig}c2BL~eDDH zI&tpM?lH3QV0j3M56|wHw~kCF#npBHndCH(Pzw|9fEa&w(v^K(@H@F16TL$B(e1AS zNhk$&Dif(T=v4dm9f~@j!O*!@gGKCPhFKdj_|U{QiMVM->sDuN{kB|-Ah%C| zwT#!Q&^G@JPmL`P(VmYwo7{CmjYUD)bvByjQsCFKm#p3WO=I!tsYo>A!Cez?jq z)+IASZV)tpHsscd^ycag%bF>5x1L6(ADpCdROelS&!^C~CT>p;s?uwesO$8!IVT!O z>VeBjf#0Wp6xqjv}F;EB{-^pA75pBHup-%DCQVj30Kc@L!;eK|BG;J<_kiUb#j_cAmB zuHTz@U!Y~3{*`9V^98bJmX7!>IL{3E9gxt|_xjgHSwR(n1b zbG8qp<@I>e1O6^3@?Tgge%KZG1Mil-dm|{hBL-OKZ+XPbOvq7NSNz0ndu{G;7U-w#ySH0l@of6({ z>DPMeskj;|rS|iv{hwdtJ5Pr@n)HdPElqqL*Q&kizc-fEacgGKc{x^8&$9nm{(Aj> z=<{yKwh}x+ksMrc9z|)JaS8duv)A?aioD>mjXiqG{ExZp5jwwzb?WC=lBqr9rVqcX zuuF7{hv3_3RN=({5==--n=MaE%#T znSuEJXHa@czte}P-}V6hN`I|{2>TDCDt82P)V030Uy?qCu4`+oThOVNF+Onpa40X~ z*%{$v`rU8UAE}kp&Fj6hq`Xvd2O7H%*o|uUl)DwT(SmdJbxhJ##icn|fm@n1e$22} z*r=G~mAPpPQ)}lm)~=JYPM=@t2SO*N=xVJvDxuBq7Cu&oT702ecibN3SHNG^3rT3f zs{S1{?DlL4C>n|c7olBSO`_{X%0>O5rUs`Kj$d3rU6IJ4OI2t@9o<1%z+*uIFyNZ$S| zz-LiQ2WMKLQ?mtTV--`;w|6zN9}=b0)8Xq!N$6&N+|bq-U$U_+)OpY3vP|B#+dV73 zblCkgZX3~0CtsFWAkdrQ8NpGFnf=pRywb6JlaRd|7!QZJ_%pRrL_7mf{?l%_)Y|%=caH zj&O~Mz5toS>E4W)M$wC7p!#6ooUK)z@o97S&~3GSVF8b2QZnz1M$~=sDYAD%E|s+} zFXf1>&5qXuG-rag#J8PHxRWq<>oog}64?effJy=P%k`06VwH_b%LHhLC#AS9Zkdg? z`%_%ecR(9DS8DNSf?^8mBAZg`mi3~(uxC*6DbKAN9$IL8u#AIcPb(6d)+EK5-O0XV znI$u^F=x#2?MX;+u>kj=HpX*C6(FOY-rnuYiyIC1*O3M>*H5?Hqnh43USZBzDW_Vm z+*D6u7!=CAn$9DPS^5i=2u~vec*magP3_3k%~{mXBcUE9NI>tFvt;wBn9bOfq|;@U z^ONI%*`WK}+?wHaV^zOZ!Vy=-VGPOO7eeKjM(y-f%XJEY#Nx45_KeGoC#=wB?OPYl z_OvBqh@6V3((#wJx$6qCx{scOcmM4&RHgGSapGTZxHOh8dF+_vEWMW`p*FaQ7romo zq5Q*wIxF$*YmGC#job|Q{6qf7TY3#Kb8W1t&vGL#D$Jj?j{VBNxRfZ;(n!Pzi$zkH zH>41;l3cr(wdy-jB?#Bj4!>KR#%RflHzSQ*x8nBGqb52{OI$y{dwtH_y&d9V9zy6A zCOp49x!$sGA7!}AIK91<6p4bt%UOq%(H#)-2CNi$`|~&LMB!X3>Ex9Wy!W;oD*NT# zD6135Z5;Me4vQeGquG-rc9>KWZG%t)v^RasNhfKWoAVTNXp|IgQg3JYgCHOVO;mS- zDK%Le%XMCXl{Ym&*6V{%YX%{%wm_S2x%{(+$%Q%*9zf9+X?7^9#zc7SlQ)!Do1nD7 zG^GB)Y5JwkcxsL@!9#qZ3fEU26CqAb(5@2A$eYQAJc-c{jVV{u>(BH+a4)tXFAi>b z1aZC}j8zh2oK9Yy1r66GSIU5R-4V5`Rhgy6!SILv%boNxUbfu0Z(A2vL&O@F?=~`V zi*!_OCwr#QsuV;zWE_}C%xTzJ>2?oZVs%a;41j|ta^H-~nA?QHEM?-pao8fo`M0Vq4KW=0gh>f7e2ys)NbNBcf) z#FYDQ&5$(A0bc|oQgz)dl^t}ru)|f1bQPNEmsnWWj8dVId*C|}r=rDjkzCgIkxbP^ z5%CXLI&x)@dvYVDY{(nomGN+DKa-M@$}s4vg>4jZ*hk}IMy@lhC2IsIG5x?b9|^ESsO5YmE#PGl8H~lKrO)2+ zNy1mpk2ZTwxZfyMt>IGIrIpQwF#}L*_N7-DFH^d%7z)rra+-;tDA!ruD@oPqe1XI) zt|xGwbO64KIMDn+mmcd2dst0mcxwv5BD%Adf3)>Xdb{|^^ccea(W_GsO_o;T)QJ1n z%!D?(p@8|%nCJZJD00W}1!QQ#h+)ghOCkC-#Gz@V zkY5?KgRGQ1=y4;lPl3-k2C^x0nd8jZ%ZZ~FUFXF^VDYM+#eeB9bCg~clFR3Fo3P*G4tZhFbPTT}Eo5xC&-yHVA6X-vrDZ>%9nxuHq z#&(J?LLOWVd3zF>R9JTIKg+!YK@8s`(8@4-<)LTPJ+0i_4z;v@^`D3pz5VT<_M*0S zvmsVF(UDD#ii)Zf05PbZV^FZFQgk`=rIheR6yUbi9?f~-ynyq1;wi`F4c58d5ZG<2 zzVnw7??hNL43mU3uR;K`E($eExGhAn2wZy#5>p`K-hfUg#7gFDt z)!K|dG-!U^gv({oqNiu6roIM9Xv{aosF}tS`YBLwRhonfYq?ML)hY z^q(ur&x4eNhn*0-!6u9R{%xxXo&yy_XLWpIf^8zS^Zn5&ZcawGJK4X=gcJsss-S(v98z%s>`Ah@X2 znk{5Z^JOLK999?JVA_?1JkDwZT)~I|$Iw=Ho=^JNUYS z#6b!)z;Jx>BGBQeLXpjmZtZgM(_IZrr?@{>Z94mh_DdTt@N3&t!=NihbSAiJqOm@Z z(Ci~oU~@HvnJuO>q{Z}Mt_F+v2tr$v3FbNVor*M}@ILukIs9+a8^EfDI+_)Yn7iue z4MUPLMVNI5wP5b;3^W(wg{O2z7GxI0y93QSgmkJ9oqP?sM4$Lz4Ly zvX5+chCaV=n78~Hj{Lkf?wpG)Q^Z-Wo#-PRjUYv^GU_l?9cHT4E(LkExOfnx``yJX z(k4`uf%LdWZqF&@!tMC;6dBqdt>cj?F=5=|e{bJtGuiWC9jAs`@Jd-LDClTgV|C*$ zb~_<3%~^gB(0ErJpk_=OdPu(d2r$|qitZGiH!j%6OFpI3$j>c%TG;-}Gc4zG#cG5z7Jp~{P{@{y01vrbkm3QxNVPavGPbIWHz$% z*gdi6^UBpj%qcs=$lwsEMt)w+EHLd+@WnHZA85L1@o=ry>8Y0KA=S^OXQZp6`50rT zhFpSi^7)oUWK$fP*z*amTl5+otWr{*51O(cXpYV2>5HSxTWPqX$J~*`1s`+PZ{5$D zaV@SXf2I-MgIPW=&OA3AP=JwZ&=y_Do^4X9vTqz^Bw2RCu8f7FwAU{bor8kutt5Gw zhLv&zG?9WovBznxGD7TGPca=QdP?d(Vtmm%B2e#(77T4HEG=lO9w9_D>w7y&FeAw- z;@jWBqgtyV(J_ZP^P-Km3p!{}bE*dz57WfVANyui?5*luT++Oj==}(O*(la&Z@W1y zvs>?inucKk%*kGZ*D*~rRQY*y>H0$~-)eaLJo=gb55c8f8d2?UFR8++4HP<8aBcb? z{U|M5kL_pkyO}UF7KxeXwvz*uTS=Y?RX-d|>^(^7m$3}V8wy|3MIMvfm%3pK|y^x6JhE9FqqS*rImk(uNcg92~rN1B$gN zZlNitq-4e%>?|S=sA)B69gFP)AC27t= zB!tApM+8+gun1zvplLGtTdX*hZzu87dIZ}<9Z^jkdr+f!2LCY{Mq{_xi)fK*oNUk~PeqbgUY4EOi<3+)N0 zXlOal8tq=5$EzCKT|eQAkxl0+e;tsKk{0uVZ&yJAnFvv)Uh?U$n`UpBqCzH0gEf|r zP#qy;;uhvVGZIBm<=T~kkZ_Fv--o&+2M6W<_z;930lwn#-56mpu;p2&gzsO=$T@Ca+G!}QG4IE0JTccUz~2KX6L9q!W#{CQ{57|nv>@<2o9Ki-6L-AujF*Lf z$eFl$X)zSKE5haZJi{Y=Nvp3owAiaEW__DS~Bx3cuGc;iGiXy>9AVmt#mogbX-** z7Q&LxR7ShfUb)T@Z%&^nU#`ROz6m*SQ_~2}vreCe426zR9Qni1=MFEuFQbVW?~Qjiq9H~?<0 zu4B+L)D?GmE%DvT3e7Fd78u@U6CnJX3>3fa%y!6&achpKItANl<>|CNNxdltuA#-4 z5+5P#ORMJD<^maE&Lukczr?2m^<7{lX|s#eYxk;Jv1ieOoZ65s&%+0)CHyBeWC4m?Vu>uGvazv1DAMN#0^k`8h;TY#oaZ7PIbE%4;(w!4${L1;> z&DWI+X!iFO2yRFXL-yYrR!+RA=aCM4w;iPAb-e-b`U2zcla zTjVub|hjIu4kn{1EoODlnmiy`W$|DBF!i2&n->H69`#U_iZF)u z)Yg#q;s7URBJ&X(kQAO%$3A>6G%!bHY|?NJ1>>kwy4Wfo;KbtpTS+RpT9MXwI_uK<64&g1)kOV;IiG3=Iln;_HLJ(x^Syi}3kMor>{2m?&%fmke z*{o*%-bolEaD*=~Gmfuw*IVM-mW&1CYlV4^11It;ryWY7Hoo8Ot*8Gex}Y9vmZSFQ z3-;L<6~PmLhzPremycT%ut_Jx0{L;qYHMxw$ z-vtY<>Cm752&nu-Hb%XSLg)#vgQA*K3*Q$c=uTkLy&-zfUS!!n#J8`A8Y-yK&4*o+ z@6hXD;9ksZ^0NtTNsAvz44TFryS+4Vw9f$(z@y!waoRX<6F-|U}ySyCd z>rAD54)3u?J)(w7Ui|!;qBg76njUB!4{}@|ZF>5I)_iGT^f=G0_r`vIr9GV0i$c)W zZVp9ve+f)yemL6NPOTFu97Hqv=3W^}YjCrs$HGLzK=*Mxk-@>{xIU%OTuG;LI-N;nMLnPRd%=l(ojsWr zay54EY5!=uf$Mg=7R7#EC(N%-OrXMQs2J>1HjRH|H@HVy!&WM$Yc4SHhEJCk+)0wg zOXo4`tS|62sL84wA->y^>_=In&!_MICgq*`z~k_c3|s+u-&(urD%fLtY3W>l1VtK# zzIq445l%a4@CJ-u_>a+B;q~!6Ln+fGNB)YT&zVJU2N~M;<>Oy>>vX4n`8EeWgV^gf znO5c%=;6wR8pCdjRoep9DIW6n1pDdy=z!1g>e>y{1_gwO&7D2_yBM2e5VcB3*O54u zx~+{&A?U7olT=%3@o>>Xj6MNTXh45p&cl0icm?crEFHIw4F&9sNQ|#02Y(tB)T^1& zd`kR1#xRhj z@XTSrroMzIFIb+WC%C$o?pvdLe!1T$yocL9`hstf z)ZY=F1@JuKKLR`&gCD^wd||YhZ3$mBE9>f4Dt`eU_LLv6B(glvB(m<_!BFyA4FE7! z(G#DDM!)U_Ie#?HKHZiKcL5MoZdsHP$P&8_2CmIdLE}8muppe?;jdkJ85%;OR`HH0 z^67%ODmcUM=ysg377v&Zi9!6ZPotZAcdt{Qhw1P1wW$KXT7;}i7?b9co%KFiuOAaG z+S1y<-L&z_mbx>GAO!bT73}C)N%DV~ZigL=M7AxQ&SKDf>GD*UJSBja0DM$NdP01; z_I|;acpO-7*Bz!gJ|9dn!y!yV7*u$8h{g>2s;{!^k>ZD)`p3XafZ#Ig?0lS~_UVY% z@F|~O+jR0B_U+fsv1Ej+I}&WMsFYDO)R?3u;gkeuV{m{s&DH6W&?yeqa7}Pt_jc%s zSZuxU%UttNG`}O4b9x$-`kyAMP#$LYI4BS;^u7FtL-h90o=}=X)~)fMp-%)mkvHz= z={GxDna_`+_wRBvUxq5q?`SL-DS;47eY_#sWC}J-APX0AS*gU->t1e)q_uP6m0k%g z;_pFg*yj)BI=R15u`L%M(a|3_^u=l2BGkfOt!RT_HU2{C1Ml?`L3Brn#iqmiY?n=%{c&>t)KHD8| zPYzOu{}O;4CxWVc+4ZFJVGM^=fc635BgDt4JMqVTcYw#PWBA0(B^TBSmv2cWi6h`M z#q%)LL|Z8DX{crEBkKs!OGm91qj&jGVf^-PO_k17hAN>o-RVma2R=OI;bmm%6B1ii z{9!D*%ql<0}-{}_BH^BX{UFs zO!Daz4ELLs_HmH;CxmpcD5+;AL5Hi#UJJ1OBm8BQw?$09|JLcKr}m7MXhqip#|{^| z!$vDwt3-yld!wh)spRq6mU+x!egVVr>4n=9%Vll-#Pp$?4Lji}1fB#pn-n}$|}c8)_0Ig!H46vB%mg87cJZRHx>uPak%5nA69 z(QoXsilh#MlNn(6Vd*EeBS_i&AI6G^A-vYU<%3d^c60v;u*iz_;ZC; z&-xHRNo46=6z>8O<;NA#k#d-^G6{Re6Q-}}=n8l&LRy+VyY6jcJ5#Je3jB{;b6^3vEJWvCcO}O+hKCz&|D%9W>!d?JK|sm+FNDminKsD1B2_6 zQSQ2+^*I(0Jo;+@KM8sWqrR3w{zkVw;<%8MCCUWhHz=LWvsd@`-eV%bZe}?`U9kw^ ztGip9DkBq1J}rBP!$l;1PcFnixRNBSY zf7#NTu!CG~wUw8O@v6zwY1!#?9$SL{9X)#k-~#{K032BD{_|)F3H^_8t^Xg2x6Hl@ ztceQxNV%xd#u=-UQ_VV+Sj+mfIDOM)oVzaK@XGViHR7(GosK3x_D+S(y_!+nq)+aa znJoZUhx*`HOF82yfLVdh=40IH!XiuEI7yDmh_gQ6sD0{OZ<#ywId22?j60BS-!1bySiDq(#i4t%6cuav2=GKB7@xeP0$7wN;m@01`Xt z&rIz ze(O*Wrb3dc%m~}M03DogVBHLU8R#yP&V7PJ&Lku4QC$ zAv738?JtQpjudU@+pMaB=0i{N;=&w{o7wDVW$lvFuAWn-ryW%2cF^E%*g;u&Rz^fY zO#xfoI#5Ez`TFCl(50R|eLny&zKhjg>apq7OO;^7RSdy7 zqACj=wiHP>$1>I+@;fwZW=1yk3z#aGVtv*>na>sJ3L#YfyaTHWB~Ozo3mOK`U<5&U zFVx_w6K|zN+f%@dyMVr5*qt_mUl|C6c4X5EBTLa=Ue_G%I{B&sJ zlSyPoUZr(c_YR#f$y`n!a&kp?&LH+te)O6QC#wqer>AOKA=s(&r5pem7w05ZxJNc>)6XJFA-otpS7fk`F$w@Wo_qqLus zdiIp1laVVZ%$bZq;Hxb`Z=)R z1h(wc=6rh$JAwdp^dKbX5;^uc&OvPgPVcy!+`PEXfqVX6vptWDvo9t1s4F4t&ZX^n^}%k&(|7VXH~K-nAsH{gWT(JDnLen!+@zY(dgifVjts)OLK2iC7PYw% zB=%$88lHgY<%LLyUb3@g&xs?Z5t?%v5OrZArzJF^7CL8T#L@EP*y6rT-ts)6d1Zah z%Vu)aEzB90wt1z=9WIsTC!JGqUkUYa-+Tv!HL!Vnfwx1a6H?@jGP{QDd4f;DkI3xT zRcGf)$4pPR$aj~V7O?%pLB5VM?)K! zA}I|-d6Brf9|OUTYK#iAcn?2c1Adr(Cfc)%-dT?#L0g_N%2)5CpRQH@43#qUSBLzt zmwdC7M3PwDp0Q=PQ41amTyA>0LjVB(!QGb|v`E8|zQWyUC;eU?k=&z#Y83j!u+`|O zC1J8UOGFPZo(ZHsmI?Zs0out=Md^(2aob*>-DL;9PtRUK(56me$uO#l30b{q9FbP{ z12YJ*TvxGzg@BE5V>j#0B#raQMnGP8gwR#6YTnU#T}1AGQ78| zO#g{h5oe8CD?04-^x!A<1CNjU!8^nSo{-Fp@|?9X{%Hb%MG&#*Ws~E0ttV{i=7*7V z74+gl%K|Wnc}v8zP*gM5>9jXf#(6Mf87WE(kCt`f+L$s(L+&#j2)%_nBx`N|vsC za(XT$h36IA3`p@_#Q>ba(|e0?#SiINz|x{}&1L75ZXWxqd}%axlf&%6 z#smzJo>>G#o6nUVB@NzyGzz|?vdcfS2hi$3D@Tn%YE_3NcJEZ56@xiBxU>#2o@$jf zIK0H?wBb~cQJhS1lV4$H-}{Q3$y6nHsaU4i8RDnyTu#!%H8zUv9Rok`;Z&46P?b3k zUh}ac!3tSb6}{7R_mQ!v3SiC;I^jSZV-xA=7Z_62$j*4Yz^wp#U0cr{WBhDL85$3{ zQm3Xoi_i@o{eJSA-%pxo)2(07j3o)fM=YPlt2cEK?gj6WV|VSDt14*Ubr z2gtB04S)i-e-=JUzNff`72s`m!a-wxcRgaL*9;I5D_W#SG9W_q@lNx?c`3aEcvqod zoxApdX0an`C+yFyA$6vj#f*dBc7QScq`a1;eCyo{5B~qv*ueeuiB_jNo(TObsIEe zaNRd)`XFSo_h~WE^njAjRQpa$Lq?%$CI7;OnU2Hrx|n07LQZxV&AGldsHw0(L8F=F zE%P!nqhCHS5Lf#yv&d5hrOK6G_Fq=Niy@QkJSa*vapcFXo2TN+_6WQ1$jGqBNi#>ey(PkK&Ybtedf* zEaH5$m(xFx@#dA$e;miELk91lLmHeHng!dHgbIaAYe(A2B--NaBhTzm!-(V~I`6G>DJ(=ZRY^_4f#YpHg1?`Y%oE%)R zrN-CYi+nrR^hi7hP)Qt2&i*f!p;Vl(o-IOwQU3KhK9R4+|7Tdks6=Ev;;k<~1lw}6 zQh&D(O;qg3+3?MK;2KylMLq!PTlkbC-#!6ua%N9R^fZFpjy8CLAkYQXA@8mNK z`J0v~&tFyQoanE&b7KO@^9!<6v>5^^oq8+9`S!q`R&a~fJM|akC;NUsg9q58rzgms zS2`+2z9hKa(fC5XPWpG>HvC^aM_YehSLZEG^*YF2qJUGE`zo_g(>i7jC9}Q8gDWYW~*hqL)e13-cs#w%&fyDcDe0~Ny$0mS7 zC&lJ?0=n-tJFJgub^n1{`Xof7JV#kSKU~*&TPMI{e=X!wd$+X}w3jByXGrOW%V0dM ze|1a4Pur)v8SsNvkU$|$B-pG~=jP8hu z?Vb&QSEM&@P4O{_!BP?jFJq(==8sxGuRYweiFI#sq!C90Em|Bq>-X2Y5SRR1ej8(Y zzCq}Ro|}Mn@I}rHtH}0M8Du5xt1DoVcz^y$`R3vToXbpJX*3{D_0KVH@@XFdR|h-- zL4`2WRHURoaly=x1ajgobeF?Sb-G1I1V!Yix45Tic?p{hUV<{H^E6Gdg^>cyU>DHE zsWIFjHQ1TVZO^bkph3TbAJNE-x7mwhkDti5hw_ND;<13;j2$I%b?J}7ZG;%fauHM@ zRpK0+94yNZ&zH$WWPh2?a~BjGYz1emDqqLg9oy0+HT*_L$w~9YO&oF62n6S<<)jS2 zzowBcela5`|AUKx&o}zNvsQp_xFQ?vzOn1`^{f){n_C#rXun&`ciO`SX2;-zm#DbN zs0;oQ7`sDYQr$n+DF#1MR_rS;w+RpuyKk2UvueoK|07KPFGw;)%J*-W+J8o}SNpdM zci`Byr-9{YHZY!fKACz)!|ewmP2!LX<7u$nrZ<;a=MJKGU%=dF08g&S+p3m*k;*v( zZsIZ=m|sFFMsyVH-;gRLM6jFcuKDyH-lR1uOiR1F<@Xm=76XKZr>sHqoC4apI!sve zRg}kD>|$H_PZK6(zS~nqnk_jZZ~wepb)b9FbHl*`YFm8uAk3qq(I0!G#T38Au)LAa z=!qqSV>K!$sVnZtcr1rLbCiokAw*o&$U3W&g!C zchBL~U&pH@oLE?8W(irr9YP`zYyA>E>3s0DQ0?t=YTviZ`*CfKi|80!w;)#*gpw~p z=^P6zkBz`KwKEf4E(X!Jw-)EWfv7R|CedsqIInG2R20D{5$Q}z*WQECz#NkG}Hqp7N+Trn*WIXldqvK56q^YFx8M_Z9p4 zOtoM~Kbw;X(K6KU8KyJ(cRg3w-*lUmh(WHBKKzfBvQmdrw!S!aAfAdnFg&o35wjRB z*!P9Ca6CyXxdQsP0xph;R#x}Zj@i!f7Ja4Vs+G4Eu}P#AX!70^vvquTEUS{ zzsYfR9p4Te3EJsDR~_E%T~MnxYxi=uOD%ElUuMC-1V&t^jV6?p?A3`2tsH)pOuZmc zPHr|iLEH51Y~g1%eS>cj-VnL35nLo(w&Yl?=V+-KE1grAI%)4CqsY|X1QOyut|&E5 zFw(orpV_xl*=!wXt0?SndKgwbxm)(dG_;a{e=#C7#Iyjb_ zr!I}yO}@0^j7ZXA7AQ zD`>0u#}8D8K&vhS)yppcv7^wj9;(|4CDNv6mNuBGZz_!O-`=ti#UH><5xD0W1wlpI z9Y^$I*_R*o$OnIbbY)t+Q%VYX&yUUpo@8wF0V}(Yl8>`21*rvJx>wB=+{{Ck;zM=I|l`AA7{;-ZvNX_4fWHv-pn}eyn? za7-IYtHtOUjCYFdn+%3b`bi4X9)GFxa4I{N2hKX!OoV``5U|J7Qtk9lO}|V`8AAu4 zmai{Ocz1;qxmgWYfF9b7RBDiElFNSn zf>)cJjJj53;GNE; zfD0^?e|>TdJ;?t^I$@cBUQ|2)RDgq8s(_x7HZ<&+hXjR+b?|i%6a(U z6+K&^gJx$RH>Oc;l2&4|)>-HLZNO>a@~=JaqV$mcv+c}S#={| zw(Y~LI(0eIM6Gno6K;SXq~Ab5-W#zrBP#NYHuhq1fHMxRm02Y(WZANG3vk=Fq; zWlJtqeV2M}eawKzP0PgJplR%zN{)jM7wt>5Dd-`68bdf|^4}dv9BPe~SIKSAaUrKc zQi;OPQ2d&sTCGovIaI4!Y-1`9L*OdWRspjP4He#hue*3K6uNToLZoiHDc_q9pXsRI zWOV`y)KjX#%hPf{!GGm~=tLzT*=|>LDVHX6{4$0*!}ZM{Auay-mrZy%N#>$~Dl*&8 z(Fm!hY!4R2-;YbZ6-U|3851L(Vub_IGM>)e2rNtI_FnOSI?`qxMjeSEzoPrBX}4b>Eq=vrIjx2u3(^keqsN zn^^}phlBdZEt?V|)gcoo7@jee4ag8R})#%;c3=te?z`9 zjbVVF1wpZoNv zY^(*Xbk+p+pemG8IfqZQs(#ywlnr;oYDUw~<)`o>FFm)r@Dv zd*FACq=H*PDVn)`zO?aWPo44FiwgRn8-dR45^R(C$|gbe2R=jgqE z*1u5>{`lztuOJw?b{wVJ+BNVcX1ja>{3G+Gj8PyEktxSVr&e2;Kb~&16p^wcDDKj^ zh<}-~^Zw$C(MoQs@rqaH;`@u?2#;($-8 zL$Sj-sqdU`Hm!|PJj`i8~>19PswRe+6|*TxP9j+-KR+wi-;(!NmD700DuakW}-f}SCovYz*-rk4ASA=spocB-xO zstV8O+0_jASKvrejV+Xw?hsev&q6c^J2W>2#5lM24lGo0hepn*Hbt|3N{-N)xRaZ_ z@_HBjgTE&w-%~D$6ORaAxms~81;h|B{Y9X1x#d|C`Yaw2RzV2qq{@b&t-)$@oVlCma5|>5}KJYb`D5?dVcSp?DWmTpS7F4-6 zgj$SGe6Yv7pd4^Q4mai2aQ}i@wm4B^C3JGB;|>bQv3!{PtYE1WVwEq)Ov`n_*T5~K zhh0@VyfC|KL^PBNp~RQ%IUre2XpX39s5%t(>A=rXF@I=IE3F^a9~y&1oNmtD9J_8n zXMW{S_SB_SOa7p)1Stz;*I5C(E|$C9YQVkMBYdWEKGwFmg>qz0DDE=bcNzZQ|QqNK7|Ka{S=L%TDu#eY)rQ)>&Cy`Q(qU6B3T*rgxrS z#Sa$^Qgf}k$2c9)rcJ*DhaR#;VbDD<`qUgY`jeL`fk(JZR)#3JcC}G;u8_7T^!Zjw zBk}&uv(Sai>3iGpvmc|G3}%F;JX-i2`xcq=F@7{_Z~ zF8EX)DC+8M$3DX!mq!w@8skZn??qebL>&2|$yweMANcN<*A#==3;3F%w~t``5s|r20>j0X4DmI}(z62KuXmxw+?7C3?+6mFoBX`rMEb9~Pf)Axd^obx>g=h#B$3hDdb*)1d>6(EBKM zjQA;iP~lW+%DQqt9BSUnkrC4aJ+yBBEke9~p8jder^|#I?DC*;(QoFn*_R70m)7zj z;nAY{YNl8{JqRKuaFy1D)s;M0zxf#m47gId``$&V25{uiqb|kLC@isEEAh8~J2fQ= z&Aoum1`%W&>M}obP{F+o?=2Q;?s@_0lJe$GLh&# z6%q8HF1cK3*FQ`(N`CyJqo$EU7!I+cWjX3=itlJQ((B$lyLsc-xccn{Z=lU?R>3bc z1{uerV}-oz8cZUydZ!B})XRpUUcA`#`F4fsuMjL|rm;DLV%FxJH`1>KO$s9?mgn9J zJhr3nN+F>lom%JI`*ZOX<+r%WO7$dVT{ zZ@jI)#OLugas_)VY1Z%5!|^=4Wn46QBbEF!+s-}y^h|g&(bB8uTjSgALxRju}HkB8;ffr9T*1_CyFDIGgmtox+U7fUFD|4Li zmY&z7mUl*~&*a7&FvAhfm3KiY43NCgY@gJ|EPC=Sy4DSHIjVS}@Q?=YAOjs2%>Bz` zoxYAwDvoI7#jQk#;0)fK?(raN6`wLT{FFX#kg&P?f#mV@B&QNC_P_{y^aGBDjW#!V zF=Gg6diw6fZ*TRo$>R@e zMAoLKLwGGAcqRc4i5SI0UNWLC`**pn2d9E*yNxN@Vs)|$4DY_uti*T(_K+#@RoF5K z#R=C!{oA{fduuVN*b>Ev!4hvRq}E@l+QbDsa?BoLE&J_f}7=IY(kj986pl1D=X%#kK^whui{kO8le*mQbc=jK>e~O{#`lgESv%;+o4^$J} z)uk_{O)WeWXp@x-0tOFKhB_J|kg}uqF?Wj3lE7&X8w4I#g~y2EzgC-liEal=#qYzQ z^}^n)>cO^rLOeM2*WBHZVAw`!w7%{y9I#X$7s0r`6Sb+9J?AKyntsK_^3$E8&->jm zacmJcrRE0Rj;MPFTjjI2?xp+PY04r)&DRf8RC-#%CQr`W9K@QfYzH`U0|*jt)KnnnVVNj zhTf3@UO4TNL3c>!$e#UFL=t$MTbwsJxV!oa=IBZ!1qxH08P#w5F>7W20=hOZGd?gb zxvj{f;}7vT+IG zMJ5|BvYCme^@yp5pX9v1mradOz=dW$h&er^gzv?DIQmtx?DUGI0!B~Ze3+#+wYLGX zm{u4h9xiOXH&}X9cJUxroYj|XWPU9rzpY-_3Th_gLd4FVwKph?fknQ7?=$A<8z!+! z{hYFIb8yiQ2E{{r80~cxpnH%5th~(Tm;8nGn#h;<4u;Sxrfx-uNrkUgKZOhVmd*)5 zlL^s@P=Ce>d#muJQbbp!RqW7N>bs`^&Zv5F9K@JcEQGMgA`}~F0@$%(4NId!3@Bm_ zeYe=>M;rK4R^sVdMTO7b9Lh#~%D~$?+=uV{0Icg{R)1Mnl3)xEa>aJ~y&M%deTSE+7#SI`6KU&O=nH7NP< zibvmI!^}zvCd!$*j+bps(+eE{evw``ZPv)>&eV)qw+v|`SDZwfqILlzCo@pdj=XX# zlTjFhTsB4{|LjlYz$-OBD}6!@Q>!=Qeig-n>utkvx0>F zt>D`Xqu-~lz%fKZbM3-3VgEVCG$joMZ(b_dqWOA}iC*CA9`;Zw9IKb6aujayfO&Ra zVtjR}#>7q~LusAmoa(G}V|Awb5^9Pz+0#5rjRE?@#K^*vp3}0^OHx@iPkr6P;`3wd zu8R&=`-|p@AMXWkW+il4>hjBet)aUm*I}_1XN#@$)^lQ6WJ*7flq4NJ*QNTa>BTG= zXYr$}<#GxQ)=ft7Ts&pUQ8d1Bz4xqp9`jt(>p>fMc$H7g_Ck0I$%xxS)?33)TZW{` z!JRp&bID`1`3Jbi8EiUBPrighx#Wc>H14A3gfQHsUW)X_51rVKSLC`lkA<2%3sJBg zHWpA!l-kwhU}t`%oBqzt%tC_XGBv$W0NTdGZqRnQ;-Ww<2V z#GL!8hyG%Z>NgBz6J-uu*yTH*?A=)#1%a-Z*gVcqEsd{xLcX@I-b+ec@`b^mQ#5mI zZ?HnSj*3`)O*=^3VcnrIo8~7OW~gB0$N|xWl)6_?nNajc^o2fR%)p+EWNoig7Tr5+ zE5paw;f$$j{VVeiEcy_Wi{mj=2W(_)1e1MCCFr~Q-(X>bEw9;9=ODLqYuVa~A$Xtc zChVj6EWNdH89yOu4@!N>M%QX~{uHWYROV#`nwVZ_bbP-%34T1Y9EW*o=NkUA*EMQR z_}H)dp__vJj8`{FQ;aPyl%`g~l9EhDQ_8ZX(z-6AkmdR&_u@g;+$=L`X!XT+ueNYC z+DvDgvx+7Vsk_e0F3Gdbu~X(OO&`G*?C<0p!{$8Rr+Lz_mqvK7E=?j1lxzl2yz zU%hjoT3FLVYssv-$f#CC%inR_GkZUv>YUbE@RpWJkcE!(X_TkDI`1-)OMBGl(Sj8* zq&|YPa`l_KRe%yO8Ch#96Vt;tv>8G@Cm<4-iHl*RH2}5minx2AzFPlJ(?%^dqhhG{ zieDs#TNFF_6?A2}y@S`SSW36}1fY+Vl$8O`pwq6$yo6E&14Ma{aG0%jPm^Vs=MTZo z9y>Kd^|%E1#R0HFT*~+;9EY7cF_3aeonvO!D$*4DgO{EFL&ywQpOEt}X*D15OzB$NxRJuogYICH)tGBX zF;sO@5=c)Dxl&h?bOu8|N)q6$u+%d z{=5uM2V-n6*V|en*rG9Xm(r3x2vnvO#YM|eRQoC!oDv!~=E?UMw?mA~`sA?~$#UPW zX+Vv(v8oVD8%Z$V$W#yGG2!RH$BLF$wi{V_9s2174tyz>P^rDcM{dMKq#jBf$5=#1 z4^JdDzO?CDqJq=drjFp`;Rbfp96Yq6hWYFll9o35>bkBD&SiU)s@~MnD!lf5=zQS3mdfEmGNCb#230ZLad5d$~^ zURGwqCd2Uyc;Ji+6DoqC)WrsrrbE1~czxQ?kE(GVp3tz~`wIAgLZ|uSJhYgbn#Ko>Sumi(#bXV<82@2`f_Yhmj7fDwS{TEQo*&^#y`@)&Jak{;gDjZ^ zaz{%|I=_F^s7o@WPaV_Ib#76=j>{^wHx8hBYevQ*2YOepHQ1763_EoGvxqCy*JH{J zG+2TH&lmf3`?EdaZPeCP?QlkPVqWjO5j~ain^wzXW__&*@ZLP10w-z3cKF+Y5;2Vo zxwvh-r5V4KUi0cVbQ!tE_vED?=vDR)kC)YfqfDqn#(ooM?&egkr4f~8^I>mJ#~tpw z0sVusNZdg2Tuq#w886!tD+nvW$%2b`&Y^wafrd`Ld3Bpp-ID$*oAlI}sUnlzEGEg9 zGzC{#wO>L%_Fy3HghWB$+2Jtn4{}#AApL2c?yJ)9oF5c@zCDE?M;p^?m2dpxSw#Bk zmdR9D{Q&7%kB_ErPF_lrvCeJQKOfA7oUuVb5q0;Ar44Qfs?@ePM4ir!@VABLI_VRPPiPgrCgy5vrTSK5+n5tcF6+kdq~))`kX$K=cdO@o8+tO(g#FGl@n<7w z&bY|VI(R~*AomX9lzqthXwSx1!Ag8G`>JLx%=FQ3bi708@D2Cw_04a6zZq>|I3@i- zG^#e-nw0c4vc(ML%KwbVh)SN0atR#tB`s)R_%5saRMnx6b89EIz&76Iy*-;K?+g0< zl`E{Dfw95EJI*$AJj%%vBcmN{^p#*dO{uT6_kJVUL*EByVzb z&ygGXI6dFbdhP0Ky$W^jH(4ZWw{tEY4#TTxP(z`vryTvv?5zJb^l4p!Z^0)a0TJjXnODRaGfo^X_(lgl{~)Vv^{zd zHEpM6Ml@}A{cz~2F(bT%|2HIYf&0;S#F&=XSq6{xKUbi7j1qYodHIU#*_EXwTuxG| z5}{?)ayME$Dq6I#A=@i^`a1UqW*Cl|CnRUj-t4*bP#CWNBfBKhW`&;e$$P+T(;AW+PZ9`C!Ha9FxjX#TQHqrt$cGIa@aJqUB; z2)LN?u1rQhkn6fME(t-?Z2KLBT@`rRxCE{2mzojP5Xp_}t5mwC_tpW+%AAE~{toF` z(Y>3mXhC*N7w^a+d{eMHhbW{Eo$)J?)`I_i`qXBqsPph$PdkE#oa|-#YE($L@h3*3 zMM;x`-OxDRjZ?c_=EH|2s}wO3J}sr7s)^tP?mVK!x=XQS!ph&PzwVk2Q@iU})i_qE zamzL0!@I*8kYfnc0|~@tEIzGx*&PAuUZW)ck?@o`AQzO(jNhz(|IxtBKsYQ6l2*jcW`Y5{Tz#ox4*0C~_FrX+ zbs?Ln%XW@A_+RfEtwaFgXXVf*Nygf59&qM%S9eHJ(hmxXn!8*eh(#Z!jQl?ZRH;c6(blZpvRnv= zW`tOW7{K2Jchr>|4xDj>*ngcNv&fxETlDFFnnL zZG`9)PT)I|&8oe%UMuYsn0ea{e8q^H>prsEV@rz zJH`us)mj4IC;R6x3-f9M^}30`y&X<%3rI|mZUs%AwfsW-Ed4@RxTK0gg_APmWlAn1{nt%@16GnWf{}IdrS=!|hw}ySfW!^lU^?7vD1aJ48PWCx+j~NOO3Upo`Vz z>u!>8rmt1dyN6F)4bq=-CWSN(Pgl9iGm&u;@uk9K6~laGDiQ?jK0Ku~ZhWNnxF8&M zMgt?IMQ@%^QrkiZh_L0)tu4zD9;B}7Y?#MV{T0XbgbGxPR3-*UD=Tlc_st?h~# zSkbRBq;HYcglm80oFw@$tQK;c@VO^n)v!7?$?m|;MrWQj=RJbY$?km>AhHY?pR&`G zUC!Uh#2dJrAW-8YX!sc?xZondEbk{Z1v0*wAW*ryrnTJO3jTmtHC_Sf`-*hUU>YMW zF+pz5w0wl52+*i6=Y{<2-VkB$#+?jg0Y!&EBkeA$y7M0+7r@UrUUI6gDML<%-U;j-}Qj6gwURqdp*3D_v z=gR{YLOj{QcmFJ)G1xcg(EVe5*JySvc9Xv0_M-YW-fH0VdE*P=!)8Amj+?Jsx>cRj zF(s53Yd+ey)P+YP9rtBnvwG@NBkKIjm)yO{-3Xr-#Qq@J{(#g~z^TTepQJsO*!o$L z@hEhDE_^i+6L~6Lc6yHe^zQ8Q(vJ|ANuqQ$SbU90xh(JVID0dr^+yURCwwtL5%^D* z2}MadP_;xhLKJUuiQ=B1F_bg0i8C|kEgS69|J+Gd*{>wrLsrjr=z?OE_|J@&w=fMQ| zQ3D8v$keh;ZxbbX%Y>FSnF#{pf_FvC)E{a46v`*Q>Gxb|`+NB(k)@m1<^s^e2hx7% z<+RX<{&rECb#|ZNWkQpG6Z9{|aD!skIVZ&PUB@Yv?e8fzuxCp*{gIN&-(Qr25EjTg zGVz&KV0inaI;#n0F2#k`%j00cCoUF{iLLRj%}|Er50|uq++>l2f3GaU14j}_BKr%v zmmB3&0+)Ox25DF0K(krN6@>91#BJ7&bEG@}WBRvurF`zLf^Sb1TAd%dRIU~wJIV|9 zF+2=w6cv08R)f74VKQ@pQlJwJcJ?BlVlSVmB~J>GN%FQzBO`I%SM?LE&2xgtp(FAl zv>JQXQ8Zlxwb2P1GOx#ZrDytlM`7!{*F2V|&{AO`a8Vflc2Q?=K4B*-H_IBTFO!r` zT2e5?#KfORVvvTJJg<|`eBzkjx($F|6pg1-p}bfJ#?f8svE)D4J-^>V1xmAR`YJ@0 zY{^Ljn~1Y|x|O4|%BA-r77YJ5mKFtKJ#Gl!(acBSE~EZ^m-qL7zr^74`H%(PY^){z z``S|T&)On0;;!>sz~P#zv#3z~)+G`uxBvX?ENNwyjkvfBrHO9=icd^|$$5bSpHDf2 z>|csURIRE0O8mm$?V-&(iO55d#gSZ&-&0UeFKb9OC%%Mypm`2&HnxzxenexvUoEtn zO2c@I&zTJSN0Ob(VWM2S9uv+QTxxbxTmc9-!gIk>MBU^uKI(d{bV&i zeot41>(wUzbixRz7F0az`@X?pDH2Uo=n2g@(`a?AE0yb=({@T$`X3^sF=s+*8yd}7o?(t8c zKb-?FzCM^rSq$C2*fq#r#;SC_am4mfq3p}5hPBatriZg0M|*ICFPQTJ(2Ic<7xZ+1p0ma`nW-EpPcV5MHAy6)jmYD&YSl+q`y0Z^*?$0p`y4{~2@lKNdmYBK`-GuxJGkm1&L} zpZ=@>L@ukq@{DV%n8Lw-{^l($Kvt<<0uN=*FBq7Mclx}KBpe^0@{H`OqH_pK#2UEU z)|0361Y3OAq;@MR-5S-Fm}zaj0+VYN2FKqL>Bw%|ei*Aicd=ui-L$)krO*;|h0nRr zzn{k6ziqvDb*fzVU^qp{Iuvon<&N3xWy2;_8}cYvxY_-CYl3b>Wy+cxN_CzI5hs5- zV~!& zvw^Z9Ijk?se?F)A{R^C^Ys<=#w2FT~o`Gvz@fZBP9@kH(%A5$Kn7T?ERx>(izGp=Z zyE+JRe!{iB{P$7`-`Jytv2O4epHuum3ZkTLYJBv?oYZy}Q;J~(KYabn8n}i^5A5E- zM#g1qJ&u;wHhC~YMF-0EipsudYmM}ui$}R^DwN;vwHtk-&<(v~=@=3i`F+FK=lWP* zw8IC1PFptO6#U!h6|tm>)xw!Ux+z*;Myks+R;r@8u~6t7N_4rscZ642>9#f_vu+5? zJ6Li*7V&27`}UyIWxv=a-791^T{>|o=@`+LQW&Xv!}PodwP2gu%s1;7J6SrLCNllnj5QC+ECo9 z_7BasaBXx=zSffES%==!za^H!JG9>k=x5EP&TRk(OC-zws(j0;=~3nWxcOw+DJ|;F zV3}%bwa3~$;MG?pzzEg@Tqr4~{{>9KQDRis@t?pXG`CWo5RWc3$S|^6@uS4 z!bP0dX$c?Crldyu?~(0Q8Obh!Im$R^ZC}l{m=(35@`i26*3|fOt}_$ak27v; zYd=CA7wR>*_(^eJ_ zLvec<@f*1021Q#EH0>c>W{0!P%p?F<($5`@1ZKE>t(~gpB!cUb&*?hvTMq zhlCF!B%6V@v}3bYlA~dt)j5Vm6by{3Ph40~u?3xE zmVB3>3aoJhWXITu1t6FqIIxu#4GC-{lK7T55!egEw-AjgTL8%aG3ktUDR?C z_<(6+uRn*On1gV<*CPjKS3G4Ye&^(xqk6{t)=_AD!eLAG<=6a6Y3*~W?Hx`>?_+>n z`kUv%QKD4nEsB6p+q^L8<|@a2DH-RJ6JbS#*Jt~Hn$tEo{^KKHGj_QhtN74TcYLBB z0z*g;+_8K4D_zG-`3@`y9+8(#8lmB|Z*%_qCp2q@b-xm^6dagR4WBriL@Wb{|0!Wt zu+G}(qtF=_>ld}zk!j;K_jY*tSe?9xS=q_?BDK3hc@VJc*Ls;Cp+I5N~EOF+P|sp=n6HDcv_gna2Qtr&=$Z?|)ME z*y_kDu_w>rf}+BM%M#ker6eN+44f|{&qF2J@h@X8%%`R%6v7Y*8Fmj~g>y|eub8#& zK<{ByO_SLtk}^NEBY!i{D7Roe0@DwP?!n5(J-@)nA!-P5#((*&1*7cY4Hep6tUgh7 z<|8a6hWbMjvQ9I-x$pPvaEhy{5B}LUqUnPAgcO%{3to25~-)F_VeU4|)xk zDTJl;|GS7P*{?8$ZG(l|!g&`<;+>Lv$dd>p!NH_CMs~5%lc}>H>4C0X{;*!(?LAel zHn{!RM%8$~e;pOKs?K=Vqm#p2D)}yS8p(>~ZB8d4b7(`wOjbUXc-n_!N;x>V_FG74 z8wh@0h6UzWsJy2)9L`X`kuToGiNXYP`Xa~DUW1HuY-PqWPm|q#vq+{p%d->VWA?{V z@Vhw%_1{~3ZcY<5xW+OKeD2@yK|xApOc(Ry_H?Qi9zTRlIDn%fqI zNN%lC^|#k9Bv=Li^!{yokJB;w_+x4uEF3wCc2(i)gm9xKGwGIlE4*@qPw4`#TA9^T z=LvL6J6eEI@lm9qxopD#9(lC; z8;#EaE)oq_uWoFih}gkO}kMfG?M%e4mgs+((NV~oy{N+5CmvgjI9<5={p zKrNy06DofTNnqGs-`z6tb$*reCn_g8#<56S_&zV(C8iaIzOw~TphRC=!JfVjZ^!yW0W`J5isgl00&(!kLy&hiPMD6wuPDaqA+zNObG&b za3F~%$Hcyp|0L1W6ems5<%w{W?RO4 znJ@uL)}e{Qm-LC7M*j70b!PsVmXP}CcwzHVE9QqMU@H;lm3pou`+U(p;=JHr#>)u; zdf)|GS=4~_MIQP$S0dTX+a4RM&}{{j_v0s@d;3^Ouvw1CYpyOth6!z58trkepDfwO zvXRrvsD%@6HTj*T_-icpBH4KLC)-;u92d9)EzPTJ+LS(O*VE$#;@FaW;I2XBjwo92 zZ+hBb+?fQst=|h=ABTQ}1*ccIR;&C+3*D354*&5NT|Gm)<84OTGM3H)!_q^TNF>{{ zz9yKPFoK9iOsAdHV^nGOcs?CTeC(5Bk57NkIbE~vi2s}GRdy@(?dRE$o5`psndGAh zMMiHB(0(3DiJ9ofBnbUwON?(hX5V;94N7@UwZ%!)x+4LHaX?uu_3nwxqCwNS_rU!X z>W=q}+e`Ea^Aqod@|l@yzFRjpoYlp^GI^58WvlCnVcnU!Kp$a;6MB#kw#F;N1lJHQ zEbc;x>5?=i@m34UQa!D%KsRdS^YncW6Qq-(XPWB=H-wsTXXa+vV`p+;c_ma)9>3A> zw0m`aspsee#FZmn80xuoh+GlKm=EGb(9Rnqa4M`5+ z4hB!H@nNxLlXZqyPuU6Cczh*;q;sq#4U5SY-@*AgZc>CCbfRNfM0OSRV%}cujyM~$ z>rNNe2Wh3JvK+6lb`>_S6aSG}I0Orlhc78`C2>d_m2ujGsEjIKahxyGMWRHOzr7i2 zPvPLwkcZ!*$gFqdbz5kNyK@CXmoiI9ZYp-PMAD)qG`L?L+UFI5Z}ho=(5t8g*9edu zMyfdwpENSlUXuDm4fAz{Y@#$Cc5R5kT5i3L!6{bPP@?I6Zf(+|46}&VF`_0Ay^x_} z+pqF?Jl^RAvbGMI#T-c4dfTdZqucu*R!Qw+YZgv{Me^|?N3zLxJM3~OfuGHW*1g%N z_BmvLptok^mGkIw(~M)4rT5CAqKeA}x`U6xqpQZqJ4a~QJ&)}vl^I`Jbn1>K5U*+) zX|f^v4KM1B{3hgyG8@aqeQv#}6h9SEbgVjT&e}d9Wc@-zJKJG-Gfy+zPi7cg{}6}} zd+bUSiYiLRbq@uvNWP}D8%l^~w7wAMUio2%>L&L@{e7`dzR}mz#YE=J9wPh8|HhfL>h-|JS2tIPdju`qjH&iSxWLMWz2M216D19Q zIUO5T4GR8TXi;G|PWymrW4;uI81@sS5RlUO_J^8ZY96yeIHpCEl$xpF*Tr_HV^qfvDRlfD_#Z7P=_omYb9F#4Ov$7(=Oi-hQg z2r)@4#7e>S;jl)f531vQF`a{0SN2cUpk%@zW+*4tokQVL`=<^P91oUs`xmS6MHnew zqv48=O|V2kiV-Lc)#GE2I}o;3soDk_#K${w3oWyUi$z9aNfBo-whX^=HW^m~)py^+ zB~tJGgi=|hlrCFSk0pZ7286)pAIXHW0M<&WF z*~+7Wkamd9SG%TcphRd!gLh7DNBr6_mYLR3oy|l&MkrYWIBwaNli-JoxCKzBh7_cA z$Dh95p69_N6qjXf4d6xX4}MkI*TqWtb9n{%#&$VeLqb z_;A@%t+!GALkG;aC-C%-wE&b@R~WjN5oe2x{6R9WN%vFH)1$hYBbukD*t6bQNg^fp z85*X3l)j2W`rvm*qI}(5xHGf3xJ}Bnzc*v4;X@W{4;{EKATOe8? z&$L)J%}tgp3+hl~fy!U^VS5^HFdQRg;a%&AI|2@&G^{ddDA1F6 zH#zAd45-an4!^a)EsxL9sGbUw>V<3vs6!g6lsmxsc6 zIWs>IJm3H3~q%_~jXYH0hp*G8(a2gXfuGuW8Vxut}jj08x znrUGqL01qIKealpp>g&tuqxjy+nb--K#||Ej=8;XjO#m&I^oY6I7}KDkGjGm;f)d| zl-F(wxfYliGPZVMwY%__RHV|e8z##={XlMD)`ki)TnfhE|IpX>^jHIFW(o1!k1zRwy@~OIe9gTMO{D2k&^6-D;ZeS|7O2 zW9C#*ZFi%5_uJO^nii?ZFqZ=yswCi00U{*v1U-Z_?xHmhQ^BM6CCvOB`XWvH46^3+ zjtBGyO|Y257SdTuqyGh$S*v64FXoTJ*|v>H<7@q=#a0eu!)>$w2UO-1QSUO%%KOM- z$asdkp!WFZg5o~O_SuMX$iQAN{9o~ro4eZv&X7bz%kH`8OZ+w_SPH3;Ke}OTwobM2 zd8Xb9TK0h8phhHY_8)%f$MTXcJ`dlW{Ygm523W-N z3w?6jh@57Q?Km+;bP~tG?0(IV;S=TLDV_thx(M(e6s6K{>CUL2U|$#9DkzTXf*OB< z!YxAOKo=`7s7;BB^(_xi^=I5Frd|?L4E&<(_TLXj84eefY1vnVjm(plreacz4TcUs z_m^<+a!;59{(R}JFFpEbHih{p4!UV1u0AS?DWq76tf_rx`d!Tic#zr8W^3nJz#T5c zejYa9&hw2Uv{Of9i0rTAm176QlREkP6G_;N%vK20*oTL><_kHo^K<*vP%k-oI&tk@ z7_KHwPs~bcVxYkb_2XqZ1XuV{%0};}IoAs{9+!CB(;%U}*^pUvBmYU6^yxno>Y-${ zrRS7ytlvxZj%+V| znYE>jE0gI@i0I3gBytGygt6v33S9{mBfGy73`(tn7Q?;MSiRu-cb=P#+K*r?JN+bE zx411REN=ljOL$}B#!2hFz%-j1)Q)gq2CXsGh5;!`x_;EmoI#(sHP>i3lG(I2oLuJD{Rks9L(4zO$B{myOuUOPmxH+RhQh=n%!vS(Px z&&KfqJS_D`;Sz86wWz#st})OzJUJGgtxFF9Neh=3bb+oHd-|K261NM5uHKeKziFw1O1|KhAFuF+ zTh5-Qh9$}skC<`ciyZaN#7>3tl<1nt6d~nmR{`A%)B5f0PC)1oXs^G zYy_{~AmFhndIFewEe!vW{82VYC4gjN_;r0)eQGoKSx-^-?bA^3scHF7jYa-oXi2*X zcR0UT)_i&{r$#&?$VVa`P>lF9tV>bni-4lZc>An@WC<)jl_m34`$ws3Z1#L-Z7qR=^frY@XxBX_; zf3x@kIpkT3z(TH~x}>*%k)O*SMXG0+3ONM}`?f~#TnX+yJOZOcAL;^_(*Ax8BN8-}2uT_2Sp=gQpd)pa` zX1qR{4G3kLN_+BFs&j{^D;f!|}PZS^`#fxwURsLY>~%*>+ml zQR4Vj{Y9f5xP+7{tX-uqf8-3MHGnG|k0g(BH=EX(4f-0#e>?Ef^<$ts(&|7Q5WIX*rB0E{6gjjLv$PlQubD%p z9-(8gr8WezyoeaCf|9Sb48DWK z8Sg?{67av;@U$b?Q&N!403-~wnpUjno{PmOiWdOu=Blo8 z>5)@OIE@E*%C939+;fFPSb#%L?;yoI&DDxzGzgQp-VVJNZu4nch z5-B1y=S_1=w0&l_8+Okq74yc*A0UH; zsG$i|kb-$1vLegN_tD0F57*y$3#t=O+oZSCsxkC7dhc}$fIZ?CYUdtB3r(JH7;Oy^ z@HD`s$9~HYGY(8FxF11UspP}or48xH9hHV>kCh2D5G{j!%SA?1R!s%Jbia4O?QJ6q zguxqU?<&`7o9{Wh8cT*8`4wgzq&DCIF!c<+RSNAVD--jYFMe!F9Q6P4(WeH>l!XR! zJt4ImCubc?16Iwj=@ASOrUos9D(kMCbJQqJrJVmQCwvl1p9kcGJ%)6rCW66K+((az zs56uwC*%3gkwOa}HAWPuch25@5_9V_x@S0uQ$Byl(KG1}`jtX^_CNv!$45S%OOvKXMa4*e73F{~O&@X&7 zYQ3AJP2GPVOQqTKy?Gl}4tlgfL=hW^A)NiVM z3>Xg)F>3>9fXmv*+*#g8=NfzdEr@e4q27uiB89qhePkh_avk*;4?6%+^j(8O_ylVU z9KCg7c)jyo#!Ix;QPs!2KG0 z9ut~j4D}~Aiz`cdi7PoalRz>zGBoIKZKqj7GeOo5m9^1Kl7a^<%(&6S5O&l!(t`#D zbvCeLcT!BDMTo`=(T&^&Ma})?Ilk^HaoHB0k8f4#89L^v5CJ?_m$ zd3q%7kx}y_3xCYSFs{cBYh;1R9<97`F&Hr!S((IUh&-X8xK;H_x6D@2-Ah1@DUs}& zUngU74TmBz_|@q?d31@hTyW#Ue|dX{KeoDpm1(6QSlIWi$3RlQ@_E`STR|4Wxk$|% zJ+dNJ&H5nr=)HL*6gZvS?A6sT+yFY!z8oD${j3q$cSwE3$*58XF{$~om$Q=N`Ae3P zR$2vzwkRlGj#^)yVx4Lav1Y`atAOR4*}%%`e=Phwx%$uRdK>prlu{ISa~?`xiCWn6 zu|ylMttp^WOMo0c#c;XdRPzEh=CR}b)$Y6|82^Z@1#IpQ>!_N1pw2c&@r1TKbUxlR zq49l4n)2B7^GXko7Gj*GNhpQ@79bzmq4@8Xr#?!wz?linS{66Bvs=tyhYJooE%95- zTvJwBQnmzQp03S^xvCPXFVjW-sUD#Gs7IFUDqK`WeO=inTo3oB&2Z)af4ZmUzi5-1 zo`C%iny>3_QKITiXIsAQ7vu2j6h1pA++Q6Ow`pwthjpttX2l3^hJBPv|0J!TxQ717 z76CS^{t=PSIQ`Wn{v~$&ztnAdNN_0O0si;b_l6xj9rZYcotM1jpGFNB%gygifKq%W zqhAI@;^o53NI?Jxt?XvHrcTAyc86=XM5#MwFKG7O^_w-_|5w?0MK!VaZCgN!Qbh&n z0wPG2CLIePDqTQ|K#(4q^xhFcklv&tNDCbyl+Z(w-djRZI)s4K07>8*_kNze*ZS7` z9=ti3H79eBOlIak_x-yro16e8%2_7*Io5nu9is8AJ>hq^A37`(+2lQcY3)L_@~M30 zD7X+~77lJ&5F0Yq7v&~nv8Xg!!m-7dN7J*~hA1e=wY0t3-(3~e&-=JDjf#|=9&$&Y zR2tUe+afn3p{0%gA)ZQSYHR4)zEzYU`S1Bu{EE>%rYGa&_gX)nC4|OQP>*-{x>jbBZ zEvHW}BePtW(^sR^%!e{4y}E;QmYHkk~xJdXQ1xGWUiV|+jnElpE(Yl zlo$eiZl3g?nybdPpNBedd}Mo5U5p=gMzJOz0$s0>PE}0~FL_TpCsy5+ozkIfXN#4+ zdMgD{lWcsxSNg-zhnlrokWcnB2yCqA#`({GM4~6HMPGi4m||yw9M56WzN#D6P z9PR(0@>cZO>gaFOkT}bk{{7UK z!+P-cKj~Etazuq^7 zeF!a8?G?5la1nxlb-*kip`Kb0#gG=TtYudkz8(jN0=A* zbwS1O68F9XbRQk8y=dzFHV5uVxs1Zf89_FPrT;`)DYM5>owk_u++YJ*B}% zN7b7se$9MwmvlJJ#rUwTmqA=#J-J@V?ccSM_#V(Iiq46Qo*^+ChG_iWJq50=-juGc z!=F9@#X2zX_vmOeJ#OpHfO&?lx8m~VXvRM_p!m{c4|vQk&V)%abF4j@J8 zwS;xF!i4wgZZWr#7%d7jCC=#6(AE>89vcRO1FsBAy)TS+4B^_U2yv+~Ru)%-MsIDvtAngAXK%-^aIBzqJd@voXO&y&cp%?J&`n5J}Ig6=ZkPMW(2@db4 zVZ5a4IdTk733$4BL*|OZR89KgP2mzx8bjz-IDO6$sUTga*^t-O{{ni13aJAh70%dd4ro-pj+)7S!h08sZ#ZXqh1&RP^~oGGj3c{G6`n z4x0n7f+zp`-cYrN^t_3ONELmK6#pJXMbRwg7ly-#Qg?c2o=!^*C{{TN>8ZaP33q*n zOS`0HWBTUTd^pG^jD=Tf`ltkU1CyVB49_cY{bKYNhuKHNWmm|vVp5MRdo8nc;hg{g zTN|}~E0ulyVQiGb$3$wYWUZYS*ShKjp^!Jd0L9&P+Im-L>>Z!(WtYZl4h zoM5tG<~46)H+Oa=%;nZn=&`>V)DBx7NTcKgMoPebXa05E80-1*%UV#+W-WdcBzl5< z@B^KS)CfN`Me};b4$LSuqUYj~pWxeWSXZzca1D^9791(+@nHJ`-WYa%{QjpL+Rc}B zV#L65$*vYV6}nP#n!fN1QCG(To7d9|WZKzHvo-47Hs-@*mcwwuTa`*MXN33Y-b%l* z5Pp7kdTrGRoMlwM;`@XclR0xqSxh`gy;C6b>SeW`kC!|h<(NtV_L$*=H@1t%Sp$c; zVZgXZ#ez7qJ(Qlf-~NWqXr>;w;!B8ATiI@KEU)?2#c{zFlACf~wYq}xfvsio1{Y8? zG(S!GRBE19WwO(D=Rr)tzah{BCke35Z7tu)atx8S*=L%vJ29o1mUW|iOP*P)U1F)W z7{-;ckfbRycCSoemB<(2fPYFXQ~C20Opo+b5dw|Sp@jRZkQx^Rl{u{+S1u_tAGBOQ zy==0|77Wm?SJH6>3N*+cTHoX!vx1BrfesjMI2~U+I^5DZ<0(Iu-e9#o{KL>%?#eVT5$_S zivk8gpC#ZzHt2)7yyw2KLaboHNB)9rJS8k$XU1B9CpBd1ceG~R-RNIH7mi2$^Ruec z*9(79?69vqID?IQr0ecJk&IM^fNM}Dt8N)0qo(z&W8JsHW&GalMQW-fB?d)C()A>r3ppoa8G0qquA(W1-{bgJ>>$wO|2QAK=qh2zxR#rsc3GY&*9ySM-C8d^n z&(lvh|GdGVqyF0qZnRf-Vo2%30Ov@YI-ht*5&vT9Tx}qIIP~}!r5Ltxvx6)O7=_BP za}gB-(sw|gQwx$XSs_?vX2JwB-3EQfPGLvzJhxG7V(dl+AVeQxMwU!E(L@J5;F!s zLKksozW^X43qSL9|4w}IjH3)|T=j<9b|9!R8Qhe7+L@JfCqgIuirMc|d)4}8YkGvJ3V+n0)8MQwa&~h zv)H}PDgWd@?5+3Fy$1qek{3`3N zuiN*(Zq5iG{>4stH24f1EGEd>#95femdBZj-)7>ZLD0m0n5;%}pFPQGLk#U1h0|co ztMlbHHc@x*pgUT4FQbx0XoMpr34b5fcrN(E<0GY=B&E~4mxRN1)R!=F zb_MRAQ(xKhG#c*pY*co4KDdmL4}8&e^7j0Km*_KOrb`gs6$a2nXQ%nDFHBZd0IOpM z0*%84nEyvdLnbNGsi%V$l*OQ$g2 zJuPxQ)qcPxD`mlqsfaCA*q%A|yJcn~sF-L7XuJkYx)`RJrwp2kogf47yCdb963n75 zp61UV3!AXypD{NHe3~SL_&iET8B4medk>{WlI-x*pj@x)Mcn#mH>Zhcjp7h|p{9Y<$r?AeIzn6uNjnmSf_=IBW4!-S$;t(o># z!{+XRJ_e|&FHKNHkCp2Qr@(yid>(00E`guX>7q+nCK^om=16nIn+sXV?8<{mq6s+* zL*QUf7IO-NmiNshuQD979T8@L6V+x^+V-xi_L^o|XYKnWZm8nQ&mqgMZ!8aRk>>nP z&D6&8q$cS9tsZEx=|u8+x?H(GGONm0UFr6nj()u*Z{n|kUc?V7MQps4514`&4p(Sg z{3sVA7(R52#P%5NOU;4a_{@OAzgWI!hbS;S;*RYt{K%-`2T0i#hp6-m2)Z36)gFJ z7+f|!)AdS_nQQZJidYGoTyr&=rsE2o8PXxuUI{qcDWYN0S6 z%T{;7eY|C@Ig1M57eS=DZAiFl+4#rBwwC!li5^r>vPf(2&OwaOzjw<{ijZNBYAw4C z=}$QRgh_|;$$!I$*YlOsi(W(Rn{;xAaw$HZ&!W9lkhHKEHIRB>nz&MPtE-j zKh_4ysafkhuKB(Mx~x#d@%84MV~+RX5S($&2gmEp+1dev6>^ZeH^ z_Xbp}kbK_m=C-6OKC#-oGVnEon#Jgri=5!$XL%?5&tqchjBt0CY+};MAf5BRtvS!dbadl9CS`k^i}5q5dRVTal6?>Co*RR*3rpe3_(>hk*>uTF1R^7}SaE?aLSHUWv4g>x!9ux>K zl=P9EO{N}7+*MMZFMR(56H0X0Oob_dX2Q=z_exP1m5IjDSrct(`VHhPeK@`fo&Vh( zh0V*7kjj}@yN72+R5S+o^;9j0zlKA-*J@6%b{UQ`bW-XtLG|JM0Q3=dxJiQwYu9?Q zHXLj!VZ7ob&m6lHf9BWFNS)L%0Tk)Dis(s zO8_2?|0COIzAnn&H;~o2KKS}nqM7jY{A==(aeLa3m;b!s{BalC4SbjJsp-6hy)@DM z+RXKf*7juBZs*wG5Ra~1!|jmXzr>=J))rA06=W1nsZZYoh1H;?t+aC4?LV(rX)yE@#kU2@g#U$-3H}+Vy)5Rb( z1rwLlz(l6@BxKskfcQ`af)~Y0cAZ$fiDRC8WgEH=vCq*|Ph80#KXS3DACPq7QJU_j zH%_`w%>*`LN_$#b!&Qgk6V;4%wd{YLfD})Dj`%^rX?jd%?k$HM7yLf<%IY?kX@l|l zH`{tOyF@kPx85zTQC-=(WzJ7>k@t!Fmx>N#Q-$CaHgb%BYDN&jHYs9MzA>#3aO1^` zBYx2#2AJIg6RmT6aU$2u?fMZLz6nf(G<8ju+=c_)8#j5&m(?Zsp*W|jZ}KQ#IxJA7 zHP(0&$idaysC}bm3LUWVh2|5Y&G`eCJ6m(X9%!)P_Z3ylQ6ES7f)=t>IoZzB6Cg>E zRJOdIg9>1f$(ktXwE#DPoDM;i#O{45e~_~&jP0HV2p<1Jd|@J*wE6QpF!W$oQzKn+ z^eX2d{NQ}FozCZD?f#-weXP&NBMNJ@nB(n0(Kod{bgAecZ*bC8CY&7shG*Dz#7+m$ zR%LR~Wn{>6xePUg%~DTD-Nu|gMER!swREI}q2s!@(zpD5uG$Zo>coA5R9|G#Dxbdi zVw{FW7lMC3X{MQfLYXGE9YmkK8&n8ckS~>{{Jl9rv~P1}o#8c@X~5tY%UE*y;o-!e z6jAn%R3rj;S*zD{_?hiv8BRzRdblL))V)+ETp%L>4_vl5^2%jrl>dFTQ1z&HJ?mT| zHQ(+cLJM@Pgy?6lx=k{F9U4xsGZIA$+WkpGQOnH+sWD788W7Sl{QZPPmYzO|JWnb> z*h76O0CHl=CPB~v(Oiod1D}VoA31D>SYk6pB6w`DdpiTU531J3a0ybsxn!(6gnEUN zZVS4;@tuunymjWazk8ilO?bQMk+@#L6CeG1FEqn7@-*!$zS=DUb@UbT-6_%MhSUl6!p^?ul3~ zkvMaQ6&;db3r*GX0WZ)fVSasxmp}gv>{om{=Lz!r!9suYM?3Yi10Uss7T$%E#nscr zLPBQ*7HlHvvg$6Gc{oPDz2MAw%=rY3jer~}% zGGC|V@VQJn=|f_D)9HJF826#LXpUK3l`vf2Xp10q$9AS|mjS zX?w&>q;P;Yjk@lV>I*7~pu2LbQrlHiclUcg)g)o!^q>?nwCTu0Z)gt$=HSKmzVS`=rbM>If*(uk)~V^$Q!fddWblSI&)0d}3oPsJanmL-v#C_vUnEz|K*DOZ z_fhSB7yT{IRWZTpt;%%f8Hr^-912hP^B_m)$QQ{X=L?y&--((<`fj{=8^ zOcA-Hr^Lt5A3uvu4+KNMLSJiQ??$-#JRCe9W!dD)GJI~)t7t!AO}k2OSEp94YG_qI z`*>fUH7doMtG>-kuNxrUw^}}&FhXz>=^PMHp2LGIq^zq3rElXKMOJo`N-cN51wUfa z0B7e^UVm6uA)(t3+JayPxynWxklwa_kP6IoTW5+DYF>c;en`ro>m@%lNWB!_p~%o& zXM*Lq#clQWy9atP7W#3kpdtp-w3$h&ziKxGHTm)?l#5eFa|HLO!t+sAdC^Vm{Q*ol za&E54=;bNpJ3(ynURqB}x#eXa-tA;@V_m$Ac>d_My>~V<2!7DqkC}yx4L}?ohivZE zoj0+VWUN)x-MA;(cG+*KYI&OA7dRS{vMr6w3XcSl!sE~`=@vO$khZ0@PMq{uU~x6u z#p zp2ok|8qbhOFT!p54lea#+wF$3ki;mmy4eY62_iqYt#|?haMx;W$&94jZ_#hpJ%i&v zdEq;+^0RJs++6wqv~D!`|73P`0xG?y;b!MvA<3U3k2zp<6#qWt;`55vyDi8Z12hJ@nlgk=)xe$=lNP!_#x zOvNtE7`eVVRIcnIsoTom;=Jt1WUt--sWatsl9meOdL97DLKhiLrN7)yb?+!UbbPec z<`mD0bL=rxtk;^LP`(J+D7s{cm2)D;^g+#W_PSG&@ z{?jHA5RE5L$xG)FC0~PA+zI+BlVJ_)Gll=FdHd5NVq&cl>&wCHNirUTB7Va{aN?I? zXfMM2@Q*($v>77Q?81^>CSN|+6$Ls35ElE#@;^K*-aDLdjFtBS3OQRKO#`+7^x4B6 zp5Vx->}-l5zQraNMlQ2q+EKtgx-!l&xadt#pd7o5+w~JBy`km);{ibat<+u9s ze$&6WIt%sy;LhRO?Yzf^pL=5p&F0MlyLvy~z2`xQqt|${J=R;bn*TUb>hHGCpRcJW z!3hG*FrWf2O+VSKw{6ZMKSlY4uSIM^|Hxzh{wx?SnGkXuAN*EuO*ft2Vyk{iu4>W_ z(!)o16oO-I$iMWNu2Fj}v|Xc8^Sh!psn5~m|4%zWv3@%AX`u%{e*cHUlXoR(0&QqO zpqrD;-oa1C+hwb8&j?#ed9F-I`6F4bzXtZ3Z|2aNumVA3-P1E}zf%6b30qAddV5S4 z*5^AfrY2vkERbJrjuOw^YMJdAeD$}=9g3j&cY;5@o=3{CE2!WmFwEs(%2qW=l+cSs zWYYyW4Y7YaXChExk_zBC$}Oml5tj`8S^(U6r|$m~pys{ZydINN5lYvl70T1Cw^VF$ z_Apz#0K#VT3#5EJ=XM9dYKIH#y6N|mN~`=Igx8IQXBS?D^uL?@`s+{b{Z?sLu%+F7 z7Bwz9&HdqVd?2-lB)GH&K8h8lf4uyuFMMB5+d%5ZLN*XZPXWI_klW^6F14~`UbzB) zNHcJu?HTMxt{m4RX&>NpZK?4CkyBO}*A?Is$F5KKXUh=sf8V7MKD^??moz!ydFcA* O7%!F76)T>ZhWtNY3JS3R literal 0 HcmV?d00001 diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/alert-story-tree.png b/windows/security/threat-protection/microsoft-defender-atp/images/alert-story-tree.png new file mode 100644 index 0000000000000000000000000000000000000000..e7757be9b99aa8c109ce3e17656dd0c5435682f7 GIT binary patch literal 65436 zcmce-cT`hdxb6!`5v7QTGyxR^M0)RtfJg}-y;teI1PEPFP-#lV`MNgSxM%c?_9I|p6C6np{7WBhwcsz4i2f(8+lC} zoLg-;IC$5$39%&>Hl8!sKe(Qnimz}gh8}HV-{9NI0%UP;s$=h7S`c906T7`J@WjC( z>-zJ;g}N5K!@;@XQ<9g}_BGv}zia+*B2(m=XRIk{=A(0eZ;y#wEp(#EE|<7fXPU;%`$rP81y@6=3Db{s(|fUDk?)DUYg;~r@xoS2<@8L(|@kq zjINyIe@h>Rnf@*8HwY;Fw@`dtB=}`EP!Sd)dY1=v>TYZkt~rg`HzGmG;4p|}E|;zM zkej12Fgf86Z9<{8i-Q%t^92?49g(gIy{e+&r^l!e=g5&l^=#kMM79aKxLDN9c=F{k zAh}7Zr;*Hdb~A}w?X(gxE#iNk>pYa8_mBlF+uIEP{7;qCY%3+t=&AN!5j1DNikJo9 z(*;@CY&;nwY72JijFoA-$LwO5NVC9-*-3sv^$T(_oWAr8B6Pi~j*6Pq(Etra%Lp%< z_P#pqNQNCTp=dts-TY>0_e$;85NKQOc>1XrM{wfs{yy1tUvky3$!j3Wjy6jA?zU7j znfhgN>b04=`GvI_Z=k^$Wv4n_Mu>?&0cnRHo)))InEXFi;q&5xwt$=IDeAI`t8pmb zsTQ~+;tl=LF6z)KibjOmszZvL)I@&(G~M*k7yQg7oPQrmlXZ47G}a8pGB3)8v9V>mEG^Y+fh0{3h;|D4gwWu06K97q%X=HpM>l!u&UlSN{$fmC!-{Z zlUjd#xM`cwDg4Hv{@_{ERf<5-DX3boD~O;}8|Nz8d`E!d&oyel9(+$?iu&7)HKCl6 z#<}8LfLi;+kr=rM&$ZlZu1{v5c?V&s15Qb;izL@(5c&i+e(*@l*6KoBBu97F_wqg9I0lKxD>VdcKj#l6~3zTtY{8pM193df*BuD)| za=-ko=iGyy z(@P{0|Z)<}ckc{A@zqMfh=-Erw`O~ca`|y&HIcqtD#1pnH zGNr|_4h=6rjph=Ia>mB-E|9hLs7=xfqxM%FJm|~m+^C{6=E&vQvEVPiT*MicYR(v@ zPKRZB&3U-O4wi$F>#iO<%s+m=8Wad__*=J6KQqFbHRJt;%=o4p!^{ zzh(c9BZ^f{!vFgl&%M~esKTqM7I5s}#uoWl0{*vOXk+IOcl?jL{O(1c4 zzk%AT^S5=>mE}nnq5N---2budQlq1{rWzK5<~-(4N6Qoim;DieRHx3qR2Q*Z6oqf- z9c+xFzAQoL`QN1*WmMGMYQyYRO`8&;kgygRaiE!tG;-izU5>l zuUcW(t{&OAxy{c@)_I4F{2x1wjZ8_bwsR!ok9e8OfD-eT^~a*FZQj%k(Jb)5`wiA> z$Gs5+14`;k-esUJK_0cN7~UGGR2hrr-v^j6$8TQK(C#PD;q2HUzp?yg_|Jyqk4_ln zcxRg`nRC&smot!5Zao`RL0QXsE!V*#(QnJXp->L0K6EEgHGbK#5G4}Z5fHJ{Q5*0@ zFv3|ci8w00brL;Xqq=d~I7#IP@PISUAre+062pDk5Z4xQ*Ba^M_CZxDsUP*i6PLdkTvYoi z2&CyrMqSl1zCNqc!5~vy#o*)cayn4AN8Qmum=!ViZw6?eT7zbygVMjEr@x=n_9xKWG|t_`EV% ze&^=Na7TXkbVQP_KpSZ}7X(U2tq@p$Uf6`6M^qfVs(7=-A(*6-9$4OWxm3?i-uxu9 zX=X(sm9B{U?q#P0RJKy?@Fjp8xqt3Et2JNt)O-YATU(jYxhM2^C@BxE0~zn2)Ej=E z)>YL|8%WFgOZtPRh<>SMO0Zl&pW5hZ-h=AryTUpm;0d2)T|t}slg_)j>4R!7UMWo* zj%SajS3Dh51CfvbotUOwn7VR?P$bzS(O}}3EeaXi)km*(l14m?jA=U<1*ObF!%JJv zSsU+$hRWvg>F$gsRRQ(a=hA+1Xs4nLyzHOT_4b@PbA(>-tdAMOv*mwz=cP~ZN0(1o zg=eBi*`wOzP3Fgvh>hqQ#$WTkEjV+JN1ZJvryl8A<%$P6s?IRcx>jVIw1=CtNPKU^ z7ZP_}N%Q+TDCC92KlW#_t|j3+eWcIuBlM$3;4t(9i0ad`Gr-pL;C1GPD?Y`sIMiD@ z_Qq*&sRYbhL#R0R~*M1I>oe#)5Txg+w zyQ=N7U>nQV^~!`C{E(HH&e>z$x19~SJ#a=Z+f`bu^=!S$ldA^rZJu2#zF5+l1JwgP z(RCZmGj{g5FH_P2MNAcdpYj*7Q5o^P1OaT5krKC})}ZPtL)@T?V3< zy-2q;IQ$?}70-;=mnkiVG%)g>7(5F7l*G^fOP-8k&wAz0I)A2KEm*{Ua!3EKTHebw z3Eqpf#S-W>bc_{Dx1cV4P!5`e6!Qh45bSOedDeO4cM=t@%VajT|MhiK9Ys>JT( z^5$67e2Io?r9ZZvBq8zK(OA`R-dyqxV&RuxIsNKmkzd2Rto64WHzIC3zU8hTcA(D; zyu(9I^|U5-tV1cS>@`q8a$bVm4F)11r}FJE~JKeCFS}?ORo9M2{dS?W#=Feh_OHM9{)XWQ+I!m$3(@ZoXvFB zS_qy<=bl*k)-}7#In`d=XZvWwJuXI*({AnyfnKS5jjPQyoxOJ%!gbHF^{jlnHBqmW zUwGOiIoEM*8AAv+%!4OGgzN28yB(dsYA)EAjZvyvZMYxu!INE-28q6H|9-a8SYNqy z8U4YOX=&xrBm&38`+GxbS#h;8>RpjJ+iwltZVJy9a;oE{v}kLI)p3bk{u8%!*5D^U44!P!92}KdMJ8ujsU1wqRyKHp9%X1`2q} z7onzy4Bx&Fg-q~29}4`nnDBjsh|Bv-$9j%UC+K574+gDCVZ)Oi640DA&|%~B^@{#U z+-jlO5~RS!gz?Km*d577&vFMDkWq?E=M<*CMT7vGgwoAvqJy7sa?7rCn-6FhU77E> zqJFi509o2wTC~IiN=CnXH($B;fwz!9i4J}N*ZihFVyA|C5vFBteO{HkgtbwanH|a{ z1RKBJ?Z!-yTPYpiodUff4ZbY(4d_F-Ezj*)E#u{^DbP-L6*Ki6Cf%8fgT-pO(H@5x z>llUJDPNeN@?8D@dX0oAwVa&A9w zCBAc1)8{(QR2lU5~g}Q=^-=NmcvGCDNS8 znmJbdieIcfHafAKoe$IC?8k{5ACY+Yq&@&FtmQMtGU_beu1%o-(S=f@9%dMfneYwL zDa9#yz$}uS1}u8aYOrHtMWvgoIeZ#tXl=PrbfTU{34y_n0eQ+8etS*VwDJ}%vT=x| z)jMf>yce({7{9ob+DkT()Uk0>k(Oj&U-aR`F%4QMIQg>n7OdWGWK%`UTjH%JkI3M$ zc-z>7g_Cmu(&e|iN8f?2#N*9uA#pyYm2gvn3{%=sKuI~j>#9%uxVXQy0wZJ3{d9=Y zdPe?4n=Armp?7PQpUbV5$%JEbpo+F81H;OGjK@lA%XrjtYe&9sSpC9ySCum8xo2M^ zz0LfJ__|~~7(Ov1m;a##yk6H&IhNSwHGV9)_{h_6zMJWhvViMGM6~#A1j54BpC`H$ zn)sxH=sx=lW^)bYk;RG6F(?|iEthmGwUJ09+4J7eA7t+EOK#}HjMwzgJ9GdOoGzGw zeYKgc=RT^=_Y6G_e4cP4@)Ul_lIt=SOybgkF>{;9q~slo@`%1HbX_Rn3BHBMc75G6 zlpSJkc1^9C&QEv?R#cXMH();GG=83P{|;fB)KA>jDtDP7TDJ$H{`bO3#qau}3Ff3c zrG_9&rR*I`oRUHqM#-CpZj(6{qU%lz8wR!(>%G)fsIu>DW9lBOieoMIN<8kgXRl2w8eY;hG2YT5Cj$4grVJJuMOZP2~DSJ~4QFqlCVOOD)VM_QG@z0uxfZ z$5r2S98*R9&ij-3QruZ)acZT# zQWITKOLz8Uzj8+){a3gPiJcA&6(S9jugsNQkX?t}iiu*rn-A|_P77)1Vg?g3(k=!= zOK;yH6eBO2i+IJXC@R!&xbS?_UGt*KBOFuVTQlzj_4 zZJGq)2->|nCEES*On>Bv+?`D~9e@lBKAx*Ozi4v8Al!CJP+NQ#A{`-~yRAfKqOLfE z89oHNZJ0-`RnyIwxwCFP_t{dt?|#RmqKdJbpw=`RbOcvsm32mrs`Syy{CW*yWx zm=uqyvd^^u?xly~O*wU=cSHjpXV}-Ga}5r0si|ISpF3`}p8A!R9%%vDHWJL`uHgEy zgv1}_S;JXrUhhMtdWh-|p?cyX+~0BSGqeUW&aUmY)~b|O3+Dzq@?~y=Pt=1spV6y1 zTb6(ksh)UnRmY@Dn5FeJ%a2r6p^OqI*sYR$PSC32d_Zahu3B=w?il{_XXyoxW`vaQ z2eb%Td&Ij2en5llpFC!1nv`NQ`4+J4?EierIy+wY$x-|Qx__#iRVH6}Ty^8MxSgt= zCks#x!u}9wx?J^pu`zI&L*insevA33fLp-D+ixFx>P8b8rw6kycnl&)cZ`cp%mSxC2$n2sEL#15Y*BR|{~$)OR8n+HI=A zy6}Ex5P5*?eyOkbdsHrXc0G?i4a^oZ6t$1!#Zs*ES1wVc9LEC$f=tW0NYF>3%wPRf3UJ`XJ( z$fxxxt^{=e7~{%o(;Cr^aaS?T7w+N|8Q=kz8gfH1cm|R3))Y^DnE&bfPxJZ4;-@eA ziqpfY~i(Vt3?4E3GH8_*4cz&Zc)dlbKCHFR2Y@J-{@|Z;y)px$B9LQ3Y4* znL{_j5GZTJ%fLYaE?M{Butc>cf`4p#-UUEOuD$BFXUwzugJRofV5h_T>(h>m)optd z&c(lLL54LR>KA3>qN9LI*UXz!qSjDZ*H||kwCfp1R>#W4l;~=_-=LUP#n0=AUFfhk z!_V&~GSEQs9jJ~~hFP?Q$jv<&np)Dv`I>fHVb`QJV{hm8UYic7;@BXIsb-80Kg%>>xs1*N_J>r|emPDygLmF|7~7n`X;i8N|^C7aElL z%b5zQ5O{MPT(xQ<7wgme(hoEv*IGr2Pe7?4Jy>Q^{$Nk~MaeNCis#hfEQ2-7C1^T0 zNyYF^cVnIn-TDgf)PpJH4I4~thqatF^9Q|`g3I|L7-->m`AE~tQ}1;7)gg{7(&!{6 zam6w1)JN-f&)?G!Z~36hm~`10F)uwE#v6G8_#TAl;}`4u`QXy%Ct1@+qsk? zx|K8LaRYCk;1j@neBg+3aG+j09=R$FoX&O2FBG&U2%F!MA$r#NcDV*rse4z@*}IQV z{p4HQ?#c^Cn~cK9fvi~RY{XNW`c|c;hN7Bd&0ojDqS-;6abIQDPESobqEgFNs|vFwoV zN_q#16bkg>e>CGultj|Rq{B>ZwJvd$dFn^L(>-h&fZNf-=6+0F*;$3#IeJUNeM7E` zH>dc%4-@2;N~I37K$YtrV}=Ch6}7BZe7YU5OS&@Bg&Pt&j?*X6dHF+M*+9#!MJ zt9GE?7O}mCwpd1U%OHfWV7u?QfR13G#yQUK{v%!{W@W7*mW`lG<8^e6{B+;`sZdwV zl)%wfv;f6w{=9?{pYNMBT!AoT)~oAxqlu?h!3R1tRgU!1&E{B?!Rpm`}jUQ2x^FIYkV_6 zCT-p)dw9=B2iH{Da3}+{pw0A-`Kh=G?*hI{O^?0|Jscmc|=vtT~|%3ki9&E*gwPRf@61fpW}pSg89=Y z_CopUclP5)TCVU0dp-xU6x=ObUug>K?WVI+7Hm+HGW9Wu2ENw%VvMQvOp$tmd7z%I zDH*gy0=YkdK*yn+5VUwKJdKvxYUNX8wY=i;!Q$_xrUrmOtG$3oy%=*kwg2+#82z%K zq|5tBVj5woe!j1H+P=GC*xk*vJWgjX?G%$wLL|Qm!iwJdzx%dKOT%V=9Mh4I$WCq`T!u4Y`Q8GOn%(qx63X>Fs6y?!`)A*zOBzY1>hJ4cfz91N}b__ljVUC>dP z&;{)doK%(>M-u1}oj@N=agT3VrRhP2Qw=(bn`54QQ_)O0~PH zq!nCx9S8|+o+UW7NM@^@oIMy+X-se4JpF!pC-o7t&wN6r6)ZM4;4tqKBOfz_Hq5k! zq^l>7@G-yBJ;JDFBF~{~u^{ggh9;juoD2acnroMFH*8-D-oa#}-cNU}J~jA4@NvR! zru`ORSnsj0SdeU7Kf@Yzdg{hF ztstG%+gPs2*tcF7!<=d=|G}z9i<3!jY5YHXw$^@=38GE2p-TOpg$1uE9@BMLKuf}( z*CLlHR@k7&tZ6V^FA`<~Kp7`J74Cu2Pej}AOxsHro$bFF0}7FF!0?a8?WD^k$neqrZjX_MVa6LCSvSch|kP@^Q{NweF$~6g@K&p zkpFAs=N+1UCX%A^^;|aFu;JnHIdr(W+KBRg=SnFP-Kl0;uoCeXBg2U_`9tfX!e5HA zi@Mz>sj|Sqtx~pP`n#u1FNhj)aG%l4XUZvm$ki}H_?6komVaG(Ei<3BBwfe`^c=7v%yQoXqz6f+}W&$~A}pI9vZ zRx;ZUbH-u1q@7qhTDdHR!qY%^$hc6&_N4;v_y+-g=`#Bw$p zwomMK3ptHyVd%;3V0dAZoza;r%d+}^$t!G6;eHTQYFl&Lpvi@FN) zmG1ht-ofv<%EjJh6ttJ%B`lKvQ2QIxL%8FpOc0SF#fuj&OA&%ES~oRkOOHF7M%C_R zEb_~$#b?l_*o)k{JI?68tg|kKD+CCgvuL!B#dOaI@^~O9?W9)*mxbd!8o4%s(9|J> zHfMO^q~JwgQ;TyUx;x$qWVpxWdeTR4JGoBQVt>bo_10k+#HCj0yR=O~igWBN;!E$( z(3j4#HY@r)aEtYV{#h*ZOmaxGWa8PQNddo|tfO=$EEq`An|ycWl6ssR_6{oUoKN2OMjz{cX( zc(Faa*+j@D@!+m4N=wt>KWq}iIoHw-I`V5GpB8jJOEDe2b1?a#PY zZyESIG(ZBhDdNadTNRZ(6sxUShR36tdF`{MOlmUP?9F;E+Tw2>Oj{3N{6b;i%lF*O!~txk>;8F;Q;f}z<#r>_(zj(xnG<|xh9)H{l{o6gsmytlpA)!{o| zu6`txP#)+))xqj}zx#r0H;yABd+8M( zNf7Ym0S^1*&#nko`zpjL8TvQ{2!SJKM6p4+VPg=`zWEekmR#U969(S~if($qufG~T zZD(>x3!FV^!ZdG+%<^BXaWbQ|wgu0|)`zI$h-{>9uG7!TuE=NAHuyI;tTT__1o@p= z@5Bb*m>gW*@!q{eo1Mf={Q@Z7Sg_EmGNf?PH&l$qNO}iW+xTi~>5A zmmk$QNp@`4edLF7rih&Q$&X!)by+~il=U9RKDs`(?H1qte$=jyuIpFxrS)1r-V1Xz zG;huaIqc+RL5;GtOy>ds21!odGg3pBE`}Livt79Dmv@pVYn@SidI1BXn?SG;^aZc_ zQo95i5EL_OPyB-DM;!!{B6xAqm)%HgPt|^y+@yMl4mu2saaG}3&7%LlI`_SCc{Or# zTT+#cb69TDqHv%wYM$wh?d6>CS-NnbZu^HF&#}WN1I5RFn1QNvlrEAeDYj63YCsf? z0Y95}$uZ+uPae6qr*g(YIky`>Ly=1#VBicAA<4UJl5pu1YEwBv4K926|nx&={ zu|2pHtQ1dIT&_K!K-g8*C0Wk&_6q?7s|AidsNAHZqb;~O&f31vhn0Uoih%r{-@-~p zAa->lYu-p!Cru;n0l~E8$3k~Q?C(nikWK!QF1F_n%C+xJ@}M=+-wB(@SCL6fYCX>C z7Y87pp?>zD)ID30wNsT=#$R@)LrVDtdc-P<3yX_ebaId41K8&EbY1Gx{0s)3y)aYC z-k;q&g1~Sm8rBnY79A2JiiFiu3JAJ&*TaPU7_9XR2UM`?>(guTmmHH92G7#x+0bL- z)6TDV%U)a~>oS=XnhM7JnEEBcHN9bcjK(3BiHg^3hiW@-Ks9OX3R#COXC=uD+97Yg zcxuOdG+Glxy}0*99Q9(*-^ye6fj=zh8CKn1E>~7SZ2_{#;rewwgdwQV$I?QoLe-t@qf#KOrXm#+!hueEP$^q? z_-uPl%|NrjWXOH=Ey#m6p`u)h_Yu+x* z+7;Usb3(p>_E*T6kIZgCi<3)x)aP@n=Lg)|(9!16Se2G2$Ttkw-##uNKBwe0!M4j| zSLAVEeJOH1k;xXGj+L(zFTvejN?pmrpC-yBTcW7R>P~IGfb5wV7ynLUfBEvb5fPsZ30DjbK0^zQ0++UxgWk2t} zs(hl`nO)|@!bN0ZZ8+pFFuhKCb-*maYgov%Z2%)JKLTHyt4(>s^7G>gN-q>#s)FD( zUq^)o{1(_{H7@gFCnFf;hMk|)1^ha51kYY;h9$bxI*A3D!V$msQZtb&?+fGJHj`|O z`Qv7(2hDp*gE~k#D%)zl^;N6&_@^)`w1Hr3>5jtB`dJo$KwInvwvn2K?@%Cfi{JA< zNAODFRq4T>n4+e`XI%_pulxp!5e>!s*Fll(`Z|m5n6MX2wr=eZM7Uiom2aN}pUc+- zuT)hhAt9r!UcKPyk>YuvL*Tr2C2elOD2kQH6k;9G#r^1z)4k?D(Ak&^e;v)CRv2Sm4-xGCPERw8k-V; ziNvx|-}RzyFM<;^Wj)D7Zqdr03zcZ&Mm1;F1&EUKwxNViFE2wWMg5`bjE^^oYH20$ z>#U8ro!@efn#CtozA`ea(6f(h?ELJrDAXjG{S$~f8bb7wDC&$XL&TymRx`w*{%i%!zt@4_**Uu5^}UGG(#kMTZ|@_V?CxHSb@VBa4t z-Op5X!D%RmYR!hwGc_~m1wRn=GiN)wp%O)p1d&{i=@iz1YUu-%3bVy$0cuIbrR^Zi z0BdJr(=qtCwPWo?ohES1xYwU9#VK`AR9!Z64N5t`rVHttX5S+&7Nn0a{ECdXw_hs3 zo9TVc_9g}~lWL*h!stb5TzWPV$}%BwKwtb)JT5NK8}HpkvEN#~;+OH>l5~3FjQKVF z)q00kNl=oF!4}kg>-SSQ{u_e5yAul1)BLGpfUt?!HU{5fdV(T%lVhMlFdTF|Aj6IP z@O(mWJq4PvwgkT0!PlQ8X>eKzKZ`dR3S%_6TN)-)_y`Iw6vuQK3aT)mlY9kUn^DTA zPmI4!13>n~wANW=_|HJEH@h z-qXCS41(39xh3aFzdC2Br1d;#ct# zt#<~VF&jC22Pq#B{Fs0{h`{xD#e$9(H{;)2mdbVuwjFJ45Kb58%2`2YzlQlkq&zjG zhXk)o3SwJtJN;{YWMA*g=7byuZS%C>x#jKL#YSD`)4t$z(M5icc-GNlz0UCSZuI&> zRx-x{!Bu0_*leQ@`4B_WncmIMzK`-I@792;A4Mtq8ehD(0o4o2NKe~86+c^%)uQ4k zr@z}=Tq3758GIA3Mo0X0l6rvxB_|1-OTw##$K)|85!_PYg;IMd-HqT%9$ehhi2Z@t ztb0uEC!9=ZO1w}llZvHvJqu4#8^PuP9$Z_K_a$bnAylXH@987RJ5iZj%&}M`98taU z*=C|Jqr8{A1GjeXLfZ6FVGY+6;gKcj1K2Sj^zwXAxR$VS^w1Te+V*Mu5rJ!aezWJR z_<^U${NwwYo=lhKX4k%itx|V~3*ovO$BBMesr}vbX9gqkCk+@JGUs-t$QwU`_I*Tz zJ8DgCs>74*x~AR$=3ep!lcEj#0(p-p`z+M#b?#yMY-4N9#jD@TUErm7b881eMP7;= zyWrEMi^QY;csAWhudTXp20?3%G%+>-dyokCjq}R9%NZ3nH8uy|7BJ|q=l<;pES>g9 zv(f5bs%!Fb?_Yl~1?_)D*9Vc6wc2)m5Hxp));#c~Ya+-_W z5+WKT$sBDJJrn=qS1m*^^~6y`P6W$s9J8h-MZY}HRpIH4vniDEe?FET>g2fw78Xc| zD!ags)e>=-6}-i4JN|gy6l>#s>++|A3+FyqON`W+0880$ttZrOPOMXSe+_;mCVp@W zSIwOd%d9MaQJR=lvZlSS5VXT%oR%h1u;KN09=a9svHX+%<_kIjVzh9!8+&GAu7Sk< zuipUz391w}g<@)%WK*l(d&bmuYlH0E_)09lxrhy7V=&%=?dIH!34I#b{2FnM0a}GX z72@89X+IdBp+GoQWh4{=uj&67`G5w9$*hK>E+VQrl!p0hY>h`ZqhxtjqnJA`C^&4@ zUSqo{LEXQf_+AWCZv$JY+pM;b%a-6^;2P;8>5ASCorq?KcA}E(pA7I&7`Pb9E99-_ zx$aA8GVe6Oz*GO8A2p$4=T!DH(ZRUYruxA%Ysa^)6M|Sv5J|N=2aN+C^8?g*0N_0U zR+_q2T0IUcytQ0DV`H#B2pIi+_}%uw8>z>b6WKm zCA0C&3i!KnXo*2IVkB*C)ZzlIhB=4%sm9wHD1wBlTx#gnogMicj!rT`uP~+!LLe>; zlQkH%{(8vD07Dn zYbqK#oMctLbay8()m*kA_tAaw#ii(_QzE@vgN2GSz7~{xLayTSU_do~3%g$NGaA26 zPRg|~&J^KlN7l2WjJKl9q=?b2#}`7n(u9NY)@WWP9p5?p$ou&dvF?-4;k}c(;6NVX z;LGw)<1W<=%z(&wpf=R8PN&niAW?>@2r4esF{=MDv1lAV`Ji7eR6HRCs9F}psU$wO zR~eL|vALEAUum{Wnt4sj>t0XS=oETqzQ<5-V@Cq>VeM*POjpY%RUOatrdmIY-z=o1 zV)FTm&GdIzEBfeWIChA9`p(YTFE;?$vjpwXPn9mui0ntsbcyET%}cPVzdAc28a?us zK%Qfsw0#i08H*h0sHDxwvNkK#^DK2d$zQ81&>=9Aqj;_>tDmzbSp3J^OAutllHyp= z8~StXtB=caeFFB7sbJ+4%cy52r9|+{LUx>`?3=j}2~SUVukNq=vOS53Yk_*j#S9;( zT$J4D4UJTH3XwL?9}2oCIAsqeD^n=nfd$bV7>@B%P4$kHfa`Z+iXRJHn^xlwPy#x1 zjo;s?RhMJV)2163Y>lggu*sia!DK{oLoYRhoqdbUv%*&cM;PmU4!rJyQgG2vI=i2{ zXaKMSW(As)>=)fCNkz0%+ddxPMQwPE6Hs@9BQ(PFtg*5)msam_<)#d;&$;F}lef)_ zR_Bje7mg5xWkPYvqIHb4gSEJcksZ=MlSo^sD&fRR(c$_z1*blff|n-=#`Si1>wPb& z@Lw1kdd)6&vbv|b#yPKk?DF2h%ratQyl+(Yz@9GJi{>%&d5T zgRPFCvakwH`X+T|{E8G-=X*ZtY*4}pXl3wkl!`cS%$P2Ypf?U#%7-~q zT~$A|k4yhSl$GyY10h-EdPc)=IaY<=_$j9|D%QmmeY8Qh#Gws5lgRyJ@ZBP)G^m!g zd-lWGz5BxomWF>H-JCGYuXPu4p-7>5f3HMlK_|%cp?|0L?RMx+T79)(;iRU zJb9r<;ZppF3W=}lZ0j&>n2-*f>?(IoptA<)HH^;&or7CapQq^*hU%TYiEm*#f!1n% z#=1yE_JDAko6mWRo`WrrAxNplk}Gl!uuZOMVqml+q%bMlbo!(;Bp+0nLPVuj?!Hvb zt|){;VHd^RsH05{)eiNGY99bo=1_x3TR7H2V-+s`M`9H9p}Fz8{T87idlRKQw-iY8 z1*9M$;Sz91y;yL=`%iCwCXITTW0A%7Ar*{%Ky3-^2<9d} zbh+xScNI<-d~Y~tc4v?FWK#G0fW1~ zeu_x0bc3LIc&%ExOk4N&=k>?G+H0sa5D$3g*tcxys^j&SWM1zK@LGILegEg9Me#I8 znrZ_V=|LMe7Vu2#*WQtGcGK0=iZSW3fA-ZK82(*ZJ}!!mKy$g5Dj;X^U*mzM&N63|1?zWB{n& zNMwoqHW&<&cg7gq5P|%Ub=f}y>tFVqF!*BSMOw<&ct~aQEPK|rHoBD7CJedUpKfQj z<;6C_j{Q#L;YiJHi@xav;R(2i9h(K0iT%vxIfkeD*-VUyx_Es><2>fUNy!a^)2*Qv zUlPLWgXB-`1#6CHq`BB#^fxA=!$UI5*|ZBcs0o};PddDyfuZ3n3{Y<;HWO;Q=Z?4A zPs-KFM83pz$yn(u7Wy;J(Jd&r9-F7w*V zo75$vVUc_%KOZ{Hy59o;()sq&_}I5v?xG(`e%b(8|K1H8I0$o15-)wT)`eK$c5HJj z8Srv;Yxxp)vAQaT`E)wn+U%(Mlg?xS?R|Og;U5bHHrB`zSH^H-{V(=fYzwV=J7cOHNe(+4n5M3GW9CZ15T4mbb$J!!I{BTcRXUktDVR+9y z<;I(Q+%|?Cly7iwF&g?wKwT^9#|E^L>{ z%aakdjoD=^0*;x@1V0BLjkqFWC!`*wv!RsRXASd}%?fQz~ z%t+E;#*o;w;;V>QS&Ji~)-!Uw1&rScK~u%{)4H-XJCdy|v{xeI`I)sl|{qJ)T|GTpw|I9)jqPh{!JPW_KI^FLt zRO_0H=CTukL*_=?if%S->K^fRvDvvgC&urZV`t7ZKN`S4=_%f8I}U!csERIAfwC)z zp>qcvz^2O9P7W6J&-_BWiwBG3^XTpY8$}h-GMH?|)Iw;5I0*XAk_@&g`YhCq#++Vr zWE!w$V!aq~`4fFIKAG16QI?-+D_dAD(gXoS4!i=e8sgci!&xyh0S(VilG!6jyy~CR zmbfg5Uom28){Uv%;EV-%u1&ipU5A(G6D5bN^jXSD4f=WAL>sv#{mB-^-xX}%8#(ME zuSGroiM)9!-PiZ*&O{)Cf zp39Cs{msA$+4Oi2RL3;bvTx?5H%;(Mpf;mQPGa;B>N6O^|C>&-%95`lHf51A5kY<> z!#R(Wxz<_>+c$7nD2wC`>~WYoZVvLBjNiLw=)K+ZZP{l3fxUk{<2OD}4Na_Fz+gN8 ztSN}Rvr9<*0jf*nP*qca*GMAL_5BO4MS!I0BRX2^^O>rGhbh5flKmQlfKF|mD{M^b z8vwDmiBw9K-A^BYE;RBF-CtN<4Cb(NzM&W|e52*bFqt_2g*YrjNkK##r{1X5T(}r3 zD@{$6ymD8xvS3+x|N6l(c3);>NBGBi1i|J8Z&A(Ub;#FUc^C_M=g=;1oK`>i$_JQ; z*N_f=rYk83bL{o!J%6yKmK}9i)7RuY8hbC$h$qxUCitGu=7B@%rjGt;3$vOQYHzZ* zn9FxZ?f6xQI+Z#7yGICtwI$=>k*Lc|@&dEQUexVvEz@@b- z9^`!N3L+iY(?+L@6OlVfd}<>lUur0>*#S-MNBHLLzPm_m7O868mYyF3?Lov$uQ#uR z0DZ14g>!d;u=_XgW*OpWQnhpx<^dm1+I7@< zuV=YX7`Bs8-}?EayWy!v1!px;b?@yvsxR4Dnxc2qNQfnBqhe!9j6SJ@DUT=?`z4ToB{Ibiu@S*9C4IP4KY*ve{Viq^tr%R28kG|GEDwxbaKcLwaU_!@B4|#23rH75!FL zI5X^Hrn!U_hX$v*k-(#oROHZtRlc#WUI`fJ|`@#!JUHRjeOS_@GNM%nqpNlUG z!1ER?F!F`QqA(SiFp(}?lQ3TVUczIyRD?VNZXBU+ZSci>T0MBf-qU_VqPow^CN*bc zOtTyOA>XXr{U^U;EA?DbF0z86k(39Uj7wu!(4e=Low$j#wdCptIA12#Kl6Rww2M6< zKRlj#I@`eH^(Q|ZNQqs|UmWo?;oO=v>*dKc5TxTi7iX+6Ep_w)vI(WQc0{d4X31Y{ zxGuGjmv`oVHfVh_RcW?#(WT^=rK52!18!6y=?)=JN9I&r3C0_P;)dq^tA_n-8&}CI zOL5-eoTppNR{Q9@ao%%9y{9>(fTOtbpL1iG3MHo!R+aRoTpx-H(Zd^JsqY+x@kO<< z)M{vlBK(Tqo)CEa59;1JEUNeKA5>DLR74~Pkr0sXp+pp^p}V_Nx&;&z>1Ifkt|6pb zx?|`Vx?|`b*n^+%cc0(x?|Jt3?EbNP?fHv~nQP8D_c`Z2_xn|E@yCwnk}naVHBP;> zk#6C;*ERpBSvXCd_GtR_C@tvIln%L9)5*n*`>gs3MMG3G;vX3MbTM&vsf%64K6q9b zu~jc$=)rI|VQbw@*w2Lsh&oq)Y({ywF97qz_U=pm>MIwU$#X4>qP2^4KehMd@+WG=nOz@hiBNCmwbgy0a z(pWzDcAtU_dbvCjmCo*zLMC;_Ww6l2?4ajGsRo-4jjswfn1K0xb{V85%5{Iai9%e5dz^y)+KXu80V2yts{X-9lxkTEas7lJ~uQh*tD1<4Q!yZ(r zgi9YW{QNt166pl($5+2W+k3Ea1^YW4bm;R7Qm#<}Ah@CBZ$yJ4gCuqJqg;M}HzO{R z_UNqU9af(~9^C%#r5H|ct%C1fyOKMIsgM?N&f7=y)_?-o=FpJ&YVat<d^ePH0##F0rF2++3=U?G6fHE z<@3RZ(~5;J=2UHz@cjK9Z8O@tg8^j5aSVQeB4HCj@sz>wEd7 z{q@Fg*zvIDR@@t6kmxcc7l$&-q!R8^J^p(Th<&2t5`LlXF@_dFePHW{{#U?kKtt1` zq%Xv=uDnq_IFA}kxLW#wY?sr#lXiLr-(Cu9O|$)(bo}!Ce9?D9^qfYvZVio#L)`D2 zPH&qJYhs=s3sq&)!OPa%a1S1@Zg9C_XqNbQ807lA_%BZd`7>*OiQkaKN1(3>leIcs zjqZDy#m9WUJK`_t?O7lX{B0`thcn=*YyQiv!6@}>&8NOQ<<&MrYzIB|)BR8X9^saj z{o)V5`ES-#b6?ok&?NcqlHY2eOa|JY!4K%N5tnF3Gw_{VZnkjy z`2@tu6{#-SWHE~>S=lrBKpXkW?QHWEB|&resf0S-VvU5I2tk%c{Tt)N--Q^5y>o=-!rwZntL?>Fd@7FGx9e>$Cy)&A=(ry$@TDEw zy6vhXCPbE?`nRvI&QiVv@73HpaXlL}&pSXa4PeXb{k?7x5jvj_d&b<)wfPJsd(YV2 z#;nzbJOz4Ib@i(Xu1WB?m4EY*AAGL@lz}yJ3OY4nU)sW&g!1GQUy*w$u$y8-D`nKf zBu%qimRVZHjK2yY<FIe<0dLL6R+ZJ8K^ z>G@HvRmENeR0F83=ZvpOefe1#E8i^?;0J6zULI1_Bhe{t{LAOI=WYOmM#H>Pp^`sN4Qf;Xk^)2Ql8(HIH9x`iLYU`u{cke z3y(d528aE}b~w!Vvt9u*X~X=wv_;cI*xN1^>=nbe!V8#Y7m4hqKxRmMf$Y-=b%_!) zHFgtgaqHe!eN8Q)AnyChz2iUi&{m(WE`ByCgVDq6Hn;Bay_?y49?}`++S8sf{9GGQ zPX7rcXSl5wVxaj6*S>9P3B2e$SR?gFysAR}TqHE}=DVBZT9XG2@92w@)5jFP1(<_& zif(Zv1mZuEQbvX+_P?_4$&S9Sd)xZh?}SwKwsTaEub5qif@tqIr7 z0lR>FyVK=h()=BFR|>hsqhG6y3Ke&6ZzGi0#U>>?MI z=jDUPGWj*jZJ6=3G^k$PtYw?k@7%6bd>TkUuP+uZE&7^btpsHPDNh^o+(KfgTJ2c3 z$G8i2jVbosqfMjBB1%^b*_%eAUcGXr;ypiA$76M%Qt09|#k7D}JZZo#l@QL6w{g=x zJf!Yi2a;ZR)fS~S<;Ba4BU?)4-}Y#<6|CZG`sII2x6+cF>JjA&kl;%cEy2Wp)v~dG zp0@^W)93}T_u>d2JU8Ff<=SN5#crGr0AGyUUnE@IA58f9@sfMialPqRBkJLuj~vy% zqB8AwB=c^Dt@&a->2b&1l59@BF?0gK`!d)3z^-vyVTs2u9$HbPp`dL5otlOyp!%g6 z%m%Z~WZgz$$7~X%dYFisDy!Qw1RxlP~8 z&*0OzR+{#P%p@J)-4Hi_tfg)F_~PitnN4-0`2dFX(5)DKCf-@9ToqQyt|^i|ta0(2 zovm>$c2kjdp$KGL`70bbsg=`Rg%K4N$CSv`**h;QgyR!Bx7L&2TVm;jM!B#4VvYCx z8T6fC#SuQNw(~ueP9nktD9&FFs%L2M5$gxx7`H}@C3*k^LtE`Hw3PfFB zds^x=JX}yEZ3MgwM28x2!>Yj2I8#|b9w24u0H_GLU&@hKXMs7c0#lu{67n1j0}Rpw znJ)lYe>G>QGZrO?rJaTcd5r5{AEmDjZ}N{OOtviknRjzQ5}&vD@EZQ1pFLGeFH$wc z(?#6Y?^CCjx+2Q$xLUE+jAb%~JC@tjC0Sp(|HquHmOK|~Q__L`rxLbPQp3x?dQ*cR zZ!sGhp>--(HDD?XI_?O3nLrHlTC8E55*PgRiCD0nle_7v8h1y4%aCJjwu_VHA@%S; zCwEAZ&;ZDfnO@S%b@nn=ve<1D6)GN`w9=L9f-DNQwpI7(tx*Z1Er(nGbb z0qrZRYo3&S>K14f#MX`CPoOeh65Sar)&*mgHG0CtTRAxNyk}M#@@9YUYq}+LmaF8(9ER{`CVwfd&D#l54)0DJD@#`nhR6*pb z1ePF@eH;4~tH)PrB!>)_ITuqD*iKKYSH zQHHJ%YG0AUT|ou#5x@fPl`yb&8a?9v0I|)8T#K^i7@p-P2~+f6WU9(mfqr~DzarD0 zKB|=EJ)zQQWQ`DTUW0|(f5S`fB zGdCR(Fx?Un+I@LwQ}<@sk`H8x4iY`#*`F7afV1u1g$-5s(g|UyuL2EZCq3Z+jpK^)&tubOE9DtRr1X{>WNtOZp!2MS)}sk-TUM|J zi#&TfXPJ!4X@RgoFrHQ}I?KhFY=p(Wip?$LZXMR$Vc1!F``W zSKOR=5IJB3WMzb!QoO(MAqnCQFNV~&s8ay9XRql5erqq+Kx>43g55nk&Sm+E|0Npz zZLjgl&U;;Op5rev?abuT-!SF-y7r7Rv;nzX-4}{84J4r!k{wI+p<+p+e*DY*%7$N> z{jc=Y+7?9}U!?sIgA`x&X>}6J>wo9$SX~L$5NC|enVV%rtGoZz3jQBJT;ThESVeET zX{5jTm3@_acEK%jw>nSt6h_HQnO!k_2c{14rh@VuhH{Jz(h;JWxK!$W(_J5w6-@WZj)p^J!hK!xfk!DCZhG0^ss5(euu-k z=;|ih+@#0P%_$j>lcsc;h0ctcO%+W!OXsu#&kQ}%!W%+o(tqn@|BRTq3!7^dbA>`k zH%DFNk_KX#y^{7=6W+ax#RC@Qs#v}rFR1hy(c*}Lf2?AwY8+v6y%>G`j&C-2Cfy`* zhPT<-Jn7$UUNoG9WpMN z>NY!`A&V_{kq`@DyxxS=PfpL8pK)`emClXpTxkt!sO3i}4;KP-UOm`Vcp&rqKodU} z8`S8W!^#B8`yAh!nSxF7lBAMG$wmV6VniqSg2lAf#;l4GfZ7HOfz^*RV*XhCmhi0A zBjE;DdO$cdeq5!Z0ckLCdxjPMJ6UY2<<1lM)9x$kzUA;aPDyL(o$~r5dPUeh^cMlf9u6FivhtqXQ62kAvd6*}n`R8Z zyg$eFW*%}FCOtGuhBsFdJD3m+v}0p?>;|zXdwVTf_4)Ta<~XueLjD?lpW=r)JqLc{nJu z(>j|}Bb}rg@Okvh0zrq_n`E|bn!3u+h~Z@;4NE?$IO_cAJeDvS8?3^KtO-NDDwk97 zN_{>2!epDQVLLrC$?fR1bFc~dfpZX_`j}W>^|0O}n;D{+kgl46*qzL&x*Iql{@RA25R)!{Q?DADK|PB*MZ+m(2uuxJFw> zm*;-Bqa)dG?k@JRH9Etq(rf1Nn$1|L7`5(~`tZFc+&V1q>mre#$zwe2UXe@jT>6f1BWn4T6V|FX6~x*xlwxXti6G|awQOa0~pVJ_V$7N|xctajcCPDcnH1z+ww zkHzZ|M=T5)t<*HP1Wx%r`d+JbQ}dX+BbtvO?%qJ%CWYQslUO`docPV}{N#7K*17X@ zF4jb-iXfa2W(7mEDt9Mc%{#O6r_qKfH;fzsz8xZ$A=?J0!hqSyYHd}r6l#qCPlkP} z5XsV7OSxQ3rCzM$`@ODN-MN6-%0I05KJWcZVv4Qng4Ynu<(HP9gswR%!~yx)$?8Sh zShi&i1~Tz;o?T1YuRSR%@npdSMN^ zTl&z6UY&pND~xtv!vIN%?0LRGbs(`KpbD%9WF?a-Cv9#}by00J6B=cB8WjR__ z_XWU@Sf*a{wWtvdelmh}j5w?9rxo47yY@WFr&a}T#~JVI_Z2-RqIb`Cv|js?mkQf# zyQ&{?u2ilMez}!MlAj@&B_paZOvoY&-_7)}_UY;&Sz(Cku8iG@h|(1qDIF=S+lN{w zH|cbMcHT{>zld&kEVHhyXl@N#Srx^#Qz#D5vGmlZU6mX7AfR6VJN%C~j2^MMR8jqm zSXT6B_GYl)mJa0PP50Qv5%YWKNf?FKFJ7xyh> z!({ZV6GNShkzNUoaWnOr0hV!c%o-=q%AQZN&Q+s}2O9p$GP!{b(%h1fzt(w=@m*Z% z$7Lt`KP8h~ovKgJkb0&jTNl0o%UQK$36#Musuo8zq?Nk|ti)9?_o*yzHboQwP%ti+ zfRO4lg}y!{ZPdMU$bc_`N6b(>A9_K1+=|7VJKouLEHgx10Xr~Ig(lX`xKJgwjZfSM zzxrrJQJ~iT1iG8uqdf@RvdhM?KfP(!e{=3P2qu4fbL6}}s~zfDhvUULGCPw3ug#vB z;ag8R6rO#+8)*N#=X)${ORBbBhN`GM`A7@yoEG1%(9}r$xLcV~nI+;!kLLz0VQU#q zF@SbCK{;|fawAVJR#zeU-0w@@`3)oNg66uHCEqzi??ga|u7Vzg^SZcd<7w{KqCyz! z$p=jDI?N>!e)=7ISxtYN-GO&!1U~c-RpXnAk$aEJN1G?c#aFK9@S??RSL47&6c>W)^a z$#X)AsrBlc;||hAsbjyD-Tbo$Z=ga9_iT>G{s{8j-Z+vfT~%h6^e_vmT2bm9nRzsq zXxYwK5rm8#Ksiv4evl#1F{E-*gG@Zgw=k;cuA+uHq*X;DV3o_(?E~Wl| z@WsOax<>8%%M=0iUv-Ok5VZ05uKLq`{4WDYD%1avAO9c4@}j zlAIrhx3<%`5Um~2}9>e6gUOXavw{4xM6~67Z+c72cAAndkKOIHLtmrg(*bTLlRe_mlg&WgQ?Z?`V}NQ4YfQoi`iBt%8_RpP*XRSiB*9Kx<0cQMu4Pwhf_ryNYuLX;I8 z7;?>?tDtwdX2-i}2jaMsEWs%$s}auWHDt>`I)mANbR3QCA)b3cK21I1jX_!AVdmp zsb=L|Avch>vX=R+KfX0NE2!G}^`Xlk*SU4HOM6xFsa_Sh(x_te>*!~098Wb>7nsX6eQ9-~Uy6auq z^VU2bC!TAp{cM7jSt?%rdKGNeVb+6?aNxh-4ct6U6@2I1Q-3tWaBw}@a&BpYfq1SR zup8CX+95Che%Zc`>6itGTvy|+CxgW~L*r^88IU7|IhEgd+bS7l3s!#RqeBq~cSp{eXSuFx@t3E_+#ZkvV5X16auRS{f24;*^8jGdFap+vzm=i{sA7m&fk`{sh(0gROIGPTo({2@l=JC(hhgrf)z_UCnJyy#N^76@yd z0>#{;bJQ(Mm(xoNY~tZ5Mz)!_iyDb?TpT#}X%2#nYb6#6{iwc+8D7yt^3d;Z4JX^3 zu3glTHyH*vFc7Zr2d%dXUH8~w6@`ZhrenZQ9iP}HxE%T@P`1T3k>J)SbdiZL+rO4{5qUh^?dZK8 zlY8~2{~Vc)SuEA0_eC^K^qDB~=NVD3gv1Yy$`5C~5Y(MgsGHm0_bxLEr+8M&F!ay$ z`q*z%qGP1^$i)|odZ45%?1SZ~8yAx4a?7ldW5%j(AIQZhOD0yz)S-0{WFY zEbfp?s}p&bRD$}pv`IBt3T2ZZ&vKes8ba*xIsWe?BIQ8VN*?+SE4RoN7a4| z%kIW*agG9RrmAckmLAm%?Jv^ir~-x`rDfBCRC8PVW=>>KKGn4cO=870$iZ z&Ea|Us+V`*icND}1Zfyd^tCCVVLtkWTWxasVD2%7-O|W(gzfjaYsa$|NKPGPL4Ebr zdO_ARJFPzFxM$bp%B-^}=R1!th$btx6n+0M6`=giR#jOy(K>9qCc*Yy)6*d@1^ zoi45uJx-+vEDA;+jnej-@NsRV%P}8 zo55Wa@jj7Vq?@>?hG08{+2Q-yKo$|+CfNqM_RtVNj&hOdcQdJb2w*-A=bPbR(@-|^ za318?ai7OCp#u@ENpY>0EWC0-tm-QT0Px?s$O3??0jc=<6ygPqkE5vFpGeE?qg06D zS0;k9s>h9={8?NQk_^syiYcP4Q``EYTH~!HzqL<<%dO})Sfx2P_|`|al%m(3isQ&r&-^dHZ8srM*F|2bhX(KSbqoAcmXZ<>C=Mq3v8g-EF4T+ZnW&OgVdYXOH04)Mp5 zEWa{mtj(aLlsmbfW(zp3Pbbf>IzZp~w_R)cfA|r%-q)2WM4R=CKbBUwczAQAo`2S> z|8~Xrz$ZpaBQ;%0gxd^R*X#3P+Ux5<5jOf2H=19;JSc2J#99v_!}80Cg2>94YYpQB ze2;}tsH7zP;1Tk^IEH!hz1cyCwfAK(ja-eSUO1@ zYbr~%N$8h^P4Vr%&(`(GYEB9DqgQS}S}Pe_8zxGtY!>Wfl_Vlfx}z zZV8JMPbdhsVm@HD&esvkI54Q0knh`Ruhc;Z{BNHg>7e8V%f`#->Sw3CVLIwa_mW?*hNbnqILFIV7)s6Slr}@kW zdnKI(-wp>=o944?%3;Y_Zv}Dq$+T4`jiaXJ;a)~y2kscHS-G)euyc{Ki{=6)+}UHd z(VDV7e)=l`T9(Aq3hhU#_tTCdY22R9Df~DqlBgnhg^RPHyq>@+YS&*aLlvK>w%w5_aihK$2qX>a{qteH+Rx!}@T742GHfOcoD-*4cX$-W&j*qbq!gZ5PeYjug zZ9j$OjnqR`s(Aa0Da&<(UbJW#Yi75TnjZy#?dJ}l-PZzgM^>=-z9J6Y`Z}wx6r>#dgp^?C_rVBP* zYMqg`9Y?Y*dtOD^r~E9i4iPz)8RJJee~GZAd=HQV+3Oe@LX4 zoTlR~TJIx!NZ>S4gO~1_yg$!NsRKFIc83*8b zBygiT6PA<)*&uJpee~JGf6`BN`eoMSVgwl?8D)wXuKmy?p>l4JH%?eIq_Zn2M`Ca| z4-S5vteOjB+a48`33618!$+ z^>E9&+1Wm}Ay(iv4)?$wc z(*v`|9-I3L7vXWhXQwM5@Lbo2x2 zW442t{&hML>V=|5X?EW+dESv$6!!fv?Z*cq8gv!wK&DX2c~s881|#wq3{X!!wAAm* zcVjQ;Kw3v}AXSANTECnLR99kMaWS)ePWpdQYo}-~!t!T%b_4m{H2g_>5VuvA5~DgL z6za%CC!_oJd`FFT%=ht=^`AUeEC!Q_FWV+8M_7yN&7%Ii_4b78=r~l8W)lsC2i>|o zrL#{K(@qyTcT^PBIa3@rAKo-P8&JceiuO42NFyDs+t5NhdFScg44@;<)BMZ*T09eD?w^gwOC~9Yr6EVkeH=qPs6U;kkcPTAUJV z=(#=X`(<&C@)R1pvzO*#lYa7h<@aa;)pJc+u8-2!5jK8}<}G74IMf#*?;xMGQM%8vQ#A_y0z6@qY$A{9n`2{}tkq@;?C; z_WO}Pve^LrMy!%L#=kn>!!yo#e zg4O@e-eOOZv&@q3?&j$PcY6YK!cjYEBG2zJ06kolwphgMONJPpS(ApRQ%Hr}na3YL zKB2z3H&K&Qg=u`xYZAySR@x#KgFRh*>R-sGhboXKa-qU7hY0cf-T#IOE@HUuZ12){ z4&%3>f6>tLN#D&TaHLsjRL9Z>aer({mJK4ekMl2%oAQ-!YkS>u#LqqcG3_zLcrnAk zS82MPSxw=)$2Vbh+ z>Z9a4Yndj6f5Em)GN}qWJ&v?dmwNg^s`4AUB7u5O8WvOa&h+PCwP&l`94&iS$buKd zJB@6&%BU?-&hMH7uM5EIzaJg^br{otHUA*{Q>oQX(j0>>o3=)8Y0t+{Oy|450`z$# ze(G|;%70%0{TO5zPgXJ}SZgVt^Z`dY@p$)&-}kzDE9K1uj`y4|13zzAIuEIV&1MZs5Z@^un$=GH$ z9Osu6qlE}R%L+Q z2-RL@ZlCtZHBLM1dhYXNBkJ$BV~vj+8ZjE^vA%YqJt03A4FVnqPtu(I9>2LiuUDrS zXF1y$H*1>(fxK;Cd)2wo!&WmlQFVRrN!SG_i*PVFMByG0(%bZ8_ukQlj%P#&g z&3|_={TMvEz3t`ef@I_P6zUkD%OEi%+t-|t@G(HSWUg7g`u4ABRne{tiQ0{r10IU3 z6oW0F)LRC|oqrBb`?#U05f#B_P5=Pr0+|s^TS}9w`dI%wBQ?@{C#!bzHD_*@(RZ?s zG**N^Cu`s-$;>}T>$X8S4fTy6d;IJ^aFHom-~1IIZ5&5~v48;-=(HS9xqk2ZkFn#rL^@u7F22Bm%6>4t} z%2dI7&5{VEj+DPApeGO18G!3bWrOY5jOEfyy^4lcc>+;VetmK;d~BAlSS=x^GYiaI z3=S0XI~rNfD)-uaJ`TK}=T9Y+6ByWY7w{m`SC`b=lpCk4$I4`M%Gu(hcJSG_E`8X< zOWWhzNYy1Mabvu_qPg#0r+c_u3}bvTVJwVzo$fC5r_%O3+?2PIhGX~J#25Ii;}KE{ zxa6K+{~LMi|IQE}%d)X#eD+lB*PXFeSl@qgs(X6Ur4K& z5&wy*9Y@Fqv+^G1(?b=nWh3V>wlD~2~5lB|qpdI#ayi*j?BW)Soyfs@(__&)Q@97>dz-vXp#LU&z z=`E{a7OyMZE#1i}``pB=`^{fjllP&@wo}EvnrzDNzQQIlA`TpD=cbCnI6}k)IgPFF zPasa)TG21W{_7zd<9(|tjm<6Ji)B@+x>f2g$DM^SEnzA8n^YRKrgm0<2+Bwo_Ps;) zPi?=U<+p?vx@Myh@27+5rnYQEH2(C6{Sl!A+9#fPJ)5!ZuYeJUnP%m4n>*Co^t*hG zgS@qgOD1`rXnVMkCGFCXU&!Ub`vEqCf{ZVxv5B>g>F$%ezFnopL0&3^NlHvq!4CCD^Hjauw?_csAiJ5X4kc81nv6z0XKfSgCe{3qyRr@T+}aV^n7Weip)hOD2vZ zHbVlKpxvchM?5EdyxwxrMfdrO3peYBiVJ6H$Nts$k~JqmPEzYXzYFYT>Uu za&N!YJm`VkMeA@mD7{nExAk<2nvKnCrb{;1Sg~r2*CKwD51Ox><9HfDPDw}=EWbZO zsf!ePet^=@f(vh9H%VhATBC_s48JC}s1#bOTOBRS1*+S)_1aLxZ%b$-|$h_k-zb&D?xJcIYeKwa7E@hG7{G^+ws6^zZ`O649-%4-K zBM#%=i>6yC1v2DcyX}L7UVGH%jNN>W3j`1VJIj+|QUE(Bxc3h8g_;A!T>UemP7^o8 z1A+MtghEj1#=9wUpkDfJY_U6RszzmH3&a4CX7VH5rfZtWyri!46Hn~Ji`fR2I=;ej9a0zAdVE(fYmKxeNWpm5}7qTU}%~fdrqC_%YDr?fSyS=6rLT|9PRm z@PDAt@{t(z@c4VmIrn55fhH^ZSPjlrlqdlv5kKPWxhwWGE0NDl*Qyd}Ul#d*tbaa2 zb)O#nvGcVPjgQC)hp|Mazs)3pW_`z6-tx6E7Bec}f*ehs+Xhhr>f3Pae$sjNbLg~2 zzp3{!sv-g(clk)L-!=0BLOQ;gXRT;AzC3!3wNC86W`-jVhJ*!I$<|)H_a>d&%-K0` z9Pq7a-MjhBLL_I`L*wc@ePJ9Ahn(^X$Oor7UrnTg?M)H?ZsT}h2HF)0UDtnrGDePu zY(V3BMk1%xJ=h=nu}4R%_AVtv1pH~npD?J&gD7$3p^drx*zQhiOscRmQX27pyG6F4 zGD0a+hqvVsWA|azLk35}{Gx<*^CFp3lrAh=sJq{5Vey^ksfStW(F@bLBsUH#XChH^ zy}Fw8WYPD=0feCF^*6!rRy3pz=s3l@X4= zv0X)iKZHJ~wkmNsyAYF+7dT|qvA&N#S*sXX$b@xFX*%MCptEo9K{>}7OQv9!uOwX-dGh$Axj%3iC+8f_Q zW7831nE6_^n(zRT8bY`6qZufo&H6J#Cf?Sr*Q!)}7+Z{|=+aUXeBeNTh`8cZ>|ZJP zZdB*+O|}S{3uLkHq_JoQL7DG_S7B@N!G^f#A6&w*jPB5nJi=GhdhVBEHtz6HhX&0+ zV)@$#%xbnBVqE#93MK+9Ybx3HjO(X zWrD%s6}wyKb9N`NP|^LF@G#Npre#6V+|Bd3`{s?e2-HmYobA?p!rt!r#O*Asv%%}w z4;+3o7#05O17ef^a6n)1=JM3fjpDL5T@V32&k0ArI(5CC*h{6XGxB4nyL?wab`Y}( z7xXQgC-p=vE>d#wHm>41*CR^Ljl3pb9KA*uVzu3*JNG35A?iTBK^PqUNO1dkR0-9s zt8f`>(tP1y`SOc~@W+Hrb`t!wESw0bh(hHckdpS8a)0HVVX`o61|%7g{Hy{p1v?j^ zO`7lQTiy$nYAUanN|5DR_Sq!VrI#Ex+)a?PUh>_#J~&hwx6ctMAxN;9=rzCPyfFsp zr0c&G7@omhNmg|ok$SD|cwp%YHStnwnv%;uv9Qy0s(X`k^f_DjwS1v>Wkk#|gLc(E zB{qX7s&ho2*Q8c3CGpI0@d~8$4DBLv?o!A9T4DS5I==4sG}0OV-kU1NyM3K-iUBh6 zlvhthVvYptp^^antqZu%G3>~2l8F$?R>hpD<2$g19z?^6$t`o2&k-6)%6;&;_+Y3 z#G!a~=_i8sU1~jcDP-)0Jy8e87bE0}Ydck><0w~;=##qEfzreEDx>uuPvo7hHQFMo znO6zeHGX1#F*v;CcEiC=#(OKq&@g8NvyR8h*tAh6f@=~p0cmKr;I-)wpPjM8}%OjHvC%l5edLEV8%W=G1vr@=C4aC8icD!5tO*p9`EqQv# z>~e2Iy2tUdpUQk1W&*(g)}*%>*4oylgV*=SQcvmYI1L?esJ&=*s4X)*wpo`-RCn ztjJNcU_Q&3>9BJkp1~sm()7zLyodtXp%zzmd^i}EX+xE+AxD=^l>9VDJHo7?7rNsk zi^7=iox#J0ehTU7v+DYD9-amMm2$Wdxz@Tluijr~3GK%AK(b#`4me*h_8S+u!GjWL zqT2;4Jm>tMp^c~@@;04%7UQ;NL+$;dE9~WDVh%r(G3UgOocWfj_Zr7-`V?IX@3>F* zK4}yOk^(J9ieTEnEnOSKcskCw`8;kiS^_$ij{@2cu7o6DM{NoSbx+`N0=a~V8kF|= zIw?|4K1C1cNO_6b!tq?Rtg0t?^~qA>$$sz{RBZ7X-!17h8U8e1RaNRY*=raY;=JJ!hu0v})r)x=HUELbLM^ zj8n69XlIIDQeRKm+&+VnX^*uJ$}_P2@oOF9aSS@r#XjR95g6Px&Vd_W2Ex5zMwo-z zJQFN&uK0C6VGguS*}2;jLKh9S&sW)-;9wZ%H6@-G%JiIK9SSa{Qa4jhP74R`A&^C? zSl`VwVFXFGe70=w8>GFiYsvgz8uK}H5cNr9ElSSbbv|uF4*h#^`^kG$f8^>*lEq8E z`UmJ&P($_ko9bf_3@{RNw5A$N>_0osUT|wowJHm)FSmb}K}O`J}8A-3HUJa?pbFMb1tnwjpNi`e{w z^oMH=!ahfvbsP}7WT)zFT3%wpXzQ`*^9n|HTdtOr#xy9o=$<+Ln|>(zcR!W#63Teoa=~-N zJ+JSyKD)!fmUEb?Ct{W5TiBnNxvgnMnDh7)L)17M%QLRFbdTHR^`f7-rpSZ%L*3U| zT%eMVU5-kYde5UjFdiv~N8C>9{~JSHG#iDyH*+v@w<$8$3J+A*_<^gU}7r}~}8fxQEb%V~#!YI`-7R$WiR zT_T0{3y9bQC6E;DOM90u0CBYekhQVaU^%i^TM9;=Q z`o*4~iP%U+$YdrqWLRpzOm+_2zek=7kj%C=;T8I_#ou*`&O3|LzRlJoq)oxzA*jJR z_eBDUz*$$}`Ap_FY^%NK(%bH}qnvvag)#cdnRtTt>%G6tdfba!L>l}-I`8vI3~0i= zemaweiOT+tNIjFYcN(1rI&G-#xm4m0ues+RyAT-8dv}$^4O!C0e3}?by@MOUUkD6P zEc)$73Em*`9B-uv0rNi9$=e~+`Bbqu|L^VfYUB@8wNVE0EtX_ule5g_#n_My#}HX67|f#R(sgLa2JUjhC&KgQ8C$*1bfwO+f%y@7S^+mBV7w@wfCI{8MqUCNid z83hn{ua5`CHbGvu{Yp3IN^SMi1UY$$XAHzEi~e?p6zO_d;i?*s3Iaiv&&<|hphPGJ zYNa@3ALF_)5)9hn52nrdYE!?VwO@9P)j%Z=U$z8*2U45XrG(-eh45E>6*}?EWO4+q zmklhB;ATKLCz_JSy#>lE&Nh|Eg>mS4@rMdJx$=GkO?6#&TZ{T{S%oC7PLl0KSMv zksQ(Dc_8D8v0dVxhU2OzGXwyEXC#M44K_zrJ3Px}Q?xZJ}3M&5hIHSvY}z9@ns zO+f@f;BNz^OD_T{3QAY$5Q=mH0qMO8s5Ft@d+#lQKqw+0C3FZ7LXloVXd$$~8QkTb zbMHR;p1aSzukO4FpUKLwX3fl+XFcWnD`p>03av>xrQtYJEg`au*nl1gz0vMW-6P5G zc3G|Z7ZggG(?~;qu_<&C&iTeQQ3`L`hSdQ+L)i0Te+V#G7UZbj=`QF~8$<|lO-})ep<`z8T8K#1L!QPSc z(&EAjAEkAO+x5a$2#{$k{KC^M2CNPw7L&2-ymR&35_z)u?9DI7=b*Bcb5%?36+e_$ zCQxMgNq)9jTnMMUPi(!qeQ6}^Q|BG=95r@^rGt0pZju)%$Lm{}+UMQb+_Fl5CJ(~HBgsTf%jNIE~3@jPbnc6c#KWKe(8zoln(+U61 zP#YA_=K1O8j3PY#A2s=Us z0TsQo>zbG5YS&G4J|&!MA1wmEh-LXhTe*lh{-7VG=)4XDL$YVM(3uIi{r9w0^ioi^ zm$oaH?oN5j-af})_nxnyU1&yzR{E`|o&pjK$w6OMU;Xw1^>;ZkZPRr(CIAt>)&0LN zMw7?q19|nfE6jZco;1tKERpjgTdfjGxYp#fg!$<6(_-Mae;wIU7je9_zGdX(zeez~ zM`-^oO7{N%6o2X|lov~BWdE;z`X5MC3g8b{JdL?vc>=|IG23c?p_)J(;lDzk|M$Y! z|9w@>VNcTDUJjF^3S_1$K)CgyTOMZ#Jvapm3$}PN9Uc#cKF+M>pzICb^Il z;_PvJxK8OA%gYL}?poU`!;B!$r}4s4#7U*-nOgvaMXW9<%ghYJ>7ELI2PE_|N#u~P z9Rvb{3ugxqKayoCI#5y-v?k1xPF)MTZx5gag8HbEzCV9@W9}9sDRl)$$g_We7p^M) z&46`MHzTh>Ek7gCnfUf4t~vW@OeJKGB6L{yNpc-&RQQ0HT=y*#*W`uKHGdGB9uIa= zW+RlGF^B8+T70`QFxD55#aE-$%#;s+s;#Rw5;=wTPueD43QgoJO3{+UUsP9Gwf73N zxlY&`WAe>Wr#Jr48-;@^X?bfx z>gA+qkJ&21jU%Ld<0XgR*ATqPzJ&pJ8fG!C`kL$SoaM+qmQ4HC02PN15+!{L*&LUm zj4YBhaIH#lJ9C0ST_g3vdXx1IzWnvk@_WnE^|v}JWwRAkyHAbNdGte%3V$we=*0e0 z<{Mt4nj{K^3Szygjuz}+=emZ~v0CeGmgh(s=9FFTonNxalvRWn1-uq2e{MM9XS}taS17yL zr{#{mUT}bN4(p_L=1?D4@fq!LhC>IN2$HmgKa8JXyCO$VKit=;l=-&03`A#cP4KFeg^V#B zXn%2StZh7r=m@_gXSWydF!ulj(_e?-Bnc7NPz1{v>4qab=HCP$Me`6_AtdjOR>9+A=dI-^&vH!8hTl)^s>W{QKZsGr9RN#PxWDAiMI8_Kd} zwH~TC3LUn_jH+rSWHseo$q6!Ij-R`I^H$={5E7im29h%fF6Q%75N0O})G`Ivqv5cJ^TqfCz)# zfGQ483gBkD^BCTI85Q*`&X_BYQKb_yi@doer zyGQf0K9@qUSb!!v36OwYvPi=_fLZe7b!Xyu@z9LsHHgJGi?O0PO_|}vtx)1lsm34n z+F_&@rgqZrkJaJbz4G#!Ew0$Z6frmYlOPQsn&z$&?Q&xa;2r*BJ;S~HBKQM1)t#s3 z9g^_(tfK$pWTJulueBMC#t{6N6WjuVFf)SrG{y>+4IxCacQv#h7RY^phg?6lto?Hv z*RFo?TIHPGN-Go3u{TOha^pDmog+Q;U+WiNph_Joi2CMuQg|+v258;@jJCpSHFvgw z5c4~JAQ$A~y$>)iE&z0YxBoZgtFvooS^=Ki1v-|hV4=?l;x=YqxN~)96NWiUH?g;4 z=xG6kA}kJ_HG~#EhTpxpX_2|?|1Ugv&kN=V#%wNu@z4Acck0$LW#7bB<-gK~&6s0j z?0#0WT1}P1$71}eZ3_HO{ss~+h`-r}5ij`PiFNFpGgY44^3KLJ z?+M<=>b;K_3b_M-o4$^jbW8U)0g!a*rb@N(NA#t3GYz-+w`|1dA3p|4EqEq1f|4Ha zbpj#reutW*!oyIsH!>G{bTRm=qd*itHcqVaARyxR$u3=Kkztq!H{?}x5?yYPIt8C5 z>=b2@yCSgOq8*$csOzp#wsJMjbbGuf&)vf4UZj^+ zzGhTC>^fzzlU6+G4bWcd^?Lr+{dKRW?~#&be?FETX*~(K>w8CO%l?-~O{&L=@0r>} z<*7tnv#YQ)5$C=fXh$^8q;$kGbXE>BNS{yUcd%PKi~Dy?$LpRK+dsA>W`f{J!!Ixo&z67r7v? z=>?VAM4T~;!%T;%z;;y2t9@P(qh9+P(i_*qPsP6{xZOaHPlp1G$jFA>r#yAoN+i2& z@$259+t0kB=pD2nR+rA)Z`jWh-0gaA-ikK}+B+%1x&}9tIMiJ-;UcY-una2yq0E* zTs2wmGktIxv+0ORi+Ti`L3kA-)EFHZWMwlI9)Jpe@opBR1DkvCYJj`l4W}Q;?p-sg z`&y8_ncPix1M~ru4-P_W#!mC|4p3;LC1vM;RThFmTm; z2f|9WeE3s684L5`z(eZxqX&C8%6w?-*&x~rMqNVul^#y{A@cG7YZ*4=cnd$4&jSLY+H#k$Tha@wuR0A6ib)*xVDBbspzUL7`AZNc1QDIL=8cdjd) zVR}v8$mLSxsWTfyUn4XqsG>~_cQ^FFa%_9?ZN1Ogi1>tGW^x6)BF7oGd^6%EZC`2# zI^moxIA^j+;sapybi68hic(43@D~)ibd*?G${gMEUP#47$foti1@5uXa&;st(KqA3 z6qhU`nPzA2N&P_Hx04Fb^WNEIM-y{0j5wE>@xn=CShX=#2d3`lho4fVN?UneTuiI4 z5Sah9dG%tTmUw`R`*(}2`OlLV|BDUHR~<@el$KTH{wg)4g*33}4?^-?8gjheosS@` zBtC|y4bDt)abnuakEuoQ0?B{ts5bl1WBbs*ldaB)OWl;ONOGU?z+lLQ0M><=)il{f zLi3j}6&TYyAxZcst0gda8rOg9@z#ujV%pQ8xs%}v)#?~om|3_#me1@z>uGBffY_yP#*m)49GtLihCa8 zToT|&zsZ0UTu_GPQzeR5o zD#E0|Wse0^Oz85Q_C;*ncL_{_J5oB%BTJ7@0sOApe9K&UHRX3p3kj1@*X*SzAdSO( zTg2VC`=NBJP)R&fcrtoCtf+g`9gb zd|)Ge-*h?ifueg5FvaXei(uW-=6pW+Z3@liH5VWGH+6v?E}5=9*lZe5)IdH0CB>Q9!n zq0mgwPywKbWEPvC(rFjw`*{`Zd2{plD5zd3O1oFN;wOBT^;7b(FHBX%u1&~I^+J#> z|HwX0d(Z1tvev9=e2S}B{ODF-d4f*~jni2D692eK^yJL6rCzFak|SydT;kUY*6}US zn;n&KH%7nMv~#}!Q;D-1Xb+M7#p1$=9_T{^ESVG5Ec!3r&%0{43Ts7QwDj0SJl?bB z(F^S>kGSf&{>rTBXGIJ9rM(L(6y6X~u|(vqc|>GGvRn|*>ZHbx~jN)Ek`EOcV>yG&GqGzE(KDZABF4iNCZ z#SD=aVX1Lsxsb{SV}$M#75B`0FT8CH0#ZFM2DAO*e)+V$o#7uv+uq=V{36guFrHK4 zu3Xm7W7-WZP;XdfI$LWV)2Z>4;Giw;_)%auf;*=<4CP-)Q5rp5uS@h$3Nc>xM1!wa&51!*SQ~-_kMDhW6%=r2pSM`!^<80U~tbo zy}XGzyt1ygO`I0f-xF9nTS^o?W|}eZ5c74|=XiFEz|CcZZ2hDZY58T6^rXYrV(YSU zMKj|A&Drl?!_rQrP6gwCpZRX3xEn9o^bwmR$#IfSZYe+_+GC#Ja?4oepX-u-BgiJHUd{!v+%+P@(+G9lNz6?U&MYI~B-alp9Z74U^}l zy+Rvk9=ZBbWtb*&D%C7pyKRtW?PT*{((}W2e^*eFM85nG_4>rWQ{~x^XF$ zja24pMaV|hzWCE-^}sbvga+le^KAb^fZKVLQBc(b^i3ijhrHW*lwcHj&%=Ysecpkp z&9Dj2D3le`&+c*acm>~{_dvFU&i#^n6kA|Z)4lrr>X&nA559*?6dmln0>s#Rt)htt z=nc{_nKVKNSfDzkLIYSNJ^d8U!uFPa>bcYGpX(a+D#1a>fU(-xwp^NthdTNp6k00z zc**&KWn2%L$1%c`6G2kVrdU9_~8=P9%$BZL`aBFeXN$@j1cRo+7}R_sI-Z$cJeGd&Gsq&UGVdHac5BWtcJo_FoLehpyS zHW^{L1q7QRS9OdzbS6(@r(2{KZiWN4biEmZ9fPAN0K6cedrNZSsMqSFaH5dKHK18d7jp`An?h6EtxGT^lG{nY2%Dc zU{Iq`S4c!f@VHI7-#e?V)}s&M?E!iOJ<_=tET z{`_)lyZGJRt@YOIk5m$sH#ZEY^JEX44`~OovWjH+SdS=#x{9KmWl6~+n=Y@^p-k|_ zNGp$xYp%p&1s%fX3#z6+H4Z<|E-{H;b6**}iAWEyL6DmJi9zR#y&9)xQ8%#pvIV&! zD3i3)qlaQT!ypk3E!o?CgxaA|n(M4rEOrg8S!}c}fq#sfDOO_rqC}odauh$6GD$gN zlBSXTGO}6gVv!^OI1O(~*#n&6sx!KpE4$-T2qf2c=XiCqS?rWk*l1<;l^pYyr7VBn z0${Bwb;Hvyh+?Z=M+u&>7c??8EQ9PPbzyhY^V_O zF0?7yJW*=rgVoWQ^R$-e9hmH{;4V20iHxU2`N>B%-**xeFyw4_6J=TQOj|^JzDc62MRnV2?k*SE#;lr zQUzI#lLG-&v#nw+tK$^3ZL1}Gtzdvp#YzGvOlXvsAEO-`bv_w_ly9F4%=-Iw(rM><|W%LT!^s)U3e1wA({L;oGCLehHOBMWg z?D)qC|EBD=b>>KgCr76kwgW-mr*hI^w?H6oO+vFXt|bbHgs8c7X}XmXnPy~t?_LNP zDcx`hyb?$m@QvP`Q`G4lkM8xp{zYlj)?gEplEBK9AjONt%2pj9Z`8kvX0!xQTFvZ- zBr?Wup?+~v%l);S>}i?xb5+g@{>kWv-=Ssq3%0;N{}0yuW9zE76H19sUqvR8nlnXjWq168%(+cbXHpkm7Krmou1L-W8C}0x!SGF}f zIhlC`C1ierw*aEsbU>wq3*Gj?KBW|3>J4>|j^LvH?@9Bq0S~Gqd6J~4m&^g*pbPWX z@fx4BFQAvitR2B2ZPxTxV|1xSv|YZpQ^IDZn_?kq6Wm5Q@a&6JzUKTStnUqQ4!|mZ z`9C7fzmxngljgGxi}=$M_ntUUui(yBdVO{V2_Fl1wgLW3Y`-6ojTg&kvRVI<>eNAY zpWXXrKFBE`DKSg-l&%8L60~7|H|R`X)HH>0&d}ewms`MRUqI->{r)PJa;ALaje!9lDeBE(VMS%%uFIe4Y^X(l+k$|y9tM^X z41@0z6rm4<0vxBQ|7+$$YI7vI|PnFPffzznQL0vOY6?8Ia6#`@+*pHkz9=@0k%*3Ueepxv}1JW?5K91K-s*% z%t17%r*XHc&t~(i^}@T&r8lc&lEZ{&7~vCDYLtz%W7jR8h4}=$tKLAki0AK_4Hhc5 z(KS2RFDI)|XwxYLHM?hilK6*qE>&%S&i{H7+mL+QurNz*y0WqxiA^0}$qz-tu?<>c zs1@E6!;0DlUOb%F9oJ_r4@JG2ZKt7xHj)k5Q74rj-xizweZ*X|bi6jXY+0*h=4FlU zsU8?Ynfqnz`_xP!IIuc`@kMVbr;wD3ei_Cd%a-)ELU#HdQ$hrZm_}(i^h%2P9#U#K zra8^vWP^X8j<+#_$L{+AF-#H_o=H80(+_AOI-vVcof5DE!D$Ig-bxDyzP&^#Nlp?H zP(cOT;j)L#7aF52@UmZ~)RwGgTf!jatv@3fBa6v-$6K)Su_USHg2sdNEUIK@(n;}<|nU9Kf9GmmVjPXHP_Q%L_Sg*2G5!C^=UB+HZl%-eN zvMBsh7p*+9+S+rcrRY4kTJGF?JAEJh~%QZ!A@z`!zhs z%BP$IpJXNl3_Ye|aUoe`HIq+5@$ZPwkIJ&=peq`FeI7S@-CXZ$kWooE4r%9f{-OWT zZn9dHo!!fl>z1r@0+*7}csz#@k-zC=4g9?vUM8i? z+ZyFCjERMqRD1utYmN6jr}QXCxywHu8iwweXM)C;X6_KJW$d7!oy{p<_D0A&hNPTL>TU2ee z*4HAw)7bcuXA>2}(afM|jT**ldreVY1xjAFxxfSDGI< ztve*$-nRLUD}_<)#!q(MXZcHn`d!@YU3&Pr7N_f|G>m6h!v}h8+lGw{rKp< z4U7zCv1^YU8`)&&Q%ffh15=s4Ul$&Nl=_PBPiYQQy@2(_TRbZ19W{6*)-w)ztNHM_ z@ku**2~Ep)v~k@Fr!Mm*KaNIO2J>B5`i4kjTwkH5UN`7K99zAVycsE^jc>HZ>}q7X z7w9r`OD`MJyJo4N8B1Q72N`_n#U~4M^d%c_YI+FOm7?_MwH2mF5^+9M`aAkkP`wAl z?mx9?SH<8=^INWr` z?l*pdfBPXe;M(gwdOmFbQ{NO+_TxpuC}cxE>F8_{Zkj?O$p8Kh@`$-5u-?^a+moey z8c54)gf+9;5~iL;`$xkwYE3k9z3M1-B1EW7U}#40kK|PDSgGKq&Jx>5*0snE#u>1r zTJncC1a10J8*Ob@op=3wHPR1;`;)w}*6l`hv3Y?>#AiZ3NgCzjOc*T~Uuh?JfWk)L zluU$<$XRtMrVGt|r{(uX;8xud-3VmT)0BkdWAGrQ^J3{c_{oey zZ7HPTPW<}3ymgn@&;sE zrj!SUX8k%<783W0-)(fh+G4lG`=T5tG)1_m9+)Z@zR{#(n0B&Zjf2E;#41NP^FwX7 z@BF#?efz9ec&*||#{AW(e+(Yk$meR$JzIj$^r>m`d zPnb_69=->~v$B{q%?T+LV=IdxxHQOkZQvF)@_T_aIzy-dJwmSUHS2gX@NmFG)IFcl z*L2hv%2;Nj8g4MiBr)zI3bkRw9@sXzHJ<1@wfJRKr-JXXXgpw;zc;3L54|)^?rhx= zYwX*Zk&t>H^b6T=8#`rp9v;ldSM9=X-&OHEv<)p~BuUdl;y)8HNJ(<%r;Ual*>B(I z0Y|kG>L#e(;>+3Uxp@VsS3V1`Mz{Yfd1E9d82XQB=46lMV%7)NFfC_fTOx^8pLD9| zqDra$Lhv=OXS#J8P`mc;eic^zs4KRFr57IXoa8y7F0=O)@Z<#_RX^-I`k(JXb^Ilh zner^kQiU&9zyq5r;c;csSmMl)m(2t%_?0Q>BV|?6=2GreYr;O46Ao!Q zs`FI)L%mgGr#G27R3lkzk>A46m z>0^UV9HgvBaRCZLC+QL6Se50+mxp|M&tw)j8j34f3`_51eM=V6y$pt@Vw3h#-zL}$ zSlxiirEz%P8zOJtTuJJCn!lXu2ViCkIDz_RV)iqabe7be2@eIg)et@1d}2)m8n#6FwwXNf#cx}r0|-$yf)(1z45m^}wR z5^)*U;U)zm?Ij=A!=U*3hA!qTMw09%uTL1FZ`+(Nqty}BxlE^VGa{qP>@m zR8+O`;MM=Zp?JwoY)ew-!JCN87thx#mLIj9_ALl^Ef8(k{dD);hvCF2BTaf&ihd$< z2?oepp(`6Q-y)6>cxO*;ajSVPOISKWE!igfh4A3xL{0*6eqzWreBuu0Ru;VUl>q7%&e~UQJHm}lCGbr*#9;iY7njNn2y$3t}fj? zGRF~JD!RpuNJtbc4jD-CyZbfxQC?SZ6%_oaOD{vTJ)%IueU4NtWMOigx5Dc8VA!d}|x2r1$D~av-6xJ6D`dQ&Y33xp_wA5(!BrxS1V0 zgm6Pt49y-nQM)+_Vs%fzyicSR+|Gf*mH=0*?KlNzdSQ&3q%NoL;)CNaEUM!3SJDOx zqTV+6^qmvivWF=ztm{?s6PIpK%lnMGaxG(_)1H_xMgHCF;jsFgi|@ae7x>BkYfFE* zRkDj;{JITXQ((KH|Jm^3^SSNLKirEQL8T7QDrv#M4*!Y**~OZPtGYKmqZ$9UeXjO% zBn9X-35mls#KnjI1n^qF_~T<3@bCcJ7v7ir7oYz?|GNgPo*-IHwc$nMdVEH0<_-u} zs*YRdBqXB75nK5~3$>#g(0hzFg)Fyi-S(ta^aRYBkL*8#{5%nQm|V*fZ)#*Bs&@M& z<{&j`!A{ncCAbo8ptE0c{Ud>wD9(D4Zldq}F{4o~-KVEY}4w}(O9Li=AHyv1drleBRoTJaixp+V>I!DEdDz(;! zS%H=EmxIcRV#ih)tX01@*2l>H483t& z5d@)=)`?*&d7Jn>f$dFimv;B7G4-R*5{mg`zv$wqr!p6%Aj7r=fSJf4-~OrBvrIEj zJ|4c7ZsAa8fzydG?Di?pjTke1Z)ft;bIe%Gmnx2mk5-nJ#fsZixN%Uoym+Tbt=RA5 zXW5SjUQ?O-VRR%UbBC{1$s&JwRe&dbVC!H*)XJ0NPJ-b$I@DHsImvTMD-h+|)mJfc z+s|%o4(ND5N)u$*sN|?B`K%Y&RaN5?q4i46Fr@OMHFu*Fo2JjhS9zL>`pI#^=mu%Y z0rKB3%zbsjw60>@W6A`)FpdQZP;~L}+6y<3kY7RyHrHhdIbo>oQM-`~Ulz3v&|lW9 z4MKUw4bw&3O&R@TB{tJ$DqPiH5ubl}a;t3G6TJ&HY4p8%vdA9lbKdPT{Ow7!Pq?dE z{{)H*{Q+Hxi=G;=YRs*LK)!cIDmOm9IgvJ<`HRHw?NQ<9k>f}>4vKk?OE^{zPwl!w(z+80tl6w* zp&3Ocs3b1gbLX|(5fQj&09(0!xjAL|n03nS4bBz`kl%UP5&X{pvL^>OEJ*)P$T7c& zk?rhg7pF`vZq_ZL-+Mz>8eyHG?{AvtqWzxX>luVAgHBUL#R|Lp=I)wy{x<-mzE1YE zkyUCy^PZjC%GVsnU)J==w@W%*P?}8r$+shireC;}H17YsaFbj1;lL&4Yy|ZF;)3EI`kic%#4h znIdzBd8F(kEK=Nj`k=wse8@o!uvSE2rqG>pN%NvG9_m2o@-3Aek^_;!h zRTAWatxD~U6|K)IY4cVjuHF%VpPYa^lxv>_@x%s5cE4!(w!TShqnlVg3e}P!W-<_C zt8A6L5U3A`$N3;1@;U_wUrTB3Gxs%4TMgd&E#1Yj$k8=pb4?5(L{k=vgu2E3z5+hf3$JhZ6>0k>jY-H@lEu*jsq^Dn5T*Khu10*DfTd- zm))Q>-UPa$pQ^fi9vOMFM4zpCTTLzckiB608r-T`FS+05`nh2;%)ZdJlE*8Kn?U5&R@X?AO7 z^Ia_0cny1gUU%-#(*BgbXxz1r{FV03-h{xzGK@h*2>f%;{YxAT4MK#yDTf95uv^Y` z5R7@dTLYyR^nQwZ9^(|qD)kY4z4DE38fQ~(q%;$XAJyl1QFsww|5{D#FAc^@gSZ;U zG-{p6#s~TgCL$Bm(c6ZlKXyctSv|faQa4fORNIdjs=wj;bZOEnF_99PPi?Et-!z;N zM%`o@o4Ov^s}+Eu^J+8e9e-+5iDji;I}j@WGDDkgi5bk*h?`*vY`xnMCDAjZbraMA z!ZVThFI)xYY4z=YN@7%^&ta*9OGKzg7q6lzFR!6^Pq+RIeJ}r}h}6ARlpQKKUWfUK7(iDH7ht?t1vU)g zn}$AP0V4TIzX|T8>M?Nzc(MkrAzE)T9e3DJA0t2dEaa!`4>k+Al&9F=ujXTxkS`GR z8Q_un!G9vo+|+7;i>lKUwHH{kdl}iIvrJlMJ7GJW`D%X#L@#N!ywsE-7PWiFMRD|y zFyeXgRCIO5HX-SG?So+z@%qpaqhdw+Z!r`Ef6j^&7w492+SKCsK)#Oj-=t;AB&s|V z*xCwBbtF6o7)M|UxCj3Q$UB&L*XTNQ>mCsRB4fxIP6;jS#7AYHnqECZ}af&aN zhFzB;oYM|M!WFG`x}o<3;nZFR2lxFE{GywZ2CZ@#O;Bn!Gjr~_>qbT?%Jqu&xxIVe zpXMV2%ZD$qI1uNgoac{e#_KeXS3OL~y}~)RXGI^aVf3+~UNven(lbeb8?*8b2}xIm zj9mzen$vdcRR~pAO_{#o(Dy9HhNAS2bok5~IHcWG+*^m;_b^NBu3&pW&{gNd!F$w9 zR+q00#wokQ?SR=T^a);%R@lEOmg?}6LNZH@J;w1Q@%$v{_3CRwz~;NB{{-|tpRqyq7I6LK zIzkNLVx%OJbMSTfMg~$6l6^X$&GV~)MvSir#v~+zCpSF*ntoNU|7Z5&&HpbNRE-p< zvG2`_66gW5^7-_wy|j$MutaMo*^AEHW#6?VdCBi7jk`4bsefg=;uG4|^GiVGc=E8jScdwqs6KVQ=$$zuC`Fu9~73lXZB?fbrQF&p* z-eqjUoz0;9^iO*t2g7u>gUY3mL9I&L7e@0R-eZg`L9Xl?Vl{1=2seb0J3&qeICu;K z*X0V{)LSC8EZRL3mmztkck@jd>U%m zAj_7%2^^T@V+Uo^!A3J7Zk8REBg%3(FE)lr8Vob+0F~}s;jD2hFG$;5mgP(}KEole z0PSxG&A9pOrOo;h)CMjC?K`SSvKSGmynDympEiNjfy53{*C&wCQ{rE`biEme#+`|h zUh!yEYChBXqTz4&sNTlZ4=!=$hpd%7Tv(3sKO${iqXrKBE1Fo2^I3^9Bay1lyZAbR zwa;(ZwDSLY<8q4o(6Y;HMxfgw*(LY0?$B(g;fO=}G{8arkx@NbEO7qwl{0bvfo}&Y zcqS8O$wiX#=_UW}T6dP1=Q?z95bVna-J7yqm0k=sWbsEl-}GgZ*}Q5>A3#No6YUY|k3r)~uF?!(R6)T8q z5h-n*v!e76pl6GhD=69z{4AzVyUPCpdq$t~Jisg||rq z2m8c-J4G|dg{Xa17FfjWt`}vY(xGi%ZM%X-#F=2{LJthhQ6Wb5>D^6d-h1aVMR+3k zWwWu=#o;2;t=`nlPPT8`_|aAXLi4ipu2^ptS44qW$|s!Pfn}wy+4M=deF5^#xc$** zLmg?vF!;5aiPV-#O4~;3rpnbZ(0Rcfp&(+AvE|gcmk{+i?N#8g{-$l`hLE7r^Ra0k zOPJFpPmE_!hU>45-?nmPESHBqg$;%^dFrp${hR}zD)h490Eae-|KXvZ;=s1A1-T*c zb@qOUmnZfut8_&Br@fkv&oh@udrz$|x{R19PeXFmWub!6R==sMUpO1C4{1H;Urg(} z!&%2l2>Bg@zG(Ijwkrlxf}!V|-bRjnAn&*COI59%c(n(+1M(%(+v zsufbozd@Cj2OEgi9)GycHdY|cPLj84HJx>8x_SHZSfwe!R(}FH%-WKLcaysS33X`bBLzU zdP(SbT25_ahe0hdOBLqrTM22g_^j#*zST+oL#ayLgQF+0pBIN<~nGg@400RDZIo^O7Kz1pDWO2b;(fK|iMRk%%N3g2jc-4_3#2RyS( zMZ0l6(5op4v(+?tb^`K6-hrsnSb|D=5k8IjZTHw&Ev+V^0$n|HAI&szJ0G-M-HYrz zvmHhAZO7YE&7i1QR*r<;rNVxA&PIfMd)6|Q2Ac#rpXlMYB8oT|1|UW&hFG_~NF5;J zGp$$f)g|hn_1jvNgU$)TCo=+hQuk@#1@?Rp$u~v*sIx!X#>NWOBwzTl&XWgx!*1AA zgk{=Y`!TQzfvp|1LFhmsz_O}C)1#zoEd~PL`C7*ea*h+TiT7n$EB2TH+=hN52t%=c zO>OD&x!G)2kW`RMU|SgrmYgLr<=)gIVX)XxA9fN_tJ|0X#l^E?x6r=mB#bTE4YXC+ z=pdyFmsObJs+(>5j-X@O1S^32^;Z<2(wmToJIkGAw%FSYn1pcip@A+MYwQi5Gzn;5 zNgpfBNi+!?Z<8?Uu~)Cpsh{F9xTR%*MlV4l&Nd|pkKE%8h4v6cRjHQuE1Jcu!z+2L zPUCiG!o8yJPYg~y$TM%?&W}Gy%fd5!lbNzn3feZ{KP_vMl=($FC=i2Bucj{I1z4=$ zjANhM_64Jr_LIG0i!nWu%b4j;YYgzxjjMui&DjHkl8bO>uWe>g$-#17vAwSd9~`1M zXeX{SzPaoc?Q?=}Jtp9*v}smdyd+IWt(;@ z?BH51Yc!AE9h`06DeE4=r8#TR#dj}dc9HeEsT}rNnGWhqTra~*gS(j1Iy*&v0I&hR z4QXl`f+sZ6eDY-B=Tp8#{JX)`CMJhGV$tm|zM+8%pDC3?T+D`23!}T_RQghI>;a}) zKa`Q}v0(;U&0c1WLz1^h)*Q0Xy|M4auaTU2DD43YW6Yl+t7#r{h$l5d}^Ru=U3f;aZN z5(LkvPf(9MH>QVCB**Eu*DgNpHmBjsIn4h-+jo8)GD)aa(3#+xISW*5M?G$ z8CAFR9WA5af4r#*8T|Eb2~tc@R7N~iQVY^5GvY<23v{X!n6IJ<$yHlOIL8Sdk=wF;aePE@)?Q{`k@;}^T(SaC*ku^Vl}T5Fci)c%NN z-5MS>K%UjJ{nOrp@Gc|1htym}!L|B> zk51CI?{}TNJ?Riwl}uZ&#=;gx@*@alb}J9Ij@g`xXn`4Ht-ByrxrFK}XsgCWq93*8 z^;2|An!jMYYGtXi@d0+#UREDus@r78<6yNl+rVIheeG_*sk zNMZ*(kghp;Y~Fh3Yx(dHY8DP<6+CH~rr=D-4~+@M1V3VaT%94~Z1Fb#7e~zq+VQ?h zz|E!6H-tAKj5vaf9<*G>R2za>IIZ;->z0IUNpROg>#z|)$#Hj>@3YPLJV(BDNQadiao(o9;P=QO}M{rK`=-W?X9El)%bX!y-Z>BPB3<-{2II9P@!G}Z;H9SUvx#qp_ZUWM%Ev5&{*ju-!6(c0v1DJj zm3+H1HR>UpP5h4OGUztx<}xXR-(gq24F9?zrj@wI(U?i6p(cfQp4WhB+rKG+=5vL- zU_f9xK3677s9Cz+s&7A04e|=h7*FX{)@K}r$n8JjSI@{&1I;0~gDXVP$3o{!*_yMq z*i?cL&vPZm5?MN^SLC-7>72c3qm&9v5LYF|ZVcK;;K^^@Wp_jvsXo37cJTNp+%A+` z`8#%QX0LF2ppyrIC;|)|^+W`JiFp#sfcfNysdujw@(paqD(?@?Mn18A|MU8Z1GhGk zdELdD=BHM^_Xe!kBQ%!j`-4RbD@9D`FY6_@ zhvI9p&v{)GON5c+`2wkAl2#i)pr4tgb|xGKfvA7fh?9?WVZ5|S7P$VDgO4pqlpv(O z>8!nT+1K49PZO^cUjU-oc5!%-k9kdh9w--_vL3q*-)5WJeHYW`_khumJZk7ysvjSG z0toi@vKoys;tGe=#kd9bakx>&ilz_R85b53ao2hG);C)JsJ zp=#F%AxiZnkaBxlCD4cb&OEjbobCHl{EJs@8fPa|=%~QGtmXdnUg4GGOxTmD8A8)0 zS3%9b-f~CacM5lF6Oa1-a4r2XE7){4?aFSb6`Al@f6;)zhkn=oNAIN%LZ{=ll#kHT zSs$iXtV_lMP#KSxYoz7A@}uph>`L)+`*B9^vRjFiR~WVQR%ZXW*)^~92S(j|e)FtW z+v8hQzc1_hetUc>;1MaOZ0;jyXa96Davc-))45eNF2AJT0%QZ^E|v$L9cXlu?AaG? zY^93!2@I73@p|SI73J{CF*Pwyv#Hva?_7`qE`&@47f3s82m{T5(rnd11WowoHC^n) zN7wN-Q*q9WPa?zp+#rfoBcM(Y({{Qmw)hxZGI7LD=gz1?9%p{ujAGc7n6P6slyvnx zT7tt*HN+Tp)&|zr`F&IiGFJ0RIn#?xjNk_CGT8jao4_ObYQt0dTxl&~wh_3%M^Ye3 zAhQB>5(NIaO@NGE#$+jcqi9mq3EmHxlhM`o5Dw_ULDyt6Ej2Sv@XZ@+8((F39+yHv zSs${EHqn~E#F>dVB7%;7Yn*gzU2IyZLj1R1y^b8AX{+Gpx&!7;3Wn)RnTQB#uHnfU zs|Q$8iceRHdt68RlN2i&M$SV;7ZSh06Q;Xowq6*k$ij@gI#U>KK6B^c6%o*)Svq9TI2Qzviu~Ve#6s^O8Vd*Z#%)Sahd!%vpr zK5Gxl3cqeSb=hI-X4e(!T)&sB$48D@iCFE}SnqdWZsQ`q?ov24JvYL+e68qz-_h?E z-P&kH=X{lRg6%To7Ush1pPl>ue37U+!zsL?M06QL8j1RqvFgsL1W!HoGRkg@8vdMZ z63wMI+r>U^nS(K{v2wGw(LwGnHM)&yMF^GTO_uzGDzZ55Q6G-=%r#FBgV|_sM)-JS z%ZTPHr^>i49s=zOJ-K*qb90c<12bHMo!hKKZiL+zFuQk9kGZ7&5*1X_q0!vLC}mFu zW8zj|kMfSkmQ22e*0{++mMyhYBd0JWm6pD@+sGmWR^9&D{A24fNPM;;Ixtw71d;9Y z-6i49Y@|X>o+qB;aP+vNZ~fhFugh7_n}1clhvxP*$_gHX4K6%})i2gC;UCl}TnR?< z=`*Qr#5SQibL*c*v-(i zMzphL-xC8uZW)Cw8+~I7k4J9z7GvsTTFR)s?qz-oqMIizvBi4_Q8;38Zdg1p?j;Q- z6+z0Z1`oGANniO9qi0nl8FBM=9A;P1HhNYiovY#hv0rUwB@N~VZfzA58zVaqUET6K zMx3=MG?$J)plHJM$-J8=X`KwEV7S8(;9l91|GOd*P07Z3CSyaA29qu7tN>-h;w{$@ zJHa0CxrRoUnI{ltg}Kb}GaRwldq71Vzm`+bBU{cbLm%a-wap#M!=jN5ipTCJaWr4q zFw=(=oFutO9@o9{+hO#Z?{wVB_??!@+_3u5i>;Jp!Ofa55&A(IaI_a~;Sa2PVz4o# zq);XA%4S0Cc4o57%bEl&8*HqF3fjg?(5yK_RvHx-$jK+dlJ>)sAD5-u%`yU$R!d$; z*GspX{qqskZ-JMp*^Zq4Y`FM(RfS-$RPm1JL2Eq?O_CPf*86ODx8=PFig8W)QYH&_ ztc5qFzzBJsMRQg{(Xw)0CWEh&5?)*$;v#<0Cj-sNJ@PvV*aB3Bl{S&192gbisDg8s z1p8P+!C(M=SJX#2em_b7msq<&(-iKw)%gI%=l-pfcclx~_&H}QxDB0Jnz41~Mhp4$ z?u|1Fv4@+SwTHuM#bv`(IkH6^j6UJ5l+ONtW78?SKtBhmxz7rn%2UApJ%N#%|rRAR{~bxV=6 z5gHwxw<%^A7DA=ygcv4_%wcjEHYO>`F^0u#PBF|(4jY@z@6!GGe81n{_w)HYzQ6DH z_xSzs`*W9hUvJm@y5868d3u@dBHciP7;Nk&0ATM06)F=t4a)*l47d{jaYE{RKC50f z`B87vVlXdz{+X1{>04Jz85&$fTE+FxfxY}{**mYT5rK*-IooN;4ZGN?a~Zse5!eM3aBWoBwSl!Z z7s~tWxL-er0D`C8M0V>hY}@ML4U0xEEBx5H(5AC|DC$`s;szTF^rt%c9 zR|~t$Y{q-@j)X2;URcNsQF}+VHp1N|ybU_cW13HggC3Xkz8IWtx*z;MW<5f$ktqPV z&HP8GJ!-}dNc1sX`ol7iI=Rm1oFvt@sMk?KllkS`tb(%(2lROrE`4UC`xJoI(m{uy zdWrr9=#(Zeq&NCuV55dVibMPjl6gxZg4UY__^*Y8OJL&R#xzTqvm>fv3ct8SB{g|W z4W#zR=)Ud{2p-n5@5~~}E!VyWYa73OLd&a1Cj@QV?H|UuLv(Hm(l+AO(s&%xFYz80naUQ>FC#Xg2Q_4P z%GM}PVzgWozp|OX;0xgv)L=ul{QAdaXa#$?uA zPm@P8z+F|>0C#FdP{1@?v)8xk7Xpuct3KG8KYM1< z@o4vbwf2JN6CJILa9Rs9Nc`?1d2~QG-mz)S?wB=zvs+D5{vBrnIg3*rSP2Zn&pH${ zz`J5x-;FxCnZvF`eXq;rV#R{lB^b5brMIHf(sXqMTr8L>4COz=?ASk$Z)qIvh!GF} zRmEK;s&T{W1o3f*3v=fRAN302RMF7n-99-?ak3~R#@sCP%|cVh!h{ER)Gx|x-}xu1 z1gftdrM7DJ5+a3XSPWV_zF={0mV*mFCi8mS7%qFgyXxKAfa~H6IOR|ANIGtaq{Zo1 zb1iNRVC?d(ALK8n5C0}4a8gv~aOEcBIt1uKYgMLfP^?h)NLe{YUeAqs5fe4mKJP+a ziI#!=ZJuepcMq&6h-}py|&$wh(f8wwVAYX&3 zqI@q!zA$kLHs*6Lg&IdoUFdccb!BQb7!7Ip{*_y4F%kaY;{niPU1e z&SgvDh}zq2z7IT%;mI2K`B2;OYeQv`$ZOFT=}UFv2zjVSN@pqi=`%dLb|oUkUg0eM z?=*~L^1q^C>Tg%1*8j#FB)FofHN&o_C>P7Yg#-IXjw0zvUf;iYNmN{xMogG7gvvvo;q{t7GPt?+bLTxDqixh`69*t1v2-Y{?M7@%5lw)Q(AuK z7M$hgI#~2R89PXj&8&4VWcq9W0`FlzS49_@B^Oc2Fh}H}#b07tisq+pi+bCA7e{vu z(UfHv1aDTYDtPb>ieQjGSJHv$6S&_btUmtTGZou-ku^0M7Skc->p~d3gbqqKb|K;v zYJ&ls2+`W-#;cOs9BWg;kuVut4IrMprND^_Dt$U^cx8EcUZ3f!Ifw5n7`6*-w}-iQ z@xxruEqi~73i@&WIja34(qwqxh^b?>9ld%rO?$A`?-Y%`FZKf^QP})ldY$t5#Y6$8 z1fMqIlu9$iRVB>VOUs(!gEFBRdowMJdvHu$hyppF;Eu>XVpuvQpQl%N1IeC7ue}k3 z?h;3Ya_;q2k_PLHNJ9;*{l6v(&1h;O;d>Wa32)F_DY$r@y&2+H=5Bq4T5P7ZdHUnR zmDa+xCg5%ttvT-wq?je3+D?G9vd13@>DU0MwfAdLfZVp^RMBi!-9iR82;JBz%uH#& zCp2mvPTxrS_&3G}=wAKKRzt?9crDN#(&+f@%Imc0EiQ$(Yl}bPJ~)zA*`VU0CDO8E z4B9!V&?l_aBbMV^v7Tj+;nplRK68qMITI?MzC5ilKQJ$+dmkCoIKXQ%X>TcdWol3> zyiZgN+GTpow)Z%_UC;GQ%TUk}SttBWv+^~*y+!$p-hk8O!v!AP!}p~dUOI$4;OD1Z z!RCFNDj8Mu4Nj=UM|_#D2>OBWhY|JBt3-moeTE%GmbvMgk@uDbY?c&Da*lk1M(0z4$1_NRYanHRSQ3mhUr6$vKAJJ>fsh4kaXVedA-Ipr z^}1`6`h0$y|NGU(fO&6hkE*rs?F;MG^5m2-SL5oM+P5fF`=(wXmhKJvYwqg z!&`*EM8p~)B0)KjufOIZX-^&FvhVq66@71~rrtPnX>zyh6RHILlE&JfA7qkEDm90} z?>+#1?QNwBZ8X$Wa`nbK7!*Zox3bfGhd{1Xed%n|fst~(#`!&GKgDD(j#*Ay z&n~;fk#8k9jF&08d*6Jhz)ttajMThhHks&Da8u0U4xL`mR=ZRYUm@2Wy7~3FRcG1U z#<7mc9h9{J_UgjP>aQ=`ojsK5Hl#YRU446RCXDTJ=S7!F-xt5j?dS|+2}52&{AK7z zP?b7<*yel>>Cw#3tX^A`Yyd@=AlBOy_~<`yM9;N%%XTWLoc4TNQE~gqzjpF{P6>F?U0B zymbgJajdxewCj=W>MtU943H|WJZh3G28|VC6khEEXa&J z>iwg9pKmFev{GyG6b!KQZR;Yrb*|Y7#`&;bOM9_ZO2=|4b4fg$c4DsE01ao9u0$I8tq z(;qO0SU<*h7I+CRgjSwHxZ#X-YHbKw<&fOyZD^s--Kz)$*qpwk7y9lEcT9`?*bA>7 zjB1E^?JVG2aqZRF$d{LW;O<%o)Uw8eE6Xe!GZyM@-*(+7#KIOoS9qfjfd{R?q2X>|Qpwq| z1Js0pv(+@xWww)Q?M^TCY?nGWOO@dj*<+(QKoE%gZMu%RvDf*Ra4~Pb1Dkc~K&h<7 z;8BvyI>V zXww>7pJg|W_nfd;m2f7-?k$3t>c?eakhubRhq@2u*RHNe_tm&_$v)+KiYsFHGm<99 z4)a6%2i{^gKbFG!{*g+o*ZaE zj?VI(tadq)+!1)Fk!dji*v0MU32^cQ-8{pF>dQ+t2gJ9?@dMXibByk|E;$GY8_FR0 zWRFxrMjp!B%k zd~`sy8(tPf^X4_5{2Q-e6tt@>8mgmF0lpO|2`oqxQ__%FW4_CBPCxs-uR72d{OH4= zk;p|92ocB_0o9kZ`-a0 zyO-#7+;|S6f}J5ZX?rIT+TxDXHT%OE~B zGNOBg7_k99hnu)!pkJ$cnsaSFh7nWz3(>ahxQ$b7RH_DWw8knP{>e zffGGs@F|l^EY_ZF<$deSg$N}W{PHg}rXrSG09!h?e)l(j^v@6_I*YHErU!RA1zIi3 znjKn=`|*HrA>~zwjKpK{Z1;;F@fChHp`fuI`zXeRxWm@)4zhSSb)f9@2!X3n=-7=w z^0>`U{sY;Qndggc#{UD^GhRpWpMNAEcZifTZVudZu2ewIS5@B7+I$*jb2#jJQgJ5y zL_>|}Lgv|={6Q*P-L|*qvRx*O9zt(5^3vd}o>ZOg8RRcY%E(C(dl4+^k9=#)NE3Cx z!Ca(5;}1V}veW6?lcs08>~hIfBJ5`*9`O9_*XUn6XB{A2E&e7-6th zUT)moQaJCZW&+R=2XXN8dlKv3G+1!IUS^S9zOSGQtqs3rS-Af(7nA{HJqX5m6B|{% zeCEz&8FlyA8)wtj(%wsbzkrhsv7NG9slqu;#_mD)=s9($&i(X4{F>yJg;^bcm0x+6 zBd?+S^I#ot>#YO)e`Ff|=jN*=Z|%Y0wCF8H{tqCIQb9Oe^_fVl@Wsb8q;+Zh3GI@t}l z;AMR#pGj4|r@!k7^vNs_k2r&#TnsJuFsFXlPw+0FK~o7^S(Z-W@l}red%|#fK$qcc zaW>Za5GUowN-Wga-7@IzTq>zkWqH4dc=iQtf(C>m)+!rHztV43y%Qz}xrNUBz*W7e za+hQ20!)=PKzGT!vu`a)d-HUYD!V}rb$abNXF&WJS?Sq?)Cn2B$O!6{X_Ig6{Yi!upuIP}j0k~FL7Xn_TkN%P%ZD9X`85-1IW>Sfl{_u3G@k?Y|S9~hr-J6?k z#lKrW6N;q%R+7w~r+g$R)7>nE5oP8{(fI68{4sj#vR%%jKNu3pbT~_YF(~%>GLgC(<$po z5JpmTQ*8)_8XGsfw?$lMEeLFH{g%=q1IVIZSV;x|0RQ!ktl`IVkTavFk4Pp@SJ)2q zwAn|Lq*$%Q&dMXwI`*BhS%ZGOUVhQ~D}F*zWrMZ<#*YuE-o358*VS)xPZz!uTm<*u zzy8YlwQ{i=SE6J+hWbSDnAY^Ggr3RAxoLIN{jehnss-JfRazwz0UH528$_pER3Dt| z>dlQMT~6EkprxTVtyr?ySiX0j37gxu9*fg#T6O_}E{%lvYJGhD-snx6D-d7_%|~J~ zd+~YUFtt$`f={otdoMX|FmU**5mYc$KCrk21bOgst>~JnaY&&Ub*O+aK!yl7BwfJ1s#ElE<{G=f2puRfn`8-OQA-mDTaT3VMMVrvgIE72Bb1IWgzZt zg$T*M9keE$7Y(cGcYB$KbN=%96cr!&w;+qyw{dI zE)q1o^!cT6pRz^Y6a-XwU6tq5yNS=%(%(ig8CDFeKTvyk$+D!iV%&c?TC{yT6ywHx zhKO*IUi*&=*sx`BwCZ@B0Q_N+ASpYoTSq{D+(F3 z&p~!I6xD^4#Fce4Tok6>s0M+@Y6xK^DRDvYFk4;&V~jjPAUaL+Pq zMi79f`701(+-EUTs`a(MfqFFBVMh3Pe zNIWMQ4qcE1R|Q6O%uVc9S23tLSazrIa#G=VRIbCR2wSz>?OuJ4P41|iz8#ym?u#jA z%xp35bs#_UaYx@G3)N5+6UJS*H$$)3)5!MlH4|AEYxZKN~wlJ-YIk$^grMLpbrY|t9g zj^rDP=HJZ9)B-U_Mfp>U+1YVprtAQnH2tGXbNE*(8l~3vcn5;VhpNbDiiZ2oy=y4k zf#M7LdT{4U!Z$c1WW5;0S3CtgiSj4vw%ks|-tgL?_Mt)4m|+h@_GEWAstQSQ4lyzl zr`C#HDlE17p3LR>A*#cxx6kSjdxwt;hwKQU@IiDM0*D3ncVG4x*z8T1&*19VMtDil z2aF(kwdjGF#%d2s?L*;<(`h*ig;}I@?=7a8+hE^RFM1Y#9#}YZ3sT6?OKCtoUU(s2 zthjq|-P=BSSaVq=Vp%6VTtKTZ=n_TJ4lj=G^XY0~!@n-buEl3&geHJkPi)`smtKgnV45BI0u`J$i*YQK$|(9h|o{zCg3B zYoa2Iu!)%FyUFY8kv^l^0#XOz(!~Q0Z$iT>5Vj3vD{MMqj-Og%!o_O%KBQ z#LZGW_|{8YHiK-hB_hZ!`ex+ZMF$i}W~y-D{RMT{eQ&A6o=Ge(;)0YGNLy;IgHG1D zKKxw#c#pzspIm2?hlVZ*y~6dX-H`S-co3Otu9Z+g73Z0!L2#Ja@bg1tk)(z&BSX)| zy;{H~t@s$vO(TuJE>!_bQ_W|S!iWw_pcn~e$@toIY82PW(2lvOWEKC@yWNq~9bZc# zcPmti&|wh$!ZlMcPFN|5Tgy%fEPxT~3u&9*W2PmipQE1`;j2$T?5Ea6)35e6Q>I## z_H^AD@IB9XUJ2QHVJ)zLGMCSt)@Sp4Iy*81oznDndEmPnZ1w|jiHDJCt2r_9lz>#2 zYjCUw^YqndxFELU>aw&3UGJKVcv7+)C_6T6*c~_9{+aC+1fSgz2wy)k8uOQix#7&; zGsAyZK>q=k7}Uvyd>WbhDS3|KUgv{$g+6zJ%lwQDC&2$2?w@3k|K)i9_%>v!4Wz6WlBg#vb`75IWwwN{Y*g{Sxf zn4%jn7g_7RTXQx+HPb<*TYT=84A zeNN{$90Biw)d`;(%Ce;ba-sUJgMqOL#P!D{tNGw!wkyu~^E9U51O^-*B=+^NF><9D zg9+bVVMz}S^{Xscs&X8_rc1Zx=F>UTWJdpief}X<};W>)XcH zmpenda<&&1b)|R8F0&&w#ZgEu2U=*ycm^tNxw{5m)0*6dBVfwxzvSazooTi7DR*me znrbI&te@F%D*#zqKMnPiG!yfYiaRoM2RlBI*wF~miEc%~LVas5qsC#^0c&^K4sm0? zX5aVbTy|^Jiq_>WbNJfUG(Ai;72u|EDezyG{JIR5iK44`jy zc23gu*1`_s#`cHH{)x>>XHLHVIM}Ub=+!v& zT%yRgKW^yqsNOTk9rk%qdxDF%~r0 z{U&hQ@lFZ8Sz@0Z!xTaeN5(p!_>! zsrA=UUz5&U9Rhnosz&_%o3HJYEwXe?SX84Gz{bSS+%{UVX;BSh98Wyf-0P^B& zCQzp80}byaFWfecf^}0Fs5=MXxfoJaCbZK(6P4ID%awx$A17lsZMgrMUS%a?Ja?;Z z?pz(Q+Bs6gxW-+}Af(>0Zp33V^DRx;T6{I}xN|;|QPlBJk~yC!T(CM278s=k><>;u zcG3qB1(e}fsm^-~i6pW4w{1nT{tz1lhrH)o6>MJmz`Vf=JG5PFJ^I@2ME`CNO<|tZ zItS|Oi8-YHc7GzJ`cFWZ427gdYj!BovueituF3;Qn@IPsU4gx~N2(>cQ;3YzIMXYyf@pR48gU>crn;yypl9pg_#68`|eO1#gx7 z_9c&@s)=Zol_1=`@~o)%oviZ2q$#;=^JQ{`X}dgJbf*_)m?&Mzs}tQ?NMyvKj9=+$ zY#->>EQgeG#CcohE`kM+_MF}@1&`)l^XGiOqJopf4!A8)`fL7Gzw`do7MF$41t!cG zdXS%}J~_)!gtPz;*AsiQsbqZ$UW;jqdjmlH$)TYFEw_;T5+hpsuj#Hh3{Zo?($1Ra zlbt`c>DEoU$Wmw^3Eup5y<{tG;gaLc($ah1aOIaxQ^o& z&%ZO|wM_@`U}OD8>?}ih-=^SZzYEA^QiC?+*8^i8gjcwAB2k42jrdZU9)!>71a{1< z1uL!kYfdTH>Ab^6B0Y!**EzM=rmBVw#>a+F-IEqpU^MM0?-eFzhb;hIaOWV6oZTej zjQ`9AIv!L=Uohwm(HI%Pu;t6NN-YpaEKiWE1Zj{-p*{cKWmr6;eGH4tsp6c z9UobPt8=1+51~i&YfqH@0d|ImY9fY8h8Uy{_J>a{!_8lbz{n)m)4(5FJvZ}z4BTlD)kPq` z*ZLtCv(Z~wDIs*7=Bj}9cEF*7Zq@leOOFkJsT%nFe [!NOTE] > The attack story section may contain more than one alert, with additional alerts related to the same execution tree appearing before or after the alert you've selected. -### Details +![An example of an alert story with an alert in focus and some expanded cards](images/alert-story-tree.png) -The details section adjusts dynamically to the selected entity type. +## Take action from the details pane -By default, the details section will display details for the selected alert. As you work through the attack story, selecting different types of entities, the details section will change to display information relevant to the selected entity type. Selecting involved assets will have the details section display information on the selected user or device. +Once you've selected an entity of interest, the details pane will change to display information about the selected entity type, historic information when its available, and offer controls to **take action** on this entity directly from the alert page. -Aside for basic details about each entity, the details section displays historic information, when available, and offers controls to *take action* on this entity directly from the alert page. +Aside for device and user, detailed in the [affected assets part](#review-affected-assets), the following entity types are available: + +- Alert +- Command +- File +- Network connection +- Process +- Registry +- Script +- URL + +Once you're done investigating, go back to the alert you started with, mark the alert's status as **Resolved** and classify it as either **False alert** or **True alert**. If you classify it as a true alert, you can also select a determination. + +![A snippet of the details pane with a resolved alert and the determination drop-down expanded](images/alert-details-resolved.png) ## Related topics From 877ea90171cd719b5b0ba220757c7093070f3bee Mon Sep 17 00:00:00 2001 From: Dani Halfin Date: Fri, 1 May 2020 01:00:45 -0700 Subject: [PATCH 04/73] updating date --- .../threat-protection/microsoft-defender-atp/review-alerts.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md index 563cd4b1ad..6c83a8f5d9 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md @@ -13,7 +13,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.date: 4/24/2020 +ms.date: 5/1/2020 --- # Review alerts in Microsoft Defender Advanced Threat Protection From 85379dec726123c403dbffaba0a96e2c3513261a Mon Sep 17 00:00:00 2001 From: Dani Halfin Date: Fri, 1 May 2020 01:23:42 -0700 Subject: [PATCH 05/73] a few minor phrasing changes --- .../microsoft-defender-atp/review-alerts.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md index 6c83a8f5d9..caa63bb247 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md @@ -1,6 +1,6 @@ --- title: Review alerts in Microsoft Defender Advanced Threat Protection -description: Review alert information, including a visualized attack story and details for each step of the chain. +description: Review alert information, including a visualized alert story and details for each step of the chain. keywords: incident, incidents, machines, devices, users, alerts, alert, investigation, graph, evidence ms.prod: microsoft-365-enterprise ms.pagetype: security @@ -26,7 +26,7 @@ ms.date: 5/1/2020 [!include[Prerelease information](../../includes/prerelease.md)] -The new alert details page in Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) provides full context to the alert, by combining attack signals and alerts related to the selected alert, to construct a detailed attack story. +The new alert page in Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) provides full context to the alert, by combining attack signals and alerts related to the selected alert, to construct a detailed alert story. Quickly triage, investigate and take effective action on alerts that affect your organization. Understand why they were triggered, and their impact from one location. @@ -37,7 +37,7 @@ Clicking on an alert's name in Microsoft Defender ATP will land you on its alert 1. **The alert title** shows the alert's name and is there to remind you which alert started your current investigation regardless of what you have selected on the page. 2. **Affected assets** lists cards of devices and users affected by this alert that are clickable for further information and actions. 3. **The alert story** displays all entities related to the alert, interconnected by a tree view in chronological order. The alert in the title will be the one in focus when you first land on your selected alert's page. Entities in the alert story are expandable and clickable, to provide additional information and expedite response by allowing you to take actions right in the context of the alert page. -4. **The details pane** will show the details of the alert in the title at first, with details and actions related to this alert. If you click on any of the affected assets or entities in the alert story, the details pane will change to provide contextual information and actions for the selected object. +4. **The details pane** will show the details of the selected alert at first, with details and actions related to this alert. If you click on any of the affected assets or entities in the alert story, the details pane will change to provide contextual information and actions for the selected object. ![An alert page when you first land on it](images/alert-landing-view.png) @@ -59,7 +59,7 @@ Entities are clickable and every entity that isn't an alert is expandable using Expand entities to view details at-a-glance about them. Clicking on an entity will switch the context of the details pane to this entity, and will allow you to review further information, as well as manage that entity. Clicking on *...* to the right of the entity card will reveal all actions available for that entity. These same actions appear in the details pane when that entity is in focus. > [!NOTE] -> The attack story section may contain more than one alert, with additional alerts related to the same execution tree appearing before or after the alert you've selected. +> The alert story section may contain more than one alert, with additional alerts related to the same execution tree appearing before or after the alert you've selected. ![An example of an alert story with an alert in focus and some expanded cards](images/alert-story-tree.png) @@ -80,7 +80,7 @@ Aside for device and user, detailed in the [affected assets part](#review-affect Once you're done investigating, go back to the alert you started with, mark the alert's status as **Resolved** and classify it as either **False alert** or **True alert**. If you classify it as a true alert, you can also select a determination. -![A snippet of the details pane with a resolved alert and the determination drop-down expanded](images/alert-details-resolved.png) +![A snippet of the details pane with a resolved alert and the determination drop-down expanded](images/alert-details-resolved-true.png) ## Related topics From 06d357d8466d6739e9f453caf2dcbc0b37102133 Mon Sep 17 00:00:00 2001 From: DanPandre <54847950+DanPandre@users.noreply.github.com> Date: Mon, 4 May 2020 23:14:09 -0400 Subject: [PATCH 06/73] Documenting May firmware/driver updates for Hub 2S --- .../surface-hub/surface-hub-update-history.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/devices/surface-hub/surface-hub-update-history.md b/devices/surface-hub/surface-hub-update-history.md index 8e584f17b3..f4616cd18b 100644 --- a/devices/surface-hub/surface-hub-update-history.md +++ b/devices/surface-hub/surface-hub-update-history.md @@ -24,6 +24,23 @@ Please refer to the “[Surface Hub Important Information](https://support.micro ## Windows 10 Team Creators Update 1703 +

+May 4, 2020—update for Surface Hub 2S + +This update is specific to the Surface Hub 2S and provides the driver and firmware updates outlined below: + +* Surface USB audio driver - 15.3.6.0 + * Improves directional audio performance. +* Intel(R) display audio driver - 10.27.0.5 + * Improves screen sharing scenarios. +* Intel(R) graphics driver - 26.20.100.7263 + * Improves system stability. +* Surface System driver - 1.7.139.0 + * Improves system stability. +* Surface SMC Firmware update - 1.173.139.0 + * Improves system stability. +
+
February 28, 2020—update for Surface Hub 2S From 8ec175022ee01b921f515103ae570807c0a3be71 Mon Sep 17 00:00:00 2001 From: Dani Halfin Date: Thu, 7 May 2020 00:02:33 -0700 Subject: [PATCH 07/73] feedback loop 1 --- .../microsoft-defender-atp/review-alerts.md | 42 +++++++++++-------- 1 file changed, 25 insertions(+), 17 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md index caa63bb247..7094a73309 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md @@ -35,12 +35,19 @@ Quickly triage, investigate and take effective action on alerts that affect your Clicking on an alert's name in Microsoft Defender ATP will land you on its alert page. On the alert page, all the information will be shown in context of the selected alert. Each alert page consists of 4 sections: 1. **The alert title** shows the alert's name and is there to remind you which alert started your current investigation regardless of what you have selected on the page. -2. **Affected assets** lists cards of devices and users affected by this alert that are clickable for further information and actions. -3. **The alert story** displays all entities related to the alert, interconnected by a tree view in chronological order. The alert in the title will be the one in focus when you first land on your selected alert's page. Entities in the alert story are expandable and clickable, to provide additional information and expedite response by allowing you to take actions right in the context of the alert page. -4. **The details pane** will show the details of the selected alert at first, with details and actions related to this alert. If you click on any of the affected assets or entities in the alert story, the details pane will change to provide contextual information and actions for the selected object. +2. [**Affected assets**](#review-affected-assets) lists cards of devices and users affected by this alert that are clickable for further information and actions. +3. [**The alert story**](#investigate-using-the-alert-story) displays all entities related to the alert, interconnected by a tree view. The alert in the title will be the one in focus when you first land on your selected alert's page. Entities in the alert story are expandable and clickable, to provide additional information and expedite response by allowing you to take actions right in the context of the alert page. +4. [**The details pane**](#take-action-from-the-details-pane) will show the details of the selected alert at first, with details and actions related to this alert. If you click on any of the affected assets or entities in the alert story, the details pane will change to provide contextual information and actions for the selected object. ![An alert page when you first land on it](images/alert-landing-view.png) +Note the detection status for your alert. Blocked, prevented or remediated would mean actions were already taken by Microsoft Defender ATP. +Start by reviewing the *automated investigation details* in your alert's [details pane](#take-action-from-the-details-pane), to see which actions were already taken, as well as reading the alert's description for recommended actions. + +![A snippet of the details pane with the alert description and automatic investigation sections highlighted](images/alert-air-and-alert-description.png) + +Other information available in the details pane when the alert opens includes MITRE techniques, source, and additional contextual details. + ## Review affected assets Clicking on a device or a user card in the affected assets sections will switch to the details of the device or user in the details pane. @@ -52,7 +59,7 @@ Clicking on a device or a user card in the affected assets sections will switch ## Investigate using the alert story -The alert story details why the alert was triggered, related events that happened before and after in chronological order, as well as other related entities. +The alert story details why the alert was triggered, related events that happened before and after, as well as other related entities. Entities are clickable and every entity that isn't an alert is expandable using the expand icon on the right side of that entity's card. The entity in focus will be indicated by a blue stripe to the left side of that entity's card, with the alert in the title being in focus at first. @@ -65,23 +72,24 @@ Expand entities to view details at-a-glance about them. Clicking on an entity wi ## Take action from the details pane -Once you've selected an entity of interest, the details pane will change to display information about the selected entity type, historic information when its available, and offer controls to **take action** on this entity directly from the alert page. +Once you've selected an entity of interest, the details pane will change to display information about the selected entity type, historic information, when its available, and offer controls to **take action** on this entity directly from the alert page. -Aside for device and user, detailed in the [affected assets part](#review-affected-assets), the following entity types are available: - -- Alert -- Command -- File -- Network connection -- Process -- Registry -- Script -- URL - -Once you're done investigating, go back to the alert you started with, mark the alert's status as **Resolved** and classify it as either **False alert** or **True alert**. If you classify it as a true alert, you can also select a determination. +Once you're done investigating, go back to the alert you started with, mark the alert's status as **Resolved** and classify it as either **False alert** or **True alert**. Classifying alerts helps tune this capability to provide more true alerts and less false alerts. +If you classify it as a true alert, you can also select a determination, as shown in the image below. ![A snippet of the details pane with a resolved alert and the determination drop-down expanded](images/alert-details-resolved-true.png) +If you are experiencing a false alert with a line-of-business application, create a supression rule to avoid this type of alert in the future + +![actions and classification in the details pane with the suppression rule highlighted](images/alert-false-suppression-rule.png) + +>[!TIP] +>If you're experiencing any issues not described above, use the 🙂 button to provide feedback or open a support ticket. + +## Transitioning to the new alert page + +When making the move to the new alert page you will notice that we have centralized information from the alert process tree, the incident graph, and the artifact timeline into the [alert story](#investigate-using-the-alert-story), with some information available through the [affected assets](#review-affected-assets) section. Any additional information has been consolidated into the details pane for the relevant entities. + ## Related topics - [Incidents overview](incidents-overview.md) From 88376e5033b61dea92f99d3873b1f02e6c29380e Mon Sep 17 00:00:00 2001 From: Dani Halfin Date: Thu, 7 May 2020 00:02:41 -0700 Subject: [PATCH 08/73] feedback loop 1 --- .../images/alert-air-and-alert-description.png | Bin 0 -> 48648 bytes .../images/alert-false-suppression-rule.png | Bin 0 -> 10794 bytes 2 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/alert-air-and-alert-description.png create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/alert-false-suppression-rule.png diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/alert-air-and-alert-description.png b/windows/security/threat-protection/microsoft-defender-atp/images/alert-air-and-alert-description.png new file mode 100644 index 0000000000000000000000000000000000000000..f6545e9184fcb25544cce24497e9c10f36923d38 GIT binary patch literal 48648 zcmcG$byS;gw=G(vP^3@_6e)xjXz}7jgA|Huad#;079<6VyL)hVDDI^|A-KB~PjDyL zO@H6s=ZHKkbI6!j{W4xljqV>;$NOTLFs$) z1nu@22J$D}WFMT7FDTAmBtJc=9HH1lUZ7iu%8NdEQWK4HXY>?#jpZPvg}e!`=kFIv zzkRXklPB$&(&D139{T&sSca<8^TH3TV4eC3oR0+}%CP*s#ff)8*H(cd6+ev2D{yb}XMf|{Bd4UL9?AlA<>HYDVCSCL57C3 z)YKeoZ2z0v-x$NLqoGP{mZW`mm4K{0?uFXNK!c4=i4T(Pkf?o5 zuA_UVhiza4zAADpxlJS{ekZSw&)bQTb>H_S^8C?=PBKw5XT7u40;oUAS4{+MciR3e zv+t}bT5#fzv)7AWh8I!axB$aLLjGt+tePZraa%H0ekUR3)(0MOdhiH+4;2IZhpT}7 z-^K$zZ3$1^nI~+W_x>{G?jR>rbKa+6w7+|D(c3u#hqj%|-I+su>*ER@2&P?hi1>T% zvH|ZnCI48cpB*Zmga^AzSt55AYW%pKUe_uOz`8rgri{C^&j@ArtXjLhs_f6=AvQVX zD`;Z!;(NIKj2Z+yCSh)ou5hJ!rS|X?42fgj(4RVLedd1Gp*sUc?UZ?7f;>!%(F+vM zgm0p$3Z;ZT1-BAi*~Zj<91=rVQi(6;%ZiI6g^n=29-gOGz+GO|yX&<>{EUWc(miEQ7+g(OVb%+#BBRboZw-3Huebatb!Rc`M zH2F`%VlcJn=v(UCIig#?6T`esZ;`a3WbTJqu=LDz>$qE8F}Vb5ukXNy(DSR~Arh)J zd)D$kd-JHil<|Nu`w6S|Y!(X|pKX&SmJ*7(%6lxt^I_3}bQ`I6)M2hQl%(&9+qG*c z)C}4Qc<|zME4-*XShce0T1mm`@&$ct7yY30H@CAECPP&Q-8_AxJtmz@y$$_+@OR2m zO+;Ea(3-MStfiB7jq0_T0*^%75^-^MmOj)CBM)o+?lRVaH(D#@jseF81r{{c1GxEG z!?~;d-)aCJ8YBHMM9<89$EY@}dOcL*xZBdInO6^}59=+fzZ~{lgGdQpg8A5Vc9)*_YFSEgy3Z-!YYy$yLh0g8Ho8=9)q* zYx@|Jm|4l^d62IYX9Gu>^`r%(ipd|GYh*{Gp0X2@>X1YF!&>QR^0E*#vvh4c_%V)R zAGc-4cD=#I@|p%NbP#)`yu_4FQ1Xyvw8=8Wct+MqS*xKR)ZRX7x^XjmFfW<6H}Bcx z9FH9=U#we=+PYG+lSR==n_b=oa5a1mkG;2v1f~}ghQ@YXV_Ch@4HQ~!$BqZLq9(GE zWqGDwW}l`OG^zMYghQr1&%1t;ov|@XM;4lF|8hy41oXE6d&{AHhRX>;Gw_3EU#y^l zxw>eHXzRmYZ8-q$pmTxR7~c-yW7EwYp@;RXNw3d*6KwlJlxiDcG&HHTn}^42Nt>iQ zISY}W3UxWb0v^szynM#~&q1RbrDGlb{ODUpa8kE*VePQC$Bs)OPM3by?iSmrA-nXT zS6Vm)A-#iw?JvX*Xn^(IE_++e?2(6>cmhXBy$v@Bs_GHzCzy#0#BD zR#1a|`KlYGO{*CrP*_N%N<>`T<=mK>&G)o=D|z20luB4 z(BRobEhZf2JqutGK#xa7H7hLG=Dnpm5ai0|yx zQ$&Bv)D7HMWw5vn|+2`s@Zi#yKJMF~AoN#YU$}EtAaXTof%e1{S10L=JOw+9fcnxvrWCkcI z)p?Y+52H^<=mp&PWNzuj)RbR%^?3TUoM%MJJg$Bcc)$~f;%xwF`#C*pK*GP+rW45b zf5*~16xI))0(Q5uPKWD&0bzWURRvXdjf;r_IusM zreHva(dX$}l78h3k|Xlf6oB7Njz%~8YgzWKF}?F^qb{5y%ibMBci|B(94PLC(oEIK^x8Lj8e{=1$3mQM{>S# zea_5u{&eLt74(+ru6aNCETc7QWyf2E6{o$@M^L~gFehoR+t=W;2bJ$}p}ptaSyhm4 zN6G8g7lVJkj(pbazrH%Zb?x}6w6o2@w@S4uzrefd2UmW5R0SOS`OnDa3A$E#64?~^onYD1q zvDcG#pj@PSB2<|{>|vy0j@;|Lo8Xmm;8pcLjjG}PIE{@G+|fSpF_Q2@HRb%*Ha{_3 z+oyeK){-qV_`vhy;Zhf?iIua{8eMu+Fon;K>UGrJA_QzY>fGUZRpor|SN{hQkmyYO zLBue{{$};!qv*x%+a2C&2qnb=cnKCQJn?iCi~m$~3&jF>llO3+?o^^$Hyr+5WmaPK zG{=uaqSEGv!4Vj|Z@pB%#B(-oRd0j|>2&a8|LNI&!PojAlhWm}w%7HvVzvDxy4w8% z3(8OM$;VNXdVBq*>|%^Ff9u1lY0Pg9M`FZW5jY-m-5#A3!_Ch&G#?>LM`~AWaw}9x zovc^S&qk9)9^Cb2Fe5uMnJf@VZB~ki%L*Lt>=v7(BR-$7C{+yqf=6<~Jqq5P4s%FV z6_^sM^dbK3(MI>kT}Ou}x0Sxv1KxLd3ib0EVp5Zhk|}%Ko;bZxqiy0-i~ZT}K*gcH z;*Oo1#~<}`&bX^*R+hC?;f*c=_&a-U3!I(fm_3JSfw4J|Kh~#j;5TTOJ|keNF6XO3 z9d&C^HOFbdr(@&gqa?)D{6?6TX5&tXUeb{XMKQB@H0xgA+iAn$o=XH*7{WjqNIR@VC61QGIsF+c6ubmHC}@xiSTdT=-S6QDNsEKlzuDwJndc5WRky zDwg28b?ecM8@-(L*0fCu5_Qn>ZG-{kxw)W{L}jPVF=~}gKmyz!0 z8dpE?g-1JRiTJz)T_7!De5p_pzW+0EoX-q^44kd6D;n!jJp@+iG^00#h@Fz|4LDED zSflwY%7%9f^ttdZs0DUt$H1Q2n1^^(^6GiXNMDJcC;sBu(oy2GfD8ArKE4>6FG7ZU zTefW&nR0SI-3CIO-JC9rNrI~(G~Cu~(~k^agqSKm{7TaXj_Wh1)EJLT-B6TEW8B;w z)jFzWoyG84`utW*r@6hJZOA+lr2;M#jtaBe$zAp1PhAm3YcmRVlT}O=bOL~{e2U7u z;^1ig^XDzz+F5SIzGEx|@xz#M3$(6nO3_xp4>qkq_u#vLE;02AanGf!veEH{F4em= zW}vTJi}Bp@;VaxDStd3wIq>iRqCn=)?2Ao$KGI|=rOTlJX>?u z68pLG-RkrEK@Zx+A37+s&_z`iuLtz$#bg+t54+oO4LIw^G#~F7lUoB>0Fv0u2-dyQ zZ|+KMDU9fjQKFAr<_7jrV6{b|vB= zRP3hpUNc(a;ONwMDlh82eLaBC0x*30PFwQo%4IF4)$by{Qv-f<6q>+!zvxk!8jO8} zvahQXQVxy4m)Ef{*+fgM7_puK?YxpbuEsN2I1_s=y+@jtZd9}7xoUwRG0$BxRA*_vHpQ;sCNg@9K(nR&i?8%O#S#Rw)gdfzf6zl_SCN_IWS(sGPtWhS4oG4o{5tV6 zp=}(ItC$}xbBe_^4X*bD)L9ID-daR-O*z_Th7&)UCaaz|GeE^Bn)c->?%W3fn)aP%*?CPA$^H`p0-~E473&JF`i?e)WA4ogSpEX--`$@*z^ALn_x$kPkeIt029S^) z3k%+&Xv?z(HNAAUZ|D5wGe-J$yfbmcEqdHFi)CrdB&q5XPZcJ(ordlF;zAxvPT*<+ zublPAAwD<%RhF)zVR!O_*KJ8{G3;%?{0!g}kn{EKo^AGHx0sG%K|_5z@O)A+ZGORB zAMbi*x#|$ig%E0h6edibx}U)@MXy}^KYQUb6^u1bf_3sEy-wur2}nvTuzlZ^in6nQUh?!WB#bp5WsE z?A0L$MW51c-C0+A1~%TKvau>hovL^MNbUl-vy=x+b0(0uUDX(0!P#f(uULIo_2I-! z>ni2q2OP_gEW@jj`|KxJt%p3Zp^7rDc;15cF<`LnQ2GYOgrV$&fW`Xn+l-~Vf zn?v7q>9zOReV=cCKABX4FvwQh8HYIK9~q+7qtN>tk>Q}-k-5;W&J5-X4SGa9EHCQZ4I%_^{ zJZPeq&f66OqSHW`kZ4^h_>ngth>V4ba_j2@M2_YtEi~rn_%_*i+YIsi!4pSa^D3p& z*ubL08^Ccm$zuqL=uTUl*kTSzDACmBDmSS!?)|DzQ8L}UbYbF{2=|$TbfS4qSN{Ha z7o(UpxO$oU6VG#IJ%0>kqM*(!qJt)~V@G}D-0b<`PP|gCu;2OdMYD0fJ*)@rZ68#; z-S0JXZLUAr|L`l0Ylz4BApO*G=$>J8U@&T5`%gN^r=`juPRlLHetQu6wpCBNY=5|Q zghxgAt+lXY)8xZQ^jqCNi`zNh!AnG!v8mVrWexDVo83%A*6!br zo>h1aYn23yt~&lEwXGNpzW}sZd+t(=^Qs=`ICoOqMrV|N(ucx}5J@)p{6~_dK2Uqg z!sz9V*KV`UPBRG&`WrMIJhQ>YqxaU{0s$HaT@m91_qUAKyyQNTv@{fX$R{S8f-V}( zu5XMkQQyKTmsDd%^JgcBBJsBoc z{L_thYFYzojdO#ft;LU0y?XqM(IM`yU_0}O)grpXRkBkIE=yQZ>7DQ!!I##T^=C#X zFkS)kJZM+*WfLen*Zh6dJ(+m!H8GWZi8#^1j=W~4TOj1cJpvu@<4tZ1Qt|#1_aJ)2 zdiAS#^(L!Cd}i%|{dSonmoU&Tc9$pzfSc}0*+Z?Y^Y=#GXsQAl_&WAfIYp1TYA*fp z`s=?MIp=??{MFDe>pWf{OETmmt=O0=5X>@HP_$^TAxaVf`gy3?uotSl>(rx--jW(= zfmnKqPxt3~RV!S1=3!fgg&%UkUwRt7?jtHrhlgh3r6>Gy`g0EJjJ)Ddj}35z02HB* zxjJbwCZ?Db2O$fG6b%KVQNwWgeGCQPWc{FdK3;j&`FPt&5bWk@PRY1BzTw+iZH%kr z@hAn9m$aar**_C?C4?=ieH{h$;Zz|T2QEwOCN_=AP0lQAZfZ((bFzskK98BdWhN$l z58r<(N}XD_H&+QTm8g7@oo1J5GhlV-%yXf&h)Ca=@|7?;kX5M5u48q6>@O-g_OLuv zU!l4h*>6vkY#@zDx$YU~DdiPO+=pFP4N`k4`A_8nVP21(BE> z)g@DAUXbdbGpm^$=%7XHF_7%Y-}Vx=NE$*LsA^{xv>x|a5GKC_^flii5Zu38m|Z;UZU=&2 zUbK{Edvt5^Vas1m3VW=IPnGnl8lLZgDGxFadGBL;G1mw&^NNXftTG|d}d({IXGm=|992IjrS*D#w9qVOXHJK}Qr=eJ7*_k3SM zHHn6wEe?kZ96APE%jJb4iK)E9R{S`%0r4a&77{<5JKF8~;V7fgeyWNN75oB}4&~WJ zwUR|Q8kwxt; zO~Y=LogoYMtl-q?T{MhNKf+Xec_cvC`|@J}pyI55ZRFM>?=-YN#ogfT;g4FvMgT;0 z?IDw2mOY4%F<6CU=fY{dezu;w`!)>#oYqSUmbMHT2W8%(ylm!z$5V$Y zWJ>Cd$qx*l&M)nB%nwQakaYtUYFL6t^ogdXR-~OVj&yB`kG0Z4OAI`iYifcoZuxHR ztJQKGVBI$%p( z_&7S2vTr8jXtBa=(s;Jl{z$?ui0Z%SZ2Gc9_cYh8uu^K;NhXtwMbu_=XewDNQg+_I zQ06kGWm_PL3Vq%@r>hsR44M;cLKXYstmLLt^-6N8*Kwh5g#0o(@*>CRb1uAIcgu4B z7@u!ovS5F2094uzt9i5A?rO93`AGaAIOJ1!XxCgDJO0y{>?RNNm*;}-jINDsM$oV! zn?-QV+SOJx%K*$4edy-;;cQaKu4$-W*IdMbj+>#b`Yw*ePeqOxb=?nHN5nfS9S9Ac z@%lmfgMCg@LWtE0ltHY0@arcQ``)E!T!M7BWjIEy=yF6u4en$)hfKAES%0sH+R7U( z9yy6}_=3$xX^ex_!J!N@4qkcJhHPimvP*;f(Y%-If|Pms5R~GD+I#wu#9<#@^UUR? z;rUXz9p1&c%WQ2r!gq6i{yDV}p{mML?RJfGxM>HVVnl0m!|6xo%6OvJP=^OT>%AqK zKB5Tnk)m|u{fXCUGX%_g1M~juQ|D7452_`0ZYEbe zDY(pJHPIgSHbGQZaS8M$*R5A`Z^@BN?@C+inRu#{uu2x*Ljwj7erA^)nR`92Ykf*^ zGPRqMo8dOIZ@F7l`%q!8(k^gCXSu8Kz0$jWB($Qk^~ttP8p;A`9hG)L`jJir~@!kdTeqT2Q8eEURM1hJcuZNOK8l`AI1*q8y=kaim>|co4vR5s_7Ke>hwI9UDf$4)HL(<_^4;&0>Eo@ z#Ip6n*>Qe)_D^jU+)}J@)7sI*DP-;HBHUqPnj~k@5_$A6eu)^$b#-;4{WND9X4S}M zbdK>>z$+q)d=C0yK|QfKS%1To&y5b8BBUfH!t72brng8mjmV)rPjX1q+FvOm=SK{P z!NvRw{c~?Nciz*`sQL$F5aZV40Tq>{$i6%BH+>e;fQiLf5j@jYZzrYs>B|PAh?@0U z``+FdqVSe|JRyxu5Z{@cLkBpN4fsMDx6{oy``IuU&Y-pvs$Nzi&29gd>W1>v!GBO6 zqib>!@&#W+_4@#61rFHJe5{9+QiLP0|K3a{`@<0CDMtl9R<~Bp18=k)8r*| zIB3h*59zdN^Ntf<56isdy-$r|EFuNKEk{N8B;A#3j?7A7e0-=(bToGvgaB3T;Wx$Lx zGf$xOglNOJPB6G9QOoYCOg5bhI&$k62bNvt5PPFhhHV`LSs$a+Z&%UA`SiD5X125x z(>a_s8T{Y*(%27V<3lEx&JUhkV0TWF5h(Sn%Y)KThbcQ=t1{MSd1t5mXqiqv3=L8E zj2lrzdqwhdIzDry%?ZrOOfX);Jd*Y|*G4`6@2M=lo=N^%wZAC>&`?u{f%o+S{+f9T zRsT=zJ^$~N<^oyaeo!lwlq-TBrvk~N72wakYcv#p#a8JTNrr?NEABjtpz5R-X#b)p zetA6Hr5>8tc#qN~G3q>YU2wPaF?;um7ed_glBX;0^r+MT1-P%(zg+kDT=o8$$JcKV zMx>@-9O)W9|9@gAt3ntN=3dT>t4_Q56`#oj&~#%lpu3VFJ=GU zlt@r6;o|I*eISvK(EWI87w~0M*7T%|7c^urRpmm8PDzJZ)KRdHI5|&$l$zQ~R_{kkR!V4ecU5~1-DjK{_(Y$<%TZBqyZt~jOq@z@Z4d~z`vehbP1_F{% zpY4%X@~XD&KNk*pY9l!-p$6@v%Tn|Bx zFW)wy{drbUH*xI9;n&U%Co~tAoh3d8qJ{TX;SP=pWP^a3WR_wzPBoPZ{aJD+rB~`?uo&&lQMaC9y4)yYPCv(0yk@p6oct0U2!}4i2J2m~{;M$T zSDdt@w9?;hHmEkK!Aa=(t>1v4=Gq;ywenU!`Pw_`)DJP>DkU6_ecSg}s)Tl4kofFs zfK=*}yN9bTZYosx@TcB9cNvizR1c}a>vr^*cI$7eZI-M$LMo_GjeWB+00s!Y|HG2U zLH5J(x}sn1R@ck{%k76 zw!z2K?hfOOjTYRmtc=Z}K%%D}3Xa;%v3_OJG%{gsJQUP-;Qo^&(3y#e=mwfylI#Zq z`?a(Ejo(*)8Lj#dM8`UcSBeRZ$=boPsdI{{|2%giKDBQAo~`2xUWU+%-MpenS`Q!E z)XbLS;97luXtE@#JJFQ*LZrA5qgNvrG8O~72>^eW2x6#cy`Lr3to76r47lj%O z724^RaPD*)j!xA0Fb4QpbgQCk#;K6R5z;1X#dyorg?SnAmBhlIwAGUiZz6<5=y2JK1fpuUW! z^*&HTu@i1nLtDcdhmDo5(8l@To$!QT_WnaZ4jcVTwS+uTH`KN(3WCcbj!|E~N*7f?2kgGo^ z{zqvRuEJ%Be>S&bZZo>Oh665lRtUeU9C}|Vc5@d#x`eNee-3*DIWppzGO@{gRC z6d#}Tf}c*E(NNvV`cL+a;SV+y6Ya8OE6h}J0t6j(xH6;7K+aJi1JtpHP0{t9uKK!`Dk$3{%A93L^%gdIY!%DB~9JVf7E{P2eMOn zs5LCpk!%z=9sCMJx)+`LEH68~HjP_$GG~TcN>^Y3eH-`-_}ttBCuNwPFw+%ox@)hT z{z9_F#(lOlWlAhkUXLd-4WECLg(s8Yk4~9%=TDO+bAM{U&AAoHm(9*3J^wZ$e%}=h z2FFKuMPWjf3jI@CcC<3c_^YMK{B9VVVB-#Fp~XF}h^}j`JoJz&+OdH^kzVG>&!Cm? zs`<&n@XGk|Q!B%Mnyz04sEtcZ-P`bQcfz@`jk4x+v2ei6)%1%!odu7z1}0ikVQkaU z1nbO*^efUtR4gTiIGH6Lvg^S8Tb`HAUfz@Xm)y*F9o`A~J$wbni1P3K>q_&(lry%@ZQ8Bx#gpV z+Q%cL+0@R;G2@H_5r@W!gc(aOedGMNG>&oN7_vavncKs19%qA&k|9nuSfn*`z9RjW zc=c32u$ENhNIOW=&)QOUnW-3AE2oWPBLqHf{j}z~KxBPQl;dIpzhK0K^MC*6WN-W4 z1Zk@%u9a4qd`EC+6Ds(0KeoLCQM(maeZoCaSZCdQp}a4ch%CWfsQ=|eM%Lq$OcH+; z3W}kB9M1ohANDi+NxBc zd}e-?`NmN&DErvk+R1JX0#}Ov*$Vw9#>&nGlpFI_b+W|j%kySk9<`YyqqI)kJUD&t zlKS(?Lb>*PiS{V%!gPDMT3u0nq#ZUl6w3;)K20jqjN`}r)gMu{)ohUV8R~GQI1wd= zM3`{>R+mf>+M01h*6^V7 z@(MR@vnrDx({eN#u3)E`EBvNe&{&J%#SBcMV#swSzs=xt7+x9KVmsNKO=8sy)weie z+a;3ed$BZ1_C?B%irpcHAPj=fNR|7K;vjBb)lXAXQ`D7q2~BBeuX&zV$!5B$AtO(1 z1xgC%;$Ai{3QcVv+VeTkVe17J?LwiAPyvu~^<9V^% zc{M1<=XkKmP77lqKd9lsXuvP2)QtHdel99CkefI|0Ifh}ms_GIU@1yw(->8N^Su=h za^pA|>GAw|pq8-mZpHyp8veOwRe(rllu&8W`63z?g7))Wb`?>_&$*op(^gi~;nXVg zCwQtIOE%nj#>XPy8ENrx6T^JoI;xdYrzl@@{ z!yL19OOqqoASGouq*biKa(S^7^nE?NrWLK@MU{U|Yuz7@gb0Ds#S;~0I<`4NSK9v! zl3q%8l^m-FsHj%OeY~YxG_l01JcN)7cR`B)pWXE4SGPCJJ^tEWKGS4QNTDZ{?$)U# z->JfSsBvyM?!ifarmhFOG+EgK?h#q5ZB|(cA~I@)P_9+VUJuPy223WvGAzpW_&s#$ z70Uv)rc;WOn)Rc*5S6q3#dS);SS0^g4*lq7C{|()Wc4(QivDUhD&8gY1sy#z=SBvW z4RQid>+MGEq`Gd1Q(?H(dA@ezkvD^~HRDAh%*+*M_(1%)rSg8x^)wkiHK4otu1WvP zPmES(xTfCX(?rVL5k8nVdS;f0-jqv2)emXKmZs6*_MsB)b7<+r!Dsgya%4-3X+{SioCX#eIq%pmd1ee@20?=vQN_NyqTuN|jIc z(Uo<2_=-ozUbTajgZ(cyQi3-RL=xRQ_478q3q|Q4i(?mx)1jcz#O5J23fjE+zcS>u zA+UY{g5!atIB!yQmH0S{_ZeR_;i@a)v1}rep1Ibd#^~W6>0c$?whNr6e9)=wSOZDi zs@i*f7moTW?C>I!6p7?fhiI`;-kZVR*R&{TnD`QgT0cP|#XPF(yVx@JKyW|P8 z*22bv?Sc71^%o4IjB@*#GT%JV^?UKmsUDWNt*F)|JezhwG+JjCw`ot$8i0oCd~Yh< zc5CR{sGdVjJ~XseIGK3n6XfCzP$if@1ocm&lY3yR`0O}3LwLrf_hKsKu-gdVobf4zlBIuGbH{k;v@c@xtv^+%|p`E5MxRtVzd?m zb_I4D#Y2l#jQ?Yh=L^Lbt;|W4@3;z8uVidvx%H~jgfq89hqKiui)-$=iqi7~%uXAdUdEzx8WHh~531ofv0dzDpoW&%!KXf@= zZ2QXtbhJOsqyPfh}ZQaLN5PC9$@*VnkJ_a^Xpe!^c**3Gt_sLQQy>@ z%L$~SBu0NdqkP@yN|BSyH0;$bq9zn{4PQW_zFYQSt3gs}R0cG*uQ{qunK#2m}r0N}2C+&Kn5mh0({A9y*cD9s~AzS}& zVXeV85lkbvgmd}08#!4>8UIqsHnye%y9G1_QVPcZqqJ{?Ov)y!gmn<|`ZQGNJG6=L z+!!`*_K!QB?8-berRIv|<&MjB=gCy(s#d(ELu%58+XHKKMvDolC`9~=7C+N905t(y z4N-a1r#ZymE{v$j+-(K}XQ$7R4h|K6{Q%QY&_fIh*<3lt03@^z5un7UIV*2gpBmuN z8EcFu!1x}vIi>M7$fJmKIJG9{A(nz`#U(<%4~cF_MUMYNToEVz7n^?t(0?To!%SL| zBQGEBw2REC2*LU3yVuAMdab4t;h%qU*nz+C99*1U+{4cHWvO(v5EP%{7cn%g*>RGB zXn2#W@(jr>7^at}JWTVS3?yS-xK(MUCQZ_ae=i(Zpnl}HN_q9M3-*2_vPBm>`uali zg}K+o#+qMkX1QX;(Ybj}3IBK4fY>lqS~O#MgV#Vv*?W`R_+aD-Q9(-h86TomsRGo9 z=MM2dzWjxKwyw43@=GTIx1Cn={-a^yq}GuPR<&m@K{|_U!;@yK<=)aNapKMWLrBKG z$LZ;QHk}`z@Tf@w@b`yo;1_elt3us;qc%N-h>H%dyYu5;SKx`6Edum_xJER! zm3xuD(k=s9VvCrWkeSSsCmV8iEq$9&)lz#~ZYIbE+39S#8ShY}o=SSnGnxkBMIjlb z?JrX>S#KP>1nb|BRKq9Bc&|uI;o2PYW@JrjiVyjS49mVt7J&$JRY_C~JOC0l7@y3T z_z^tw^2FG!d4ox=oR}1%51OzdpUzWOmapnf%|X+*jb-m75wrwNk@KYc6ja8m!%ygs z;jhK}BanZE@W18MJ(pGW_bk&l6&_@RcrwS9G0fwZD@(`}kps|`MiK&2`JBbE$_V9U zl{OQV4{Z|hhrJ_&ML@#H8{`RYqHx!AO_FnS`w&xq(J zj$U32iCl%K?x5XY|0A(1m4NeE3vIc);8p#oMH)EkriNC)qFJ0P1cUOP)HPWD(Tuk5T^l5#oyc_TmJmcv zo0Lqp>pTwQsYP8>nFU~q!lW7LChOn`J!OPhzFI@!JQdt54`MBAhO@_4tE0TD90}x9Mr9>;bv8RaH%7+$ zy6e-(F_5QAwi4wtF?afX+)|5&APFpv;jcDN1lz?hKk;}iGlC`itVsV-$ZDRW3smXQ zN<+%nQjNcQ*T6S6S6FJuk5UOfS=-t9QrX1u@jBd6ttMnTs}h~!V`qEWeC|(Yi%d>` z^Oo~7Q~%-D$=&IE`W$V4y4suAF1_66Xc)7lE`Q9c72<}g^`#>FcwMbLX>x=5?n{H& zPNqs^4oJF+*MPx9AH0t5(oH=zfSsR{d>gHy=^8sE*aT^f+)pUxG&am{%B$rnYE~=( zi<^0m%OG2B$R<>(KohT3IGd>~hEvg~h#iE4FaRLIpk-u32UlR887^AJq^7+2jemA5 zeY&;r4rhoHkXs_D_1#tWec+9LF7fW^Nz=`@G3)`k9_0&}c)1zgsO?BI_4x`otr_t) zS^(yt*2K>Ior57a6z2HO>_s231qSe&I1$=;y99}lw^+@v=h`nonAImiZxf-Rmv?U> zkh=HyqE3Lefw1lbtov0NvtA#@{gW_mbm6bY!V$(v)`ye6DetCgyWBZrfEX?Z z3u@5>${w&XQY2-lP3H=wcdPjq&-~Zqw+iFmS#Yv{Ya*QT=izr=H!ulT6XAB0nd@B! z;r5k9C_kBRbZoKMG2ME|pQr!X-0Gz)n?H;NO$q;TiLrJcHyxg(+*WXQ-81E(;fLPI z`~Dpjw})E{L)lx5vCVl(_|2a3$fvnFz=*%t#;Qeg_~4dOxC&OlDT`&{8*Wupo}Nl7 z)hpn3t<~%g4dt#GW+N@#a9$VB%ashD)E(di-#h*qBn1;9w#fbC)M~P%mg+WobMw1S zU{J3FLB@q3C}+XEqkMd2k};W;b68gW^O@bhdayEckXzaJTPSs|TK}+qJl#@O$)dVH z!*3DJF0mkw3wH5kL2HUepA2(wSZ>AE`}s$wos5B+{8S&NQV||3&4Q#7qmR{stYgxS zTr%$yX~gV18J#7sh1fzB*pOm|VruV$VJ`pDQq#& zzhz|PNO1b!vM-`l&>R1JLmdNzkh~&DVJ5j7OrD+rEizA=bg~#-6Gbq6z|Z0?+%o>; zb)-SwANjY#{}*h~ z+GF*<(#?DRRODVgl;|H!z8sfTY}mGY$RJ(9@lku)Q1%AoAiy}@VORiaZafHXlrfX` zyVuP?RtlUV{SoF|AD=*06hi32SaBm>k;|8{vJv zRg-OVIFKJGDRm6hR932FC>v%WfBP%y6+^BBVkQY6q@6RO zqjy#N|KqiSXRpA66tv#kvhGoSL z*QmBuey2^{ygJW@ovIdu8S2=QiCrpd>+p)SP>3LUG-pt~pXAUZuOyya+oAw=E%rg< z;&jwKOK0}ugHK?VqRT`{)^{AY&EEu%B1FhOxDTJt&MoXbf7E?WBQ5ifEcf;_OTym% z7p>emsPo4;l@S-^NC>Wzhgbuvt5LR#^?jg%7RXa+-p{gNL}O}}S-8p9cB*Ll)t@ytRdqf}Y$hzySZ=_(#ZP7?IlmE;lGk3Bir3N-**3Pi>V|w)|7b5W zZx=_C5W6KNRnfV=Q;XN@Xa8ZB*+9uxavkJuiI5=`db&}{SgmIUR+s#>QDX&KE1Dt< zimo24`bRBIJ@gT^FCyKce*2EEdK4-BD{vs$5?Z8Rp|ph(P?C#FVztfU<2!Bn%ysU6 zlI1#@sN_^pB0BB+z3~^HW=oK?QD6=DCa+Y%GL(Z(lau^4ZQs^&>?v;77ucoeZVa5& zUhmFpNaf4dw+UTQk%|eBF!ufY#5Rn4|6_2kgamOYb{Nx3v_*T4+D?amSwT!H6s6pr z;LznX(#fq+K2cP>k(_3r$7z^H`I|yp2G@?Jw4RD`+pAzO24g(!SNe}d|4WIn7i{rn z=3TV%ZKgKv`^rC~Xu7rYZ2D;22Kb9(NrA)ry9eJyxYEl+6WbX`_T|O_%;*j5cPK4{a zZGp6Yjzl1P)-c>TWp-r?qSJjT~b*ZCL07JIvmeoWJj!~R`op~;sVg3Ib= z@^jF8wMNMeoK^j8SeE$cy}O%-gV!1NTj#HI{VyZl+6?qYxBo%97(2D%T-A0Rfy-id$)uGVVD*Vwg#sM%COzM zzctIuI?v&;eL8xe;tExb-rp!zYu*;x9nC-9@^%FX?864uLna%=RCek-?3!f&oF z?|6Q8z`5N`ME>_9NpJ_Ir+)cz>_DY14rr@8c3x>4^h#zzFOOONvXsuIIsd=~3>i}>m6;qah18Yx)DJ{#D`!N7UlJoGT|H2mVl=3$$-($0 z&H#7_X=^IVj0y_Go974%*~#W5zoKjf6vppM6_EE6=sj(7^+GescN422QJ;%z9;eFj zri&>mLX%5SeRGopXJ|6#MKa&ciqJ9cI(zy&wag332+V@rSVmMfws9ubzgN)eY|O3h z7M*B2Nf5h$tM82o)?761qBB-mW+T#T1i?#5fvs4Q*_Lr%pRD0385dBG*>cFMjCWkp zpY*iDd9lvyEfbMTi_^0Xd-1waJv%ZAClvHNG*CzKb1Zwpq&(n;A8F`0rEqJ4NN5xp z6z`A5!y9nkJ3lTYYwfivQKhB1)w#lK~m z^g@u&3%$l)B6@AN91J@fX+g0=gXBPfAm$uhFr)7r;FZ)uV&ZpsRO$%M8r4e|rbMX6 z=Oqk}Vk8FiR}~d1e``mIx8iodEWIZ8Dc*>yjITv-LwrZ~-QBAcuTTAz$qK5Ht^9kG z47s8EN?U;YFH(|DuQFkr87h*X=tQLS$YN*{H<_)>wbbdOaVblOW;%DePui z<#LRCy;~GU8|?bONv_F%2vq1^5TLzI?kO!Bxb-{N=MM`XWKTm=_McmiPgJRyI|Z|v z`BponRs5(C_$d6OMlQIbP(r@3_Upj=eSW>IdB~IgZ;Ct#`AT}>U(4|p?P_!a+Szyc zkSP+FezGTaENq~R>=t)~O(+&{v%jnxa$tL`sJR3Q6+tP#fF|+}d6tDDW+Ffz}59UL~ zfYzfEABbZP8ODz_3W+P~d%~@<~R-5N~CX zjGD(v@~QOBJ_1L`zDH8mG30>hyWQJTu|g5AN?bfhwrSk*C^2=&majB{Fz}wrxolrx zAa@=FMGk(K3t86aYmnW#EoOa2Ti?8`OLz8_399*$60y^j1xMFzztUU*eo)NF+VS$VSfA3Tvv=0C0XRU#76oFc*7euzg#|QN?drVq zm#QhSsBG@maS>Qca?(Q3c@YlPoUD2bW3R0nR{dcew018d7OcsrXqWTv>X7`L$reTN zk#1)$5L=cFDtvV%_{}!}GA+$o*Qkx59IwVvL{0+MX&T5E(64QQ7Y|Y}x{N=RT?qBi zg1rc5z9`Imjq8ma#IsEYp`&j)0O(C4K~{PRH=J<@(zwy2ZKSRU!7}h014`67z)Pn` z2l3u_ahU~J06IwXk`@1!KYUU0>CDdg=EfOxy-W;?&4qn@!7 zCMn-|h!kT-4N)G&6!1earqJ1%KZZVbe2G^XPZZJ1ye?$kd4%h2Pu_UYAdwNRb{7nk zv88FDo6xIV+PWn)Me_T(=e}ut0GM|X#jk)CQ}vSA@RcNXRA|+`=z^=sI`Sab6}(&Y znD&S4NkUo>o*+NapBBD*FaAa8rP^W)o-gJ1T@?959Q3ju0bkw%4@nWfcr7552YUh2 z9mabR!{`lhx5c?-Puol;uB^J=exbB{sk>2J`I_R)*WYks;F}T$vda~KF<4AGruMNG zVq;u@fV8q(B)O37lT%Jc&;EM62sjhv%$ai>7H6uHnPBzV$vh#P5%MArhi_CS3Mj)0 z0lKE3tVetuAsY}>$_{0V8{gNa9DlN z(rp3g6?ZV`L3NZ*NR3MqyoYWNdEfC?J0RTsvNtXzw|)6l%9Ql=foLJQHf6o-dxGBo zSR4_VDc6A!1BqETMm_&xZr(r2tBm4it#+M|FR$lYNrL2_0d0N3!>NYjSL?6pq2yv`mWY7{#ZjxJ;l2w1LxBn@9dudKOMa zBk2ynoVTy5TgUdczyBg^mp|d6c{+o)(ggkuxlBl5z$$1LT zU%um>!BkHg>DVtUC5`Co`L(fYT5&Zr+iHT=V}f!ppt(Sl(8R%|r3Ize7oT>CEoBs& zqe(j2+BEnA5vW(CI0Y{_ZV?^KhO26AOK_g2xht~(f2&{h+! z**x=zmJU_W%JAIq5E#lj1R-_V{iyG>)1H`RBkR7ZwNMH*T#O~rh>MNzL8W2i#_3mp7JQUyg0T31_=k(3rlM(AZ)ocw&8_69gc8Y3;RS;ysJ0ioRIxXVjd{!?IwmXAlg;4$zc z;fGwi0!WwlmK3^3WmUTIPemQf2$*qxi`9>KOsg}mgbLWN;DI5xP^Y=#ONT&R8>|lb zFpJe0Re2ZFY+8rlG(o^X*Dh&gUZKZ_WNkP#> z`Mkz&Ae%rr3Y|&(*Z&lH7xAwNlK+%wDW|C>*;*bB_WcI=F;h0QFHcf@V(9ci=GYfF zg)||~lKZ;Pt%}v*=FhyE`M<5~M`Wy%xgZL{@$cRE-^*XQ7kEE!Tq`jrwCCcZJT7Nc zTXgPYA~TuA5Am;6B{ok@4NTR_J$CIar*2Oh)oe*tXRl8a$ZT{%%HK%_&(3B7IA|G;7&0Ii{ul8tv+1^TSd znzSxMPKXJ}3#G>f;BF$NX$rZ9s&dHZ*&?IK)LZhLt+zQb=moR`Nf=}wM6%w_dctLJ1p0n9EXZSC^`J|Pta?E~~zk{^bWdQ+xeSn`A!DqXB3 zjxMa*egI)j(Dm;9Ha+U?wWb8hB!kxe$Q(#f>08~u2z9-j65TIdT-0BPNpEEy$p$jW z{4UtG3=XPEdtc2$nU%}us}`3XweAAJA0hc82yGvG&|@XWAzn_$9+Qyl!nfS@AV&~s(+X*lRb zHD!h3_`fJpPUdFqmcV2(w_%88a} zOAnHK5}oIo*zpD*ery75A^M>6{_~GyUg~my7&g{d0G@gHHv!TT+xEv<-kI$2rq%1c z!Q(hnvI(w}vdy<#XSs&9oXhG31s)t~#^n<#kb&L5jYZ9q%&di0g4VWX;m<*>je!8Q z%L$NO$4u44A^!Xn2n%qknWTLUD3o79!y6d06VXR7*FIIVlPd|=m`3+{S5L*c0rda`h))~PGS$mn3l7dg9 zp75{?psN9*8z7Iw$}mTBQGinh_Isx8cS4w1M^sIdz!&*IA4WrU*?|Mm$i<{tf&Ic9 zH8R-J!r9m$z6SKK`^i?>6jfp8m8~g2VubTk|LlGLhyIm_`AA<`MPDiVn}ZbXP{@%f zF;_M5>^=gDwW8pxe9}Am`KNQ4={$h>#x1Yz&Hd9I2q^fc{i;Ai->doV$A<)arj^gK zbN&+t^>4UT1ig-Eopvy!#WQx0c5e?%qkY+o&i+4`3}SU{mV~?4Ch(*B%k}N3qKp9} zc}nr9zW|NiKY#{h)%hdp>}jC>%1!;*pm9u4G(Cg|$C;y?`{TX=rWXn>nMY*$ApC6! z9UHl%r3{N=%$An8mdgZQO})T;SyePIS5z*qkDi%18{8ZnSCUtTQcKvGvj=lsph2|3 z6Wmzu#$kjMon3-VPdt{{C>qHdBt@Cxq{Dl{k>M|A8$A9;RexSQ7E{#>O!sPapITo` zsU&%XnG-b)0)sz^Lm|BJe7!;vaJhS5lt@7I!;oiG3*lD-SjBFic&%SIKU;Xs8m!a1 z@(T_{rm8Ms5kCebmF{PKOKQk`B=M=ZfAJd_r#~`6H`qM5=;bq>y{`duUNlxx8e^IA z;mCVnF+K$Swkn4G8IFWtXq8efHu&^A*=OGBG%&+`>y?=`)~}%I;0X9mcGw*3XoR!F zrBQ2uJn{$dK#7&HPrkb{G-OwZQ!h<_wl;vI%@D$=c|H-EKWZHCc=Y0Fj5b|rp1$hiV=yC?&nwnX=Vjc3_XBKOseW01IJ1~+lJ}6S zZj-y&L)e!WisS~s{BM{0n|=C5Ow$P9k&`xmsQN#8*_Uu1TmWal_1X4I{9REE$gz-XKeio=km@o!}%VOyT^d+ZQQ~UyIE)=mtRmNWag2i zPL}G&4TZs0_Imr(R0DeW6*BprVb9_Fwe0(Ra3(ReCCY*ld>eVJX%45^vd?KPUw5`O z+kgI@yS%CsR+!ZvX9BzBaGcw^^|@+vJRIS**-q6c`FJL9QbW!6Y%(Gc?QhaHuWVjx zYU_yy2&`13^-*SK@H~(7Hqc8{j{KF}G)KYHj!s3fj6Nf(vO4-?W)yZBTm0)R zYIEKW1~UtVlB0H-yTnfd2i=2G%LO@$lG$yntM_me7iCNU!wyN6fMxRmGB0>tjdW2=6V9AWLGY+r4xCXk z=t-mM6=hzcm{s+nPbGnU=wK8Jv}!wFA5RMXc9`dZ zqD5<9U9rctVV?&qJman3P*9Z^06v#vW%TFf`-fb$y5hwNk4gSu`$61j?`&fqcj-aU z(T_Vk8W@^6clC#%rEp{83t{qCM%Pb}5nqg<15f_3JW6*~SmJ#ZoL2bhB!AN(I*j4} zVMIJvI{w?7UOMFyG>)vCuggth5q_Cx=Ek4sYg{oy3o z8(8pC9I8V!~@z5&5Xk0#(lc&F;yh3sOVoTX5KSq6K|2k`xj%COt{Vv`@=tp*4p8^8Q z_g{d@G41<`c{WxC;{-;?M03>sp4G)M)?!J6;NcgwC$sE6)pjKfDiK8gI=r4;Z9DpUC4x1BEnrwUk z-BnD1eAOSf$iTaf~R(4MJpC#wNK$HLWbP9Tr#n;a@w`}bgzd(T=a062esS)TL>8OdAcSeH;o=cBS zH_$<}fm1I#I+TBql4%~`w!W6sh1DW5;esgtoQ%Lw{9es}>rR@dV1Ulqp>X2+_VC7F zhA(Fds~8Vjj;EtGPu{ff_&vb;piw<&R5rMg<<=trLSJ0g=%-blI54RnUs1PQ z$nQ`Kp~#kjUJQa!_r)lxtIIJb!oO;ZT|k<%rDBwyVYrwLyQ*cGC=vtq9Qu+C4!d6GH~K|Ew^RAEhr@xc;BOvV zsGQBd(1U?}OzHEfdhMzllwzFka|brLJ!P1uLBPOaGpl>@GO4=qdb*V8J93oz%fu2B?QZNA$E>=$ zoc!XeB??Fn5=}d(jj*r>L9Do1Bx3KQALjj6bWf~{>uxEIC`V%ycQ#2rzlxZG*?mL< zDVN@*;&;>E3qKH_imDRQy>jjV5p{{*BpTD4oUUEqwM*}c2n{Vg6(J!(f?GcvwwTHz z!ixSUr2z}*-pdDB^Z|4Qw)0g<)DCc{u1B1|8Uw~|5b#bzE&P!&FuL3WDr+B#)fzu_ zzQWwta%Df(XnmvDJm_+fy9610t>R$3u=jL(ci+mK2d!yeq$8$hodZ|^`m8MzxCNyt z)~sfxy6ove5NzEX&cXQX=nYRbJtGRP1M=pZOy6rHNlm&9wf(=nnbB5_m1 z9nbHFyjRAQ@bgEUoS!>ICbEF<^z)p2|2lOw{awwWJZiGn$%-t-FfrYu_|S3Q^m{Lz zqm_Xq=?XjFLWq)JR#%AJDja;xSm>6{Hhjs=W|W)Q4Pd2#ftdf*?%jX?)B*qLey%PZ z_KmpWQBdt|?nt|#2*50NoloOS0GnMS`=-pl8s}qGvxMGSk#6fgu{?>7q@&f&F z!aUD!qLi~&J=q%Q4iYwjR^cpGFinTqk_psGJ;%*vZJW|Ks;QMv#5Zu-nhMg{47@kZ zs;OqGRyf`&r0p5~0Hn}e5^xHz2f<`Hec6k(B@{=hDGw(T(9^hPix?1)%(n5>(c5;v zI=7yhDoxQ^?96n4F5AZTia18I8|7ZaYKFe;O5+DRc?AHrnih$|pZYCc)uM1trvVi3 zP=KBsbUHwrUqA)7C+zNeyZQa@AysM4O3+KhRz!IJAZ-fz!r_1VhLU`;_bL?QYB`;Q znH&ZB;tG4h&@e26bFS;tdU|21yq8{#n$B;V z8%;W0sOxo|z1-kc;7+*r&c=QD7XvD+CXJKrrK&_h3sC{~8&TDZM;^~jl~+gIRd(kf zZ-k%W6uN8bT&S|%w5O)L`I5J?bnp_e#5sH=*wBB3-0wEb@c&fKUX;`y%g0o~u7MI+ zE1R6?vPQ-dKm5|$Ii;O!e!4-m$^JOa7_cHN6gqy8enlFskK>xv*{AG;wH{{stObi( zIn^%2mLQeOnnWrj74>5PciM=OWV}T&XBfa-+ofQ7Rn%^H=uF5#gC<$x+1;MI<6{I6 zq)~)aNQ49d+=f*Sp1Ifu={Gq7sM#@r_XF-R$GSm0_(kG3()Fsn{Eqwi*f{!HH1;Ek znVOnI5oMhtRiLBF$}z+9&mBl`XhR`rT+Jw(gn)KM4lv0>D?2p9J2cu7%sx{-qTWQl z7jsez7X@)CiDhf>+JBum?VuZQA#KwvyC~#)t}D79a=a!hf62qq!x-VcLkl<>7qLu9 zS_YZCBPr@OKWS3#TX&gLp7XxPn+b>b_iDIdpW~_1rEbJ?BNdV{fNPchiWU=g4YF~H zSxfa7;U$s>YC75Z)`zI4W~IXS<95n9BSmx=nC|_z88V=x58E-UhsQyXymi$c$_#TN z#k@$^8#a2yE`Lh-cA^;6#!V&WNJ3;Av!~4(d_^26SH%KBC%?ZaVm!O|bGc3vgq@l? z`=a+>T2cDvD3Zx6Ad#xZ!Lc0*37mx-Q;P=-icewy4tju68!xGeJOxAa)OydF8k`^1 zam`+rRuVdFuj>4+9N-{@{H^}l)V)r5topbQ`6i8|WdB6_eES~p?3&|tK*PYGL1sjM zMVJ7sQVW-iQ;b(tpMpoTSe|cgCTdu*J}RpHsmeMPu(rOBrLU$J+Hws%_eWI&VYmd2TGf9irwLhmormD`oClwq@J_XaWIrP=x7RcP!Ug_iEIvd zkDA5XT9f5VdWIk;i|9orCC1bO^RUI68CB;@E9s>T z!sIgLrMZU*ae+=Ubq>dN3IIyxmBYU*QD$bbyQ`VOKG{}-chyPq+KR?(3`>9cV|hq2 zIqJ|_)0xzeY_Dfl{F zcDvR>_2qzlKblhp_^A(b7lRgi+JMO;M_>j>HV3qrdZG8v&g4)S5fsf_8z&}rv$J|gQ|KXzbhpN< zpM4B5cD?!9E_5;W$uAb=)16W`b~h7|a^{>CG9PMYdQ?=4@ObN{eqc!|)19OQb}@|Z zAD+!yhZr{ZU|5#OOQR>!1;s2vS-tQN|8eCO0fS0yH8pMu5gAU4BdPb6k`UoLM|%J; zgNWZd{+Sj69K-}ca-;wz81n=E)(v)Aa^;zIsftg{H}*Fc^j~rn75TYTZwYm#xp$eU zgL(dHQtux(uS@^6a0|%Z+$mwH`PE}1oHTzf&ejO_#ig$KY-i&S6{qXS7d@w=__B#^ zww$I=CP)59Xr}ID!%EG^Pa0$0vl)iJCwJWS%;uN(oT1hngy?k+$3~2K4G?jN9p35W zV9vDqmAH=;+q^u&yyfVzi2^|Ea_dy1$ry1*8NknT2k#r{-{7peu{|c3$xCIOuvogp zdzHd|j@5ENMuo6G>CQ!)c{CcJv8tDk__%W71ASL0t3ev!5q0GLc2+^nt#?QJY&Oqm z-hn0fx|;1*&683P;y2aXHo8jQ>pCcR@h`y^pI?5+hAl0^jHDn^22lsto%BPx?C^UJ zWw%!ciDWYCNh!Z0{eg_I`p9b{BTr9y)0tg`UtNd#(>VKzQt64eMwwTc6p2n#9zIdN zZQh>Ku{&qhFDTrT(;td)4CjIM1U+vELsdu?_0tfXpuviZt)I_z+{Rhj3ZnMsKw5eW zhRA$IZezuA!Z)bXD@H1O9r3>xx4YY%g?qv7KDX!Zwze>fNvd|0Dcn^gNHnJJxGeKs zaC9}F)imKNM7*ivj0|S&!mmo=l(}5K!IPl8BG(n%HMOnw9N_mhYEb9GMe})yOF;&- zsb0*Zh1dRa6FHn3=eYZ(YKJ38C(iGBKJpV$N>8TljjdW+Ie@kcOx?HHWU}{i(Jg!9-GsyIr)|F zAZI*Pi6>DS(i0_+lR<%e1OQitINY5`f-VK(5^l|+ zYTfmIv5i1tc`Nx@*eEt{ce&TQ;|}{(S2^l|6_nD*?dFL8tc&v&z5wtAC(AfkqP2EY z(pYcZFZ>I0j-aIf2OP>jSC;=LxsCr|-T#}5RR7wSk9ITsr;stZ@D^L1-&J-8*2<U;(S%w&btwL7f7bb)+MH<&&DNv`cNqx^AnB1(1L`%xR#NVbKb zhgC6=v?dWtypq`KN`x3=y%=uFaZVsmBW^^f%S>?McopBH3LIa_k+7cd+*$t&>Q#lo2eAljo*qnE~9yc7e~@VAKT`y}khDcUC^d zPobA?q2*gL1()`4vf0L+gnFr-w!0H^jWg3k$6pkhchR;+N7)vAg58o>E|3nrHKnBO z23n*X%Adg=)4}}(A7?cJ6@`_r$@E`dUvGmIX*1daAi^@$12=Q5QB7Yv=4T3;wpOo+ zu)Csp_NQLhvUJJ&0tsW?WL^r*L|&=FgmpuD5qhBP72*V(J=pYeDCEl zE9>{EiT=-Ix1V2D2zhHt$7!_w_&}i81zBF(t$^b}(<|CL4Gve2%_rE}wvqpLaVAR}Z`k*)HR;RY-sz&^1h(3ucF5o~`V%>*A8s1s>mC#Ro2?!5#JNL6$Lry^ zM1k9Pecx}5G_&n0ncpklx~e1q~~`c z#CZWmnvok4hs^A01}u3}WV{PZ7M9_Po9~)J!K*3_c(?qv%juE<)+8~?hqMi`reTNr za1O_oeU=xlOL6kLaG1MG$(t=sma{BAy2v84+oapp7yzPb-{ofR?9g_wvmhCzTrGxP zo8=mIwM&Us*pPag;g>Ux`Nq zd9_+DRyVI$UP)&?3NY-1*{fM9L_hC+|Nj)?1aWetk1|=YWLWq8w&|^JEQ0 z+q;iMc=G*72cdArXAdYw}C%HbevEbZUrkDXQ&4)aNgn*(cyF_ zMz`fG@a*RgJu27x!gYSu3wf-!gIYf32jdCyuG3-9xq zvuCb5#RaE@(uD38h|;9~{q^4esw(*dmyQK+FCmWjEn{OQ80$~^l8qik=|0Q05Xh|6 zR4FTnXoI{hP7g5|VNhP^Z8>brvOaXVi#udF%4+qmZ~EoS(*+DD$jDemGJ@N(Ub$)Su!dnQ^V#__g@` zVj|^!VmLWsJm-g0YT|XL&5E(vjw%xkm;0a>MwBa~x_lVH^8L}_gX?|}Z&ie}1YFp| z?K$PA@cquaSU#a}o>0?`^SfGvh8WHxj~eaTA$WC?WLtp0*}>Ti{A?SM%bDx)3JOE5 zWf_NEUA}tZHt{+HcLWJnG4@9ESog;6R^=zRm!RiVkdF~2O3(SR8cc5QXAQnq2Ge(> z2%XPlhpo86Dj`C}JxH1}27N?42KyxytE{f(AAbydujm)!`gYKD;33>uN*Gt@26Npg zXbtaWAX+Oz60w-JyqNG+@8?sezU!V*U|3%?h8Jx8{Nkp2iR-C+MXJlxO0r#kM@L`g z(#5>*fo`fU{~XEY0;#t73fYuS)$o!UI7Ik~1cUsaKRPNHM?AIF@YixE?-HE43tEm9 zhzRiXM6KO|Kap>-uDHHk*6rn0hd4bgv1RG!?Ve63pZ zI!ahx4m}x)KrY$Vzm?=M&@pE+#dgOb%fF>$760h9)bJ6vn3YMywcDuvxP1gl~JbG#gsR`zavW=Q4ekE=bTsT+|c|_o7_#7ViO(7V9IWmLJRxHZ_9ghfveyn7hgX4^W8v^7Wa*@*2Oj?7g+Pv@Jjp?hUdMhQ4*nRV6 znQ}IVSLw~N(`{ukJ*Rfz&(GjGtXQMH)@5eb8>}ehMvL%3#St~wugkM?&f&M;PejBC z{6?0K!^goZwW=u)IY3VdaadY@(YXm+PhZr*|G0 zbp^%wqFgt`b@4x5l(cZoUc0P!_eQzReAE`?Lt1XLNl&Mm&#Kc)xPf8~QfT(OYW4hR=51D(aVJ?bz#nKJBY(KZh(vHG^*^^7^u!892hR=7DTC!qTZ&8Rn` zXC(v9aNsI8lE8V?6Y^_>PWVln-8rx=%M*M~@38Tvb z^B=5WOlbOocR>00z>zF1R;*X?-N9Ytr)F^>93blTzbO4f0k$mU-kQz@*;h+%1YqIX z-;@JZgKZ*=`ixRW^%sTRaIm~?1^bt5;PsnXVij6<>2^IycwMBGdqIYl^M|i$hJ>0m z7eDjpdLRX~CWJG2lzcTdXLq7fBH1Z$scXa>D4q&u5xEmpe=tJ0qV6>tgKrxK*WA;MnlANTpAQ02KA}e z_Bk=nqP1IHvaFRF>e$)wb?087kuK|U7rK4~ z58)mLo?-EVjPQvZ^x*Kb@@4PFLb9-bf<;*+?#;mLbpTHMC(P`>xzYUp$9VVu?@ENf zUFiFlPWv^+=x`wn913)_;1*VyNu&LV-TQ0b$AZ59&qJbDH*RTvw%w^mC=6bXU$$=_ z?w~_rTW_eqUjpaXH&A66qiGu6`j7{<%pQPkd zgsc&J`m4&ojn%W21ofbR^w-#OJ$CBCMr}kTFh@x(>fV#~g)^6?b6Cyg{R=BEhxS0oj8&g6eWNPU1Mf=WcB8ZEy4H|fS_n1ZbYIR z%tT%p7E%rtyDA;*7L>ixF?@!;g6oafP6!!0yW!I>2`@@gQ!HVpeUBl;W6 zhmYL=>Dg2!&N$yA=_-E2Gw52O zNHkRb9L14pltSEaN)pN@VvNo!%+E*L&|<~;i5)!o!O>fl*PhoHbT-ag zbrS*hS!@nQ|go1etAi-ytJZO1Ex3uri ziAK+Mu<(p1jOu}UDg!>p&!_A1?>~i32hRQ4)nWAI zApyDB#ZqETYExk8#4+xNK83chE<{9E0l%TizN%%c+JT48q4YKTQ_L>!8nlcTG^N{r zy*=aTC9~~cb9I_~o;O%l#R}ug3K)#BzaIGLH5c(gsB^wkHf>^o4lgVLq#JcUEaNJ> z^`7@6O`dul$)3fNzQZl##;rVcSqtWh^F%hSt2KNTLcZF97v=t%#4RLNc*#>|S~hOx z#|4|@Bvab-Bbu#>2y*hU%!}Sjno;O0!8_!Tr1pAMpAHgrMB&K^b?xUwN1NW5IWLRR z4}Ws*A3K=5mh=~^I<6u`cd zXwz%}v*k~;MxsRTK2Z+I!of1D|d#Bx@Mn3XQG*)f+Hq7`eY>`8a=^UD3KS|@`|k0D zO20Paf|R>xG5JEp<{R5awKF%rW=adUn&syk%cvfBBT-2f8D>8`Cx598RbQpbMdIM& zZ@_lxw?RI!!pexZc&;x8uTzz23r`a^rTcz869w|Ta44ABYBaaGb$cU0HtQ{TWmLM< zz0VHcX3McEecGcHRSXJiXUvF9c%OOo?S~DYQr8so^Qe$9)Wr?wS7*{}%AN#{CaOfm zJU->&7U^%N;rTb~+BbxR*=!q93K_e* zJ_u>Uc)h<_;T8F4qw_@u&yg9ZOKtdM0*_7gv%*s3Bf)e8VCqovjguZoxg-xtwLC!K z?mO~WoFuWf)b;H@RbB+~&AiSC=3~Wq5$Eu1TXDZlP(Fn+`bYNgE{>0Gf(_;62>$`N z`18g&9o+Vz^;ARI414NXv-(Z$@N+sX4|ySCUFK_a8!!W8@(oI_905TbFoD|scx#^F z-Z<>_hNY+HQ`w-KHi}G5bgC4gfDmv6)2tA>9nKHOj=Fs>Js#zUSu7mt$T})HuzKX+ z1-&@=BfR>VeiX|g%$BF2HdR!rhe>%(_$j=F+bk+hRh*0$RKFlm*!FqGX7YWv#U`^1 z>okr8w^_!W#Ar9&g)yX0-uY*rCVal=mspXv4=r|e^^B!b8dgU;<8dCGHPfCGjQB92Dgh08>9vp zBK^Tnd3GoxV{rGZs?cDxIT++DkUVBXD zkh4cZ5^m!aZF^!|B)9LX@=%!^3U1so#vI|d!g)d#;?!Xn+^nToY3v{L5Ta&Y7Mjd} zS&avHJ+yrw>v-fiyC>XwRjXDthdGanhu@!CTAQzf91}q{CoOp4siSBcHzgJ`o~*9%m2ICykE3!`{J zMPD8X^L$CAmb&i~F_xQbtID|t#S=$;pTz2^ql*T6Cg~GmXw6zNr5v-#b(x18_Fl^@ zl#@;jcv=Xs;&HGKA+GsWyahOYPVYCGb(pVH?%FtBcF3e{=in9(w_$^0#K9DCD|~e@ zUG(?E@YcK96h+p!s^Lg5ylygraqG`C02LQiT$S%sEU4VG>GPpwYqd`h78?Jm(B|$S z$3Jfx^n=wj{axN``-k;rXh%In99OJ;FX%$RA{_bX(S4jiHb!4hyA;C`Z@U}RTM=n* z3rgpOWGaNPQNj=w7%0a9FvQ(7z&{jR|CE!ly0K&=Q0n=?Z%17DyjI?OX}=A3?R~EJ zWPS|UeYQ6r$^Q^Q{s-+0>AuMYIFSE-5}4%mI7YawWv80J$an)66^sbnLDtvLl`FW+ z+q|fN9)1tEH8olyz|kF|3cCAnhLPMh`us62g`|%AoBvEYUR&DU53NxpXT#LUPsJwE%BzEwi_pBZZ8IgN0@(b3Wq56plV#+Gk z!r~oRNYm}8zqh!pq-~#ssgBvZ(K+R^S4$f)niz7a|+TcRzeT_2WPgYrS%Rwu$Ao*47< zAvzTeth>?{1!rk(JGwDv{JNVGl4-t*8rR|Jp@fH}-G%r^&a=2{kku5*nI#{~VK`<* z>lMAw#0g_O;5iAf(r+y8*vi$UI&rh~c|Jf&*9z~)Ic=6I6>fJu0&cimWUBPnp>&Bj z@ylH%pBqW_1T&`s>1wbfP*QrX6R`6da=>N&9x5`)zNutJXeOWMNwL^QclQd8KS*Mv z;2`L9N*er4p{_>$7UFK<-93 z@ZJFq)etM;_&Fqh0H2i&Iq>+lWwp-7?I2u?%~RU_VM?5FAoZ$Yc!MFnsiM?yX9~Uc98Y+$|LOf)CQC7y6{Cd-@?mO&t0cSjL5OfAYx{=nNvw4nv z@rYJTy-i!%$ud*Kl$PrGyrr&q$11o#9;#kPzmk2p(|I=UTZ654KyMUKTxqpg`IBms6YYb55y=KnQ#4VO+N`Z2ciico%BD zeiO!34tO8ouGSfR>Z5P~jVRI}^%Ncn^>eP&!I@GiVgU;dIXvr)rToOT?G+!|!}v6mRyn!Ph=!zwaaE zUDE71J{OywZ};QaV{cUs0*w%?4QF~J5zSguRIBs0^}stnozO&sSwUweE%c_m{t3+N z3!qSli+-CYp3K&wdSF_QM;B#I?+;RI;30}_|FD6q>c*>k;_n`o!(y9pJg*&Zg0k=q zXf}^2!`DC^aA(r%I4;!iXdKeGTba?~1<-C)o~PH~LwAK8_A5C8K4>l9OjQN-sM~q7kGfv80aW6}U;_pZt8M#RUI)7gKQKx#?p?d^=}2o@ItP+N#e9Shl#|`^ zR!QKhDS*w=L~!_a^+D=HCDn8_j~;nvfMn^^!lcnDA9|!{k{m6w*enkQRHe2k*=v5b zCx!qb--5n0^I0Xrq3U^AqWZBW#^Rhp%OqES@*1P{pQ#VdT|I zxB3Q)31?50Iw|JAw)xvgYU$#*c$P|bwFJ<#vKVMky-NMu^eFDvY6o^H1fKOlA+)NL z-i-gL*7j8|rPpXE7dr(plrqEb+TO&)7>l&^_R-I~3kR1Sh=vD~oGLmo`!(twkLTIT z)#$#9L$mnRbi1xdc1HmYY@xuZ4Bdc*M&a;)cmjj@*n&@2X-QJkbl=LT#=A^#vkD)D zOx;u~bBB?Ww_s(F2JD5XEL?|F>hiOUPvb|+IsHsu`KZI#6$RI86FQA)o2XEG|b|dA2kc>m=ysZG9^K0bM7UxH;#gT;9=b`9X+B^ge6r+J`t>9iLr>6qlJzw zR?v^`65lSUI@R#~`THo?4tTKTdx&H~A?wMVDo59Zos%<8tFr-Xu6!dd=zY3m1rw*8 z^r1mw(+eV=T=5Id`h+c16i%2l&k>WhiK}UKY@<9wMv8U0^%PYb<&-HAiMQnR{{O1& ztb*En`*mI13lxeMXpmA|i$f{e777%1FIEWd!CPF5yA*eVOK_(Icc(}RZUKU<{QG?~ z`(W?2=UaPb=O9P#WRjUA&+mDk`@XK@NA$x&PG(pXLaX$ttu+5`gCP_$hgsJAVX%)~ z!)6x<03Xo_CzIYXO`eBLsA1z7>`?`&RofZx1Y&c z53x})cKNwxShF5#Rr~$Jlm0R6bE(nW93C>ZyUSQJmb1r1SFh8{6N0|F-~?(O%Y|o= zooXp>Uej6lAvzzLn=A^h*Yzyd@41-FdQXnG4jO#Vlpk2ig3>&urJszsuOV&GtjV!& zf9P%-Upjo-S)BD%>AD-!&(+5-6xr4#R7ioZuR6TBGBzsTes`Z{f1B9l<uW9X$Y;etrHSpC zE##C}CY5iDdfdWG#fE0%SudSt7&E9m4tpRW4DFn8#bn6~Dfelf&~abCgS(nm>&5JC zyW+OfKG%}qU4-roO&68?XUEPdX+=&+4W`X3ooMmKCdzKAirfmh1-v7(pQvxuG;Ze1Vr&ffX~%nA~% z+7F{OnuLwNeuYU3v3}PBdql5nBA0E%?_)|f2>)0~5xrEAQ+!7PY@dF@78f~*1?&iG z38LG7y{`_*2##}(aDW?&vgm@xl)44f@EqaQzy&^ljhxOWBmE32)4|t23I-;+cojeX zl3I`w2gT1I%REzWzDsQGL@@v79_LHE9(Hyys(_pKdL#AqK13I%SWk?Cgbt+EzuKEmVt#W-Jz<{6N5S`oe}OHmkYLJU>5qq| z(eEoeUn0RZheU%_0v(Stzr&m98c3SN8%455jfCZe)x>w696UbY331?n@@zR?g&#b= zc(+ZyYdqiVMP-=-b%%a`?4L+o>#pVk1!o>wh2>onQ?HrbX^MQQ(hUeLRmWy<$Eni<^xSA3)|l$5Iud>u;W3PFYh+CU ztFRST*R3CrPEdohx8B)OowZ{=j7S_=DbYv8pX{o4R$Ig!(*(4{N( z#&&IYc!jn$+%*#N=&oH`OA0rtApe$6cO!Y0J7ItJZQ;8U8S=;)cNl6iBaU{mF$*9q zUn@&imG?Scuy{bUbUoDA5j>m)WC`ISVPPY(f+Vb?+MoY+~sGHBXGVCXzVCl;u!Sg_;G4#FR;>xuLE(etPTND-F`2l z=&Pr|j;z;~IF}M@zIonu8;_6Vm~?+jFGoaJKjvzwR^$TPBU>5`rB)svNU$of>^=?r z;eE`0Y{gXmsyT&XseSy|KCi|>IapRNbQZ;Ux2~V_=SIWBO_}6MqpG{7jH=v~!_~IN z!5J-0ef?k}|Ij<$<>Fz*{}L`98b3$4v33@=lJ|H&>-STE)3YvZf`zMOMRAuOOn~eo z(W}&RAdO-EMebMz92Gn7i#StRCcys)pc998%|iX|Ar$eA(nc5mRwT`q%2!$DnU|#D zPHTufK?<`!q)08~&SvCgWmhYQ$3 zVa{Z7UtGE-B}EA5GlER!vZ@{%9>0l01@bN4DtnY$i_9R^&vzo6LbhCn`dKjuC(8{; zp1^!MKPFrt3q-!Yl*J6EW6~7i~h-#?r4ew1Mb6_!QGvurj+mQ z{Q=qX1zolYtXt0!ig`(Xg%$|`;@{pOo{M>TlO1XMy{T+|z`7b9Znn&|-gZ%J+YnJ~ zgJWb!Adh?aY8wp|2KG1OzEOBCH0E??gr)K>>qM?R#^3B3MWoC7 zj@$-5Dg*Bc`r$QNG0~t2nq6QxKK?`Gk<7nKkFeaV90H_BLqCtH2d}bqWpojbmVu;x zL8`#uDSzIFn9@jo2Ir8(IHaQxpVkViUZuRq@zAXE=UWHG>-U(G;UlU*f&6Is@19v2 z4(dzVQUdx8Vq;Z0aA5w)q_S$$0Y`a-t=tsWv6=G9qsh@Es916TTPkSOJJ#ics?iDI zzt}G>c|LB%vyHs&dB@2l{qO=B!H~l>bq)KV9jy8 zohftmd=1GUco62)T+tsO%k$9)IXKAiLXW#gZ?FbE)o3s0jr5{f<(9PS2=LN|rMpI7 zr`5wRady`rF^{K}Re4u*kbOU&--v5G@$^qRZS{(o{mC7U#LPPty*=(xa@oM^bNN#X zpPL?Op`X57NBoq6K#ckj^VdigR|}3Z;Q->}h$b2NuqaHK--X#pFY+MS9tlzt52${jJ34t3|K`2?KUT~B`vSoC zls&gn>mC{%rcaW1;uBw6i`oa*;1TK| zkL%(io@G80vMljpOP|?b5P{OX_nx#*q2)x4LjQ{yfqA>9Yy)W4%_*Hv?ZfsMLy@s! zSD#mxfA6bG_pcxIDR1PKLF2!kNr~0SS2@x6oLr?Bi(cnuJu`aWWoO%9d}#Mt$N-ub zJ&oiIl<{!F_PnBB0Yo%;d}2=7_4zl*^aK6!O1-KS1veI!u*~)jsVx-$&Yu#aJEOBiQmV)LWS$`;t+oIq=cH&qaTN2oOqo8zD@Pj^^D&Y&5!wx`9q z&_zwrJKS(*@JWQN`2)17o6Fvl2>MV(qL_Kfb~?)kK5&f$sl+atlF|$5ssE|~Io8mU zAyqCU#4oUF?oWO-8-=v=%wItL7N=A_Nnl1|)E&Bw80k*aGwxhh2e62e^XzUqIzRN( zHS6x#5T@!E=$vW#;Y=hmpk79EPR>3$ysEmZ-LqVD$RBX^g9>h;SQ}~?ZD!cTl-v45 zs@!=QpzAtpYQS_TzoSoSR)Wk7=Iupkom(r5pk>q)QL5NJ`8p(@X!t>9dg4=8(PwD4 zzz@FwyiZd<6uOkaz5x-OLU=~72ef7Ws}HGg=BvYGKM3F)X^~M>9+(?TJO%3tX3^f9 zvx<2)2{JFI2W7+mMA5FjAFy)V*F1xqFFEm7;T{O{SqzYOLMru{>a(EM4 zBlRx4LVD#K@?kJvGgP_JG1;^%0ASy$<^=`ek!;Z2RFS)Pmf~U5k>N^OxgB&5+``6c&Xhgm|w zceE&E;5cuK8JW+OL?%wzJT93i8GBlRn^8^2P|J<9JDQ)F1xbD{-h<44(^0FmZ7A^{ zmdT#pX;_ujpJj&}gcw80(-hZ$og~T-VNI`0sj@5DRhw=E!|byE`DA4uQ_*qX z79ldr;(e8e)U2!MH=(;08HL;W4tG)r%tY#LOPRWhAMX7_T|*8oezQXm!uK*RZM`bS zU%MmlkPGXw4vW5F81yr^=BK%U{m1&eyn+~Wkl_6uU)$}T%QEjdWrph|*SI_v-fkW- zpJN{efydd^Da8+?u%A-<4@RAylC2nm_XC#mEhn1G;0^yQTOqC&aIWkK+p)y}c_6gA zcj@eO)4Hd^Q|o%^Q;8BQ-YCuVEgs@;ms#KAm9TOF62;Lrpdd4#tax`u@K5H-30LAD zu`Ma>e{?$aKMt`!`gz0ANM;g`QSMr;MZ)5K;(`K>FdML2Jq0j}qZ)81=<=G%FO~IR zy3d)hlR`g}s_B_>tY?oeUWZJEI7XcHOBxtOJg;u8#BKq-`^*D4@rdUSx`_HiR*ULZ zwm|;o%bGAei*gK~ujg_0kFVrVqW5w0;}^`M;|JeeMaId$)E{e925yO_kgO^?Ubi`*nM(={6P%VLY{wvNZ6<6kI_va6nu5J;tlJzO{H z(Y?OH{6uKyXSS9>Q8u){Eh(<;OI|K2fZI*o+}K$MEw+iWHT=qSE?p-DG3b6hX63s6 zu1l_5m^VrEyM11?wArj_&(WTGIe6x#?Iv0tsPqB=UF*F3B0OVKw6fnK6~fM@0jt0A zFgEDN4W`h$-Z^gCQCbeK>=psv`=GSU60TMcfR6`5&1l4PcS2sSJ<16jGX~l?nJ}_O z!de3syE%V)6DYJdO(q8G)~{Tel?XMj@`a{JNi?h6am2iBJ9ia@!pLYyh++UV@Y~(R z?^_IFSaE_VL=>$iz+)0A9y+Yr&)mDs%_%>c@bwyg(vMmlOYf4qT@X^>ZE>p(r5MCVn&vS< z;SqHY0)qfWTQp7s0jNk8NWS-`I+qOe1EmfRR*qw{Fb&&7Eyp9yPm<13dgrsn;Zu=> z6=n;ap#^M`g*&@#B(a5#ELkTr>Gtgrd;)R89lagn&KxC4gg98LWh(g0jw{qGv_Ye} zx;}dIyDaUZ3h<+BJhlwac?c$ZKELMVmj{=mxr_L0cJgq=!Vih-a-W^}?QbXeFo8Rq zUy=mkzfMr!H??cQCWPCfuAuMkM)@NQ=~1Ke{;rGlsWLlW#L`B5 z6D;U5#)_k3@^>zx!+go~_Z7JM&JQoe9@q{Zgy_PYBwo`c(q+qjDNk`adKsxv21p#D$Sg?(*9+_Is`4f#x;+a3$c3vGE`8;_GXchEcb57YKIk zy=g0!plVhtnq|vYtfmjCe0cJfuLhIIZyu`)-TmGu^%Vz;h6(K$wk$#Y^yjiH>e~X) z+Wc|t;L4jXf9$TQt99)41dRwqhgoX-a_^Ahxvd5F;)Z8B-#MlOe-HvXpAR`%S0wD=dh~`1MesANmGk4u& z@<}LyfW9qHfEqM?qNz9@b@vQynOD>YCFCYY#CU}gWbE&XxS6y^vAWJeQ(_E)8V#eR zo3x*L+YpownHmf{b{|TJzQUUo?$45lo(lO`WHT=5&F5B`8CE?2h)qfSCXA*eG&he` zH@CI?B7(TiDD6c+buq@^Dnv8U-P%R{`wlKPkHVQIZ{6Yv1YFMIRQj@D{5lSk4_y8V zany#PlK)e*@ax2*<2^MLVi;P^y<+H(I)^9-8zCVi^xTmS^*M%sz;M}^wfhH( z!jK1j{zXSUx^E}Rz}^Mxx=~-YrFEt8l;6eUCib0c%YnP}A3DsRh=`!odnIkX=lT%J`7C%K% z2qX<8AA+(?HOZflSLN)x5UW_dSh1ASrj3mj=(aWaS)Hnb8-44EM)iL4?2p^!e529kO{-lP z9R9kB7Beq6Fo&$(MpIk%eIm^rq>Pn$qhz_Fm zIX$RivCfCpySFq;#!SIv3!W~O2+CiaqZ`8R=IxuHr9iB zDsf0Qw@uack^d=jB?%&?{oVQP4A5p!jRvF>!jQk9I$#}=Iv`!34Iyu2q%Q|Q1KPjt zuSaQad$M5!3T~@gGlu)!qeeXb5*p_gi$Mz(?;yvj-CDmk$1*gyMAh6O%~v%q?+?09 zK>xa!9n|}pfMuzcSZ}05%5+vY&T_JtVlDIB@ZpSx7{~TmwIw$m)knV!!%BfyAax5a z`-S$E(d|%$M<$WA0fMgZ&(wg-dyChX+77GYqBKhoNTsXk5WOB!YCJS%`-5rm-0+q` z+A{R3UA6M~@|f}$iQLhLFZZ@gGFzuV{IG3Sw~tm@ZJwsQu}e#1xZN16vc7&nESxHH zb)MEEQv1+x95Fik3EGK}>_tdjFd&6lC>vM=kun#`OedIYM8w2OfWKKKs((HIWga3K zOUMk-_kS`(3V*>wKaqz&0KmWJoWJcp{=d`(B*_7JuJhkrj{MUN}_Tp zyHd5~6o^)xEl-j!saH3Yeyuyh8>KdaBF2ZXrunKmB3-wUW93))Q;9YU(yIhcHYj{=z{Pf&wruNkhog{2--8brJ7Y>I|?>gG02bI#! z+$TKC(LxzECNCUX%o$?&rnsnb^+H=^*P`6=BJ{Ensg{71eev# z(W-jb2djM7l*8-k_FN9_v*CLHM#6Ik@KMTnn~k^lc-R^->EbdSZ-(yIdGRyC*uknN zxRG6jgs(OE`?ap?W%`L-HfALa0^9M8r?e?;R>H>S*4F39*Lt8$*`+Bl zlqV+=@4F^rvVUH38su7-k@G+5{5X;9VpfzO)-K#lKI`+Fn8;kxU$~^&HKkNHDYLB(lKOY=D zn|$#Vv<|o9T#pWWxQCZ$32{Qfrmw;s^bzNRsApEFoDP{kt;m>qTTURJDrq;BhY|)4nMxaur>J;6URlQf`7(4dg$$WHuNn#+{{)b`2DO4gP zWqipd` z>Y`Dhf5t2gs_6^$++yx$&vk_zrp=AHZ%MEadvafq3;cv80Ktq`&%2kCqJK)X;gz|0 z&-UVAq}7-GS*uzbhP*KLz`?PLxX_?+(WQLa$c|&Y1UZTdjD)}T7E0c-h^HcSu%6Oo ze9u2=@wgoeWkx?I3&YBVYS7wT6xkG5=HU=Efg)9J$J4QcA0pD8v+M5W_q?=~a}0ed zn9TH1B{q%3i$>1+;-P49aE>FfiLmA@0IjiubZImkd83OAT}cDXzkyt!n=rMnIohpL zhxuOLc2dHri^Td{@PU*GO@AWp0WneHER@?r`A+moC3D8V-ycs=A3`cW7ZQ#IaAKI@ z5CNJrJd(Vk;BaX(qA>+ggXqVweiaE4@&r*1C~zM77Qg8Ej8c!58D=Iq=z5L`U>N?zc6iB4tlQX3+yOON{=qkns(w5F7m7t9b-SK63_TzwLh%JT@^yH+JSPi~Ua*Ij#65~zC4f)Em0Nb6Ma@RZV?HzU3?iLCLV zP$1~J(q5b0Kz;b|9i^IXlfsxg%OITC-lFir8PAYu zV8|DA3 zTLQQ{fEP=tupeB^xw9Oi7vL)5-(N%7^{pzEO9leZ$42d%Y^j<#cTczLXp6@Y1Q_jA z(2O?oEalO+$qfdz2URoC3?rUMnL&MtNJUq0%y+M&xQc^NoC;!_dgG)c=w5|>8 zHGQ0;nN^L-%Wxsw5+J_EMl$7NVujP54cJE>+fpFMm_PE8*WVwSDL~d)Mm+QYDvbaC z<4mRXO(}jGs14_ya2k`Oyk0%4h_u3KLrQS$`OnQ?$_H{w@B#$*g~FO)*w}loC_=)U zY}}DYX~#X6YFWF@k|NxyUlR0JjDR$c|22)&kuSU_tIJvpPLkO4O$93J1p@)fbHu|pNKydZRvQxgfk!hB#fZ=Y6l5`-MX+p59NAG^_Xu0xJ5z! zPVnWX51LcXm-X4lSi7!dayqVXMbu$GQ=f$#sF9zly3w%P%mgDOvFsb%wzAknkzX8y zB(hTf)U>Er)%5~>)}s7vsIIik1qgRsLJp5Trc~!o){EWMq0Zrgh}hZ-jJDe` zCYLgLvm_H|$HID)5Z>g_8z$}M3e*?yQMVdCk+O)>eOw(01JeUr_mN5D4ULaY1*Mg9 zYC&Q(8E|VnDnbk6X4S=C-zrvI->!cm8E$Onp4ZefIZ`_u#TNKgpzxke0M$ocr_`}x z*Gp`;xze^NIC`sj2c};$A+&q%=6Im71DiBzgt?Y9B~d!W_C6fj%rUM!dTT};rgH3d&!t=v*eS8rCJ z_LeaL^1{gcgMc4SmiRj4T~9yAV1$kCv9)4j!5zM&Q}S;oz=ymfqgSN zd!2_|eK9(K`4l#EyuiXz9Z5iU;7kU6V7l6)ou~MO2dgeDjuZvhlJ+7wTVg|GEMMyE zt}A8#Ajn7TU53UVM~dxrM7B-7XQTQi#7B*GGqMJ5BVKKlrMG5Um5&#i)%73;xLrkG zUr$fPCZxg_F;SL_P$7#u_6s zSk!-Ww@pnP*dY%%PjvLW9Xa-Fdu16Xe3yQP_NOl~0=Xw%kv3M4`RO4F4AcB2*r<&> ze|S%l69nY%$O!3+fp09w;qtGhLC)34kLa$KzvYU^{!~}s!}7N zd$uHPz;srhQ5Vy}-j8R@H8ip=9}{skvwmEazUSQl3QjIAz34@c+Dco@*4| z=MM4Om@$3{F109n^@Sc%gFRrdX3dXy85YX?aUDzU#x*>?U7Kp!UwWZLyO|XYn9*R? zVz__7aMuT~hV@wqNvs6?67FlFX(OZFDe13CiT77RIL8VVpjha=F}1xBR9OD6LlP9AH#e*`<k1SBfOu3%GoL*d~QZfT|47hWby8-DXiZj)N6D(5P6B=zc$24pOJl>|73IguQP-HcrX1wyW9!ofzHT* W<&6f;O6e2iSjUN`{}@CV9E; z-raw6@>o_c5BV3LT@D$Pv<-Pr@_K^Y^Sx8G#>vSS>c>NOFBWKhKe3yWD{W(pw0kUi&WAgL zC}=wd09*u|Yu^t596A&xzh}3`kSDwKoj9>y0RVXM;$rgdt^NBy{|&o%=x_OZv~KPD z8ys>T0JwYiMCb0Uy&;gDgMdK@4^fa7LH@)&Y7y@Es6E{Yc!54UpuHPDXaaFhVmmhf zlYMskCwv}wttoWI-G+pH%K=|OmQ2-14hs&!B?2_vDTNk7C|^1{RM4Jkrm^TT`S zp@>?{nlX2Nh`ZHs@DfAus)&h85mr#iyxXNM%vww1BP3J-H$Tij_Ux-fbnUbI1|oB3 zrLx!uxNdnwKi~7rgJO$)S>SDpG-`SoM+WZJZaT+> zMae+?^Psxg$$YLB^d$bFrZ!iodRJ1(6GtZ_&~#EsKr?^l;m7>x*z54`gEo9XvckZGb$#I% zY$v6$-q26evg~L9vu`%6ZGj?eJP>kF2xifsCe4-;sk`_&GuR^g5lFY>r+9t3+2XV{ zb7bxzUnc($l4!ZLy&N-tdg!Y{(bk1tszLi8XDaE8b_$CiFvy$|bDoSlwT26Rhi}6Q zb(1AE^h`gK9syfv?2G{ z)$2=xGqNJR3Rf#`ba%(ebJ_W^KA*qx*A6F&RA1Yt=sx7b=RB2E`l$cbxf2sCwk3I! z4blMKQ98TIUf`DN6|c=pgjE>>Z8dPgSZR1w$uQv-*rxH7lGBe%@E|@-y*o_T(GXE&!6c_fo2J{z5_&CA|@ z(xT$!(z$Wn1tzTQ5zs>i(ErgmYV}|#Sz1*nfp?k!s>{EI>gcRmjKALXa9I~aO@SXM z(vf&&vsUI^7dUBll__wD-{`9F>^f@fGO}2+ul3lTM$wN-lTTkK)Uz}tW?f^FT)yZ) zHOOIpq(1lJ5pctYmZa;j3CM>W>%4Yq2DI6--?U4CXr({j=bAYmnf|RjhTLNeyoXK- zE^*0fz9+TDaRqPXD?0^3qCtJ1y*Uhmr%sq8mvf$)cD_YDI6^esLtT3opqfHIY6VL>fjd0Vqa8fam zur@#H1H19%qS9DVlV*ZoG})_bxVM2S(lqU(TPj0&zBGb3yOib*QKYSYq~7cL z(e>!y8l-aUx$U;^qH5}5owR48I*#ZdP?L$?ekQ8oT{hfW9&g&;c6(q*MbNi@_#c>0cxq=r zHNDo|1AKn3kw91nbZZWhNF7n0O~zdRny80jTsAM!yJbU-_!I6_*yMogc3UWF7{7~= z&8#OuLA)IuI4pqbN_jI1P=~s zTP3Od4|l`B2hYIslJ8Rt3nbfW%-B;ri(yTQ#9+R6Vej`%w7ve<%wGJ-oz>;lgdw=g z&KuJYC)W&%5u1H=aEWgE4BF$ekH#Atz@iH4^bH9#U*2-F*ahZesj%mTd`CY34&%}5%;jN z;}aK}<|{mCJ-k)V8@0jazwu6fVQCLuY4A&C?z3ubE8MQ)n~>R&TM^yoccEP@Hd1n| zFbMA;TJy(2ux+d@pwkIEF5TPWOk%&A8( zwmm>Ob9$SeZxAZPjAbv!pvv+ioZsrY;|@QmbFS;H-;A)3JJna$KU-IPVwU#zLPTxE zP+rr571^$f4(Dr3h|}PwSyq*NJ=djFcpE_SbWiTG!z}vk^oQLu|1+Wve#f|Tab#%q z^a)HSt?@S%${dTteb`DbQl3>>m>Z}MWjD4SA#P%@O5Vfa!7H5yu|cy+GFaKDdsxt{ zd$&rL@THpas^=^5pu(sW_SeMdbg||O?rqx(2=9k;ksWJe_zZTk?=}P75t~GAGfb>y zWKC_jm#0Bs6gHwcW1ISmff!Rx9TNeuaXmNNm>8eYvDot1Q5kF8FzLdm6Az!lPM%4a zftGwE?6h@^cl$x!Gos^)ZSy-h$KWh;Vl$&WXF+5N2W_~K0G=>%~fUuXDe4&=mndgtq^32Nv!E;fpn8JPk~G0+#kKmrDSAp zj7ym_2Vyp?%Hgk|^&RK*9rPukMdxB5wnZsaX^mr*#HJt&c#9IR_B>Xy|o0a10F&%Ew4_9=;R=t0)Po-kKDq}Ut zYUy)mc%HZMg=)pHnxua=|>W=-FpgxyHC|W5iO(! zl21_DD*c=79z2=QI71hED>UZLa?mNAtF;YW2%IgB zvPu<~aMQXqAk^~6bM`zb|Hfxe7)4EM zS!zz~Sxu~86Mj08rnVG8v9~!WqV|OC~G3kH}wgddQ@)~ zCuMZv?VZfNr{5iCg4vIg)nkC_{PYH^_!7~cb_<4g828t?!`5uRzQB?-jKe@09uYmN za%*j#H`LISx(zi``r+)-{cUW!fuTHbDLAUUfWo>kbRVeB5nd};PTb;CGgbvZ-N$!l z#=vMjTwVklen823bOFuU8NL3yEZ2U;&#kvJ@OjD$vpU$K8NSNGU*Jd$b}`l_w6AT8 zh4%&-&FsFO<>=Wb6BaF0pfhxAMa6t*uPZ7Jfhl{v5P-lNx6cK*Z|QP)jruKOTMw8i z{8x@H-2p9N$m53YwX5T^sUBM&QkCa}j5u?|W%`6@?@sMF9u#Y}?TJFBH*wJ0?uXXs zoy~ch03m_yQ;BVF_@^g(!R}^(kM-FvYabG$yr=ZaSx!vyO@*3+ z8Dc7fxd8=BM02I;A9GEtVs}c)tP)hDTLH1SlbPu=a^l&SPYbeb!BO7%hwu4jxqC>8 zg278uWsEr zkyLi)i|A4Bwul~t%9==N`--7n`xD$!RYMe(@iDx5kfQm~_kroOlICPusfe=t{GXlg zq3y^wd|8`~`e0LjEu*>x)q7o>^z1d|z%pQ9T(O+sg?TP+pkIZHH5Bsy{DW?d(-yGC zK*Tv0wx072R=$EOAnYyqoP2LT4*+K}FaI(-GX?}la%Mdq2lCtf;Zt!RU$$J_1T|eW z5g0VkxGa0q(y<=X{jp)r!btxkcj4?6e@zr(YMSM?j#rGGAE=?>->(LM(e28o7d})f z_ZF%5^oj(f6|)Y%ztkZLX}MzEbjjdXLZUiD{txyaObV^LZ=du7RPkX;Q{mIhHQeDZabVr&;3xC~aBg1w;*-n8I4AIlkw%G@wks6m^=(_?= zABrdVY+Suh5S~}Hc!Y12_b*RhqC(@Qp_M7Cbn#g8LMqJzoa%!TTUd0>sXOzCbj#{Z0&y>X- zyfGVCwE@Ec`-7`SWq5UnGs#UyVm%#scHbEB%|vONfIH}$ODsmIUvL|Od8w&u%+JTa z-)#d4g~S#A{c-Q(@Bvg}QQ34Hp=GLv$?q13SS2Kov)e>_3a?Sl z3Jz|@8@fas`*7{3E$(`$NmXq>=Cek>xi}{7F!EuGSlzGy>5i@)_{MMs;sF7Zd5KV^ z{{gs>7`)mccCy{HjcW%RkKaNXU1%?x?uKI@>FwA7d!#D%VLS2jqnB3iw-kn}Q|;Ic zIknc;^5_dp)ynsS*R*rln39Of1ZQ4-Tgmi{5v#^zr(B;CYfe%=$ol|zaq-eF?bBsT zk7=$}q`%&m`sa7JEvoZyYQP-tk#Ws^jKzr}17dG?9CIPTLi+~W>2w7=Kb(_w?z`z( zj(9Db`o(7GcIRWr2&_YM0Ns4tISFV_CA~y(e{B6I%x{{lUl`Ivd>Gd(eh&p>N>bP0 zVW<$SA>b~zjwhkAZ!kp6{)Wit7wNq4f2F#7cJ}^vNUr~a7wdasw*uX0{&%_|kn7!)%o>%)Xw)|Hr?#+QqEnU_hgBH%J90UMNNwsc6l&+zeAP&2+(M#gh zE>8z=)xDBjZd3D(LwOt9} zcVf`O?7*WT*20_GkkL)9jK%0;E2^gRjK8w;PMM0&eD)>y`IUCxZS%_Vky6<)`Q25& zVC6xsLu`|+rYs)L)Xc5K6y8u^VuR8mx96O93fXtqM0UVPu70C* zkvMhXMt>B46IXs=XYsR2ZHr}SxQ19?ROrUSGjpJuR)jTs`cY*Hg}j~y_oN;I00Lty z+Qwppa$|jro=Jx>UrnW8 zXd$0)?C_b`&H)OtLvd|Y7bPxh9ZzGygfqK`l=zoSdmudn6OaJ2S3tB@Jmfez;CNa8 zz82Ymw}^`VH7354G>5c)-^k4fCEh)sxJ7)%=#AO{=TB_s5=2v-*iyU$BESt>KC~Ks z=;;8fEjp-+3m@p*NukScg9z(CLkqU=Mf0f5wy;@+7OA~}7yc6+rX;z<*9wpuXt<%e zlF3>~S<{s+kZX~*4Dpfl&UVNVTxzSyc<Y4f|r>l<2{!LKWxr>{DHs znXdf=%i<-e?xwxbY3Mjz6TJ3Z)~WHzK9XBu&V(#GNcG7ZT?kbtdMqx+Jug0nuSZ!i zRwq}NB|WeYVA^FCTGMhd!DgOmMfLX4p{gkIGDIY8luatRiq;=+NMtZ4QjwR!K@R*Z zMXvnA%g-|MoY5RL>IetMYW8>CzA6PC+_y1S6m<|%5JS^V#586*hASs``gET!6V;sOYw~sh3M-`4e}l+)}&!knMN$M`yEC>bE%KnpXN%X-c-~ zzQvoo6BCa)Vb@khKWWg*`7z0o!bryuTQmXz``oYk~Id9jI7Nv=$*}yNPI^-yW}@!Cp)D4 zO!!Ij3F~w*)*vgx+9m9;hm^r$dHecG$zF{*$-X+6rrrpLhK(+btewo@I~-=d2XOaZ zp9jvmN9=E+6q!u_7#R`A>dvlxK9dm@H+9uPD?eHE>Pavt5DK9+DcXGiGfMj3Z4L+{ z{dn>Oe_G?#N;c4$87sTSdZsj}NtiaAjSK$TBp1K(Bf;Fragyq1!IOVA z9oGrs@^@;g5)6+iS4#vM>?ng2c5n}Mu5xM}reUdp9p?x|Ye+xHyPef~{* z`d=^MyBC(Gr?JkCoPi&|i?3-y`gsGEY1Dc|)&}!m>Xr_%(QtZo9-(+`Pa8T|rE2kWzCnRv5t;kASQ}QE7 zAhJqr;=Q}nRE3@{cu^^J<_eR{71i=D3sjfRl#1O>DLc4ieTrAnsC>?-Z&V6S?rpD- zP}t*kAFWb}qYs-?2vot}C2pm@I!l#7b^`k!iEB#s7Rh7`4FNT9-Il`%W@p|mmKD#C zimly;HHK|+&n7fo1pw$V4`10lE|A$QXVkgoH|Co2NhJNQ+|UUVJqY{u%sTLvTjkiV zB~-`pL<-KWN7%LZNtbP%trS55@@m!lu*#u?N}{JiqTE8z40KO+g}y?vDx=538Y63U zOt>9R#=V69?lTleHI=-Y;Y*?5mg26R>?W#Dd7=ZOc0bm0FudwGERTlI)6Y9O^IR-lr-%Eeyufa+Fww z9Jk+%Dp#-Yto=(%W}oj=n2mwp+nbdN^`lemk7CpPGrt{Iwel7(b~2lK3XNQ)tfli3zV>UIF=| ztFiwAnqlkDg*$kCS+KpXLSE8;kAsu#Xa#>NAllJeMR%vy^3av^6JXpWm*n9pn#VUYj&cDxJdLQ@P_xUyW2!)O=x+;ic%jd09F-Ohe#nW@foo z%fTBhN1vW0$1cqrquVZJVr6Le2)s>(5!E@BCzJrb}Ed-f{A#Q2SE%N{1a)w%)DA%W4 zuobSj;nXork&_NB@bRr*qx?RdT1_c^L*PfC?bCKP4^i2jN@#(9RUu0BMKL(~m`lZp0>tQp7E=AU0&9631gvagh^0&)51NJsF8e__*!8N_s zqnMm#wZ*5&WM0XOzxodj>>; z^@b<$pHmfXu7q;(j}|0gPG;-FQf{A}1*yz318Np#T|!XBdS6ufjVX#%Dr;TZPTxiRv!1STr*++DG5P+Bt;sc1T1i#}C>NOrA+iqz+pSzhi9*sns`L+fml*vhTZ8 z^U{0Wn6IjHUV#!eoc{L4)ET)_YL93*pod-U>LpSWfmB0t#pT+2 zU7*LODiroOeNz^Q#5awm-o7=qQ76ySVkkeoiApN~d%mq`gmSe;CrurPqrwV`JZ_++ zP!rG$c!euhJ?^mAdqyzDS?;^82S?x#)K@~n zqt{K|&vqvUpD9-1+{ryq(YQP3vLLKrDFx^o1#?jIa~N3$@@5oo-b{0=VY}zH#LX-u zQ)_{5F7>l2oh!UpQji`nd3?!MQQ%YiD|SZeg^&ZU#OLqVuWn6&8#yX7a!5}9UfeL2dNo0)OSeR zZM3Ln`)dr9)Rnj=1Ws~i^HRQbOL*mnF|b17OuN_}1d=lT@g(Y2U|Iv>X@L}r<%Cly z4@}$E&MCe+FL$T0F?DkhR#;Sa{{k!6>y~5sz`_b6E`K`rgJ@`pvxAjCrN_#Sk z=v4zSCFd>5El`w*emCmAE4jR%ypQsk`G@on-#S=k@af>Y)8kH#Hvu&2R_Z;Cw?1l+SVaI8$KLtUg8`HAm0t|3};* z>~{Qd&^NyDEpn8*L*#JdYUG!e+=F#X4l^*+#>V59rDDY)e7;mKCA|*C$;;;7-Z|5} zrvil3e?9IBxTAA>R|Hv^Lw3GX|J(l`1JIKnR>*Y>UM1COK3=(UJ05s_lFsgMIEM0{ZX1>tS`%_}ZnwYbJMcG2HS21avZyUbtN z`R2u5s2$&hU!)1YE0|cD=?i>|F82z`4SYTmRkkVZew<~&V`f1Hb-@xt{Zn8RjSoT0 z^sAV?lW}7(`JE5X|9RKjW1+L9)_LDv=V>10x}Sy>$=+}M<6Inx7Hm>Jf<$bLZcT^W zKiM8ueLdXW?Q- z3h?sa%%l2Q`VXv(_-xAA=wyb68^KOx*7p%RSZ^2lf1iEi7u0Y|acMH7w_qQ9^V4we zQGVbFThmsDv|;ak0N37e0-E6RBkpQnF^ZHJp>}iEIN`ztWyNuo9UU8%b5?9cWuoJ; zdj^gUc|SEC`#5EMCQZ2W{4AVlQLv(wIXPjwk_ zD|SAroe;hc(=#fHY6lDkWvC$|jrS{Danc?gD9>$qCj}8H`~_@tX|eGq*t8=j%Nnbj znkQQx2#+g*_MO5 Date: Thu, 7 May 2020 00:03:11 -0700 Subject: [PATCH 09/73] feedback loop 1.1 --- .../threat-protection/microsoft-defender-atp/review-alerts.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md index 7094a73309..cddb450dcc 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md @@ -41,7 +41,7 @@ Clicking on an alert's name in Microsoft Defender ATP will land you on its alert ![An alert page when you first land on it](images/alert-landing-view.png) -Note the detection status for your alert. Blocked, prevented or remediated would mean actions were already taken by Microsoft Defender ATP. +Note the detection status for your alert. Blocked, prevented or remediated means actions were already taken by Microsoft Defender ATP. Start by reviewing the *automated investigation details* in your alert's [details pane](#take-action-from-the-details-pane), to see which actions were already taken, as well as reading the alert's description for recommended actions. ![A snippet of the details pane with the alert description and automatic investigation sections highlighted](images/alert-air-and-alert-description.png) From 006798b25b7e2bda32dec29db6bc8117b198ef48 Mon Sep 17 00:00:00 2001 From: Dani Halfin Date: Sun, 10 May 2020 13:18:57 -0700 Subject: [PATCH 10/73] some formatting changes --- .../microsoft-defender-atp/review-alerts.md | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md index cddb450dcc..b466653ed7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md @@ -28,7 +28,7 @@ ms.date: 5/1/2020 The new alert page in Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) provides full context to the alert, by combining attack signals and alerts related to the selected alert, to construct a detailed alert story. -Quickly triage, investigate and take effective action on alerts that affect your organization. Understand why they were triggered, and their impact from one location. +Quickly triage, investigate, and take effective action on alerts that affect your organization. Understand why they were triggered, and their impact from one location. ## Getting started with an alert @@ -41,7 +41,7 @@ Clicking on an alert's name in Microsoft Defender ATP will land you on its alert ![An alert page when you first land on it](images/alert-landing-view.png) -Note the detection status for your alert. Blocked, prevented or remediated means actions were already taken by Microsoft Defender ATP. +Note the detection status for your alert. Blocked, prevented, or remediated means actions were already taken by Microsoft Defender ATP. Start by reviewing the *automated investigation details* in your alert's [details pane](#take-action-from-the-details-pane), to see which actions were already taken, as well as reading the alert's description for recommended actions. ![A snippet of the details pane with the alert description and automatic investigation sections highlighted](images/alert-air-and-alert-description.png) @@ -52,10 +52,10 @@ Other information available in the details pane when the alert opens includes MI Clicking on a device or a user card in the affected assets sections will switch to the details of the device or user in the details pane. -- **For devices** the details pane will display information about the device itself, like Domain, Operating System, and IP. Active alerts and the logged on users on that device are also available. You can take immediate action by isolating the device, restricting app execution or running an antivirus scan. Alternatively, you could collect an investigation package, initiate an automated investigation or go to the machine page to investigate from the device's point of view. +- **For devices** the details pane will display information about the device itself, like Domain, Operating System, and IP. Active alerts and the logged on users on that device are also available. You can take immediate action by isolating the device, restricting app execution, or running an antivirus scan. Alternatively, you could collect an investigation package, initiate an automated investigation, or go to the machine page to investigate from the device's point of view. - **For users** the details pane will display detailed user information, such as the user's SAM name and SID, as well as logon types performed by this user and any alerts and incidents related to it. You can click *Open user page* to continue the investigation from that user's point of view. -![A snippet of the details pane when a device is selected](images/alert-device-details.png) + ![A snippet of the details pane when a device is selected](images/alert-device-details.png) ## Investigate using the alert story @@ -77,14 +77,15 @@ Once you've selected an entity of interest, the details pane will change to disp Once you're done investigating, go back to the alert you started with, mark the alert's status as **Resolved** and classify it as either **False alert** or **True alert**. Classifying alerts helps tune this capability to provide more true alerts and less false alerts. If you classify it as a true alert, you can also select a determination, as shown in the image below. + ![A snippet of the details pane with a resolved alert and the determination drop-down expanded](images/alert-details-resolved-true.png) -If you are experiencing a false alert with a line-of-business application, create a supression rule to avoid this type of alert in the future +If you are experiencing a false alert with a line-of-business application, create a suppression rule to avoid this type of alert in the future. ![actions and classification in the details pane with the suppression rule highlighted](images/alert-false-suppression-rule.png) ->[!TIP] ->If you're experiencing any issues not described above, use the 🙂 button to provide feedback or open a support ticket. +> [!TIP] +> If you're experiencing any issues not described above, use the 🙂 button to provide feedback or open a support ticket. ## Transitioning to the new alert page From 520bd31a219bf2c918ce7deeeb6c81bd6ef93341 Mon Sep 17 00:00:00 2001 From: Todd Lyon <19413953+tmlyon@users.noreply.github.com> Date: Thu, 28 May 2020 13:34:26 -0700 Subject: [PATCH 11/73] Update manage-windows-mixed-reality.md Fixing the naming convention for Vibranium to be 2004 --- windows/application-management/manage-windows-mixed-reality.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/application-management/manage-windows-mixed-reality.md b/windows/application-management/manage-windows-mixed-reality.md index b82c42bf9a..ff4fbd3363 100644 --- a/windows/application-management/manage-windows-mixed-reality.md +++ b/windows/application-management/manage-windows-mixed-reality.md @@ -33,7 +33,7 @@ Organizations that use Windows Server Update Services (WSUS) must take action to 2. Windows Mixed Reality Feature on Demand (FOD) is downloaded from Windows Update. If access to Windows Update is blocked, you must manually install the Windows Mixed Reality FOD. - a. Download the FOD .cab file for [Windows 10, version 20H1](https://software-download.microsoft.com/download/pr/Microsoft-Windows-Holographic-Desktop-FOD-Package~31bf3856ad364e35~amd64~~.cab), [Windows 10, version 1903 and 1909](https://software-download.microsoft.com/download/pr/Microsoft-Windows-Holographic-Desktop-FOD-Package-31bf3856ad364e35-amd64.cab), [Windows 10, version 1809](https://software-download.microsoft.com/download/pr/microsoft-windows-holographic-desktop-fod-package31bf3856ad364e35amd64_1.cab), [Windows 10, version 1803](https://download.microsoft.com/download/9/9/3/9934B163-FA01-4108-A38A-851B4ACD1244/Microsoft-Windows-Holographic-Desktop-FOD-Package~31bf3856ad364e35~amd64~~.cab), or [Windows 10, version 1709](https://download.microsoft.com/download/6/F/8/6F816172-AC7D-4F45-B967-D573FB450CB7/Microsoft-Windows-Holographic-Desktop-FOD-Package.cab). + a. Download the FOD .cab file for [Windows 10, version 2004](https://software-download.microsoft.com/download/pr/Microsoft-Windows-Holographic-Desktop-FOD-Package~31bf3856ad364e35~amd64~~.cab), [Windows 10, version 1903 and 1909](https://software-download.microsoft.com/download/pr/Microsoft-Windows-Holographic-Desktop-FOD-Package-31bf3856ad364e35-amd64.cab), [Windows 10, version 1809](https://software-download.microsoft.com/download/pr/microsoft-windows-holographic-desktop-fod-package31bf3856ad364e35amd64_1.cab), [Windows 10, version 1803](https://download.microsoft.com/download/9/9/3/9934B163-FA01-4108-A38A-851B4ACD1244/Microsoft-Windows-Holographic-Desktop-FOD-Package~31bf3856ad364e35~amd64~~.cab), or [Windows 10, version 1709](https://download.microsoft.com/download/6/F/8/6F816172-AC7D-4F45-B967-D573FB450CB7/Microsoft-Windows-Holographic-Desktop-FOD-Package.cab). >[!NOTE] >You must download the FOD .cab file that matches your operating system version. From 27164b2faf243a6e1d50e506d12b437bfdbc7ce7 Mon Sep 17 00:00:00 2001 From: jaimeo Date: Tue, 9 Jun 2020 09:18:07 -0700 Subject: [PATCH 12/73] wired in two new topics to TOC --- windows/deployment/TOC.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 20ea156b13..663b28017e 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -12,7 +12,7 @@ - name: Windows update fundamentals href: update/waas-overview.md - name: Types of Windows updates - href: update/waas-quick-start.md#definitions + href: update/get-started-updates-channels-tools.md - name: Servicing the Windows 10 operating system href: update/waas-servicing-strategy-windows-10-updates.md @@ -62,8 +62,8 @@ - name: Prepare items: - - name: Prepare to deploy Windows 10 - href: deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md + - name: Prepare to deploy Windows 10 updates + href: update/prepare-deploy-windows.md - name: Evaluate and update infrastructure href: update/update-policies.md - name: Set up Delivery Optimization for Windows 10 updates From 7eff29f7496d02e9dec6713cbb90ab09bb645d5b Mon Sep 17 00:00:00 2001 From: jaimeo Date: Tue, 9 Jun 2020 10:58:25 -0700 Subject: [PATCH 13/73] slight adjustment --- windows/deployment/TOC.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 663b28017e..7195a47f76 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -11,7 +11,7 @@ href: update/waas-quick-start.md - name: Windows update fundamentals href: update/waas-overview.md - - name: Types of Windows updates + - name: Basics of Windows updates, channels, and tools href: update/get-started-updates-channels-tools.md - name: Servicing the Windows 10 operating system href: update/waas-servicing-strategy-windows-10-updates.md From d9444b26a1fe9672efd042e323d0315a02267a34 Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Tue, 9 Jun 2020 13:37:00 -0700 Subject: [PATCH 14/73] Added 20H1 DO policies --- ...ew-in-windows-mdm-enrollment-management.md | 13 +- .../policy-configuration-service-provider.md | 9 + .../mdm/policy-csp-deliveryoptimization.md | 262 +++++++++++++----- .../mdm/policy-csps-supported-by-iot-core.md | 3 + ...policy-csps-supported-by-iot-enterprise.md | 3 + 5 files changed, 218 insertions(+), 72 deletions(-) diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md index 58d58b3935..18e004f4d3 100644 --- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md +++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md @@ -105,14 +105,23 @@ For details about Microsoft mobile device management protocols for Windows 10 s Policy CSP -

Added the following new policies in Windows 10, version 2004:

+

Added and updated the following new policies in Windows 10, version 2004:

+ +

Deprecated the following policies in Windows 10, version 2004:

+ DevDetail CSP diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md index 3f32491bba..070dea30cc 100644 --- a/windows/client-management/mdm/policy-configuration-service-provider.md +++ b/windows/client-management/mdm/policy-configuration-service-provider.md @@ -1075,6 +1075,9 @@ The following diagram shows the Policy configuration service provider in tree fo
DeliveryOptimization/DOCacheHost
+
+ DeliveryOptimization/DOCacheHostSource +
DeliveryOptimization/DODelayBackgroundDownloadFromHttp
@@ -1095,6 +1098,9 @@ The following diagram shows the Policy configuration service provider in tree fo
DeliveryOptimization/DOGroupIdSource +
+
+ DeliveryOptimization/DOMaxBackgroundDownloadBandwidth
DeliveryOptimization/DOMaxCacheAge @@ -1105,6 +1111,9 @@ The following diagram shows the Policy configuration service provider in tree fo
DeliveryOptimization/DOMaxDownloadBandwidth
+
+ DeliveryOptimization/DOMaxForegroundDownloadBandwidth +
DeliveryOptimization/DOMaxUploadBandwidth
diff --git a/windows/client-management/mdm/policy-csp-deliveryoptimization.md b/windows/client-management/mdm/policy-csp-deliveryoptimization.md index 8a8184ba9a..f3b34ef7cd 100644 --- a/windows/client-management/mdm/policy-csp-deliveryoptimization.md +++ b/windows/client-management/mdm/policy-csp-deliveryoptimization.md @@ -7,7 +7,7 @@ ms.prod: w10 ms.technology: windows author: manikadhiman ms.localizationpriority: medium -ms.date: 09/27/2019 +ms.date: 06/09/2020 ms.reviewer: manager: dansimp --- @@ -31,6 +31,9 @@ manager: dansimp
DeliveryOptimization/DOCacheHost
+
+ DeliveryOptimization/DOCacheHostSource +
DeliveryOptimization/DODelayBackgroundDownloadFromHttp
@@ -52,6 +55,9 @@ manager: dansimp
DeliveryOptimization/DOGroupIdSource
+
+ DeliveryOptimization/DOMaxBackgroundDownloadBandwidth +
DeliveryOptimization/DOMaxCacheAge
@@ -61,6 +67,9 @@ manager: dansimp
DeliveryOptimization/DOMaxDownloadBandwidth
+
+ DeliveryOptimization/DOMaxForegroundDownloadBandwidth +
DeliveryOptimization/DOMaxUploadBandwidth
@@ -289,14 +298,16 @@ The following list shows the supported values: -[Reserved for future use] + +This policy allows you to configure one or more Microsoft Connected Cache servers to be used by Delivery Optimization. + +One or more values can be added as either fully qualified domain names (FQDN) or IP addresses. To add multiple values, separate each FQDN or IP address by commas. ADMX Info: -- GP English name: *[Reserved for future use] Cache Server Hostname* -- GP name: *CacheHost* -- GP element: *CacheHost* +- GP English name: *Cache Server Hostname* +- GP name: *Cache Server Hostname* - GP path: *Windows Components/Delivery Optimization* - GP ADMX file name: *DeliveryOptimization.admx* @@ -314,6 +325,83 @@ ADMX Info:
+ +**DeliveryOptimization/DOCacheHostSource** + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Windows EditionSupported?
Homecross mark
Procheck mark8
Businesscheck mark8
Enterprisecheck mark8
Educationcheck mark8
+ + +
+ + +[Scope](./policy-configuration-service-provider.md#policy-scope): + +> [!div class = "checklist"] +> * Device + +
+ + + + +This policy allows you to to configure one or more Delivery Optimization in Network Cache servers through a custom DHCP Option. One or more values can be added as either fully qualified domain names (FQDN) or IP addresses. To add multiple values, separate each FQDN or IP address by commas. + + + +ADMX Info: +- GP English name: *Cache Server Hostname* +- GP name: *Cache Server Hostname* +- GP path: *Windows Components/Delivery Optimization* +- GP ADMX file name: *DeliveryOptimization.admx* + + + +The following are the supported values: +- 1 = DHCP Option ID. +- 2 = DHCP Option ID Force. + +When DHCP Option ID (1) is set, the client will query DHCP Option ID 235 and use the returned FQDN or IP value as Cache Server Hostname value. This policy will be overridden when the Cache Server Hostname policy has been set. + +> [!Note] +> If the DHCP Option ID is formatted incorrectly, the client will fall back to the [Cache Server Hostname policy](#deliveryoptimization-docachehost) value if that value has been set. + + + + + + + + + + +
+ **DeliveryOptimization/DODelayBackgroundDownloadFromHttp** @@ -816,6 +904,67 @@ The following list shows the supported values:
+ +**DeliveryOptimization/DOMaxBackgroundDownloadBandwidth** + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Windows EditionSupported?
Homecross mark
Procheck mark8
Businesscheck mark8
Enterprisecheck mark8
Educationcheck mark8
+ + +
+ + +[Scope](./policy-configuration-service-provider.md#policy-scope): + +> [!div class = "checklist"] +> * Device + +
+ + + +This policy specifies the maximum background download bandwidth in KiloBytes/second that the device can use across all concurrent download activities using Delivery Optimization. + +The default value 0 (zero) means that Delivery Optimization dynamically adjusts to use the available bandwidth for downloads. + + + +ADMX Info: +- GP English name: *Maximum Background Download Bandwidth (in KB/s)* +- GP name: *Maximum Background Download Bandwidth (in KB/s)* +- GP path: *Windows Components/Delivery Optimization* +- GP ADMX file name: *DeliveryOptimization.admx* + + + + +
+ **DeliveryOptimization/DOMaxCacheAge** @@ -952,70 +1101,27 @@ ADMX Info: **DeliveryOptimization/DOMaxDownloadBandwidth** - - - - - - - - - - - - - - - - - - - - - - - - - -
Windows EditionSupported?
Homecross mark
Procheck mark1
Businesscheck mark1
Enterprisecheck mark1
Educationcheck mark1
+
-[Scope](./policy-configuration-service-provider.md#policy-scope): - -> [!div class = "checklist"] -> * Device -
-> [!NOTE] -> This policy is only enforced in Windows 10 Pro, Enterprise, and Education editions and not supported in Windows 10 Mobile. - - -Added in Windows 10, version 1607. Specifies the maximum download bandwidth in KiloBytes/second that the device can use across all concurrent download activities using Delivery Optimization. - -The default value 0 (zero) means that Delivery Optimization dynamically adjusts to use the available bandwidth for downloads. +This policy is deprecated. Use [DOMaxForegroundDownloadBandwidth](#deliveryoptimization-domaxforegrounddownloadbandwidth) and [DOMaxBackgroundDownloadBandwidth](#deliveryoptimization-domaxbackgrounddownloadbandwidth) policies instead. -ADMX Info: -- GP English name: *Maximum Download Bandwidth (in KB/s)* -- GP name: *MaxDownloadBandwidth* -- GP element: *MaxDownloadBandwidth* -- GP path: *Windows Components/Delivery Optimization* -- GP ADMX file name: *DeliveryOptimization.admx* -
-**DeliveryOptimization/DOMaxUploadBandwidth** +**DeliveryOptimization/DOMaxForegroundDownloadBandwidth** @@ -1029,19 +1135,19 @@ ADMX Info: - + - + - + - +
Procheck markcheck mark8
Businesscheck markcheck mark8
Enterprisecheck markcheck mark8
Educationcheck markcheck mark8
@@ -1058,20 +1164,15 @@ ADMX Info: -> [!NOTE] -> This policy is only enforced in Windows 10 Pro, Enterprise, and Education editions and not supported in Windows 10 Mobile. +This policy specifies the maximum foreground download bandwidth in KiloBytes/second that the device can use across all concurrent download activities using Delivery Optimization. - -Specifies the maximum upload bandwidth in KiloBytes/second that a device will use across all concurrent upload activity using Delivery Optimization. - -The default value is 0, which permits unlimited possible bandwidth (optimized for minimal usage of upload bandwidth). +The default value 0 (zero) means that Delivery Optimization dynamically adjusts to use the available bandwidth for downloads. ADMX Info: -- GP English name: *Max Upload Bandwidth (in KB/s)* -- GP name: *MaxUploadBandwidth* -- GP element: *MaxUploadBandwidth* +- GP English name: *Maximum Foreground Download Bandwidth (in KB/s)* +- GP name: *Maximum Foreground Download Bandwidth (in KB/s)* - GP path: *Windows Components/Delivery Optimization* - GP ADMX file name: *DeliveryOptimization.admx* @@ -1080,6 +1181,25 @@ ADMX Info:
+ +**DeliveryOptimization/DOMaxUploadBandwidth** + + + + + + + + +This policy is deprecated. + + + + + + +
+ **DeliveryOptimization/DOMinBackgroundQos** @@ -1901,12 +2021,14 @@ This policy allows an IT Admin to define the following: Footnotes: -- 1 - Added in Windows 10, version 1607. -- 2 - Added in Windows 10, version 1703. -- 3 - Added in Windows 10, version 1709. -- 4 - Added in Windows 10, version 1803. -- 5 - Added in Windows 10, version 1809. -- 6 - Added in Windows 10, version 1903. +- 1 - Available in Windows 10, version 1607. +- 2 - Available in Windows 10, version 1703. +- 3 - Available in Windows 10, version 1709. +- 4 - Available in Windows 10, version 1803. +- 5 - Available in Windows 10, version 1809. +- 6 - Available in Windows 10, version 1903. +- 7 - Available in Windows 10, version 1909. +- 8 - Available in Windows 10, version 2004. diff --git a/windows/client-management/mdm/policy-csps-supported-by-iot-core.md b/windows/client-management/mdm/policy-csps-supported-by-iot-core.md index c37cdb1b86..da5c51c493 100644 --- a/windows/client-management/mdm/policy-csps-supported-by-iot-core.md +++ b/windows/client-management/mdm/policy-csps-supported-by-iot-core.md @@ -31,6 +31,7 @@ ms.date: 09/16/2019 - [DeliveryOptimization/DOAbsoluteMaxCacheSize](policy-csp-deliveryoptimization.md#deliveryoptimization-doabsolutemaxcachesize) - [DeliveryOptimization/DOAllowVPNPeerCaching](policy-csp-deliveryoptimization.md#deliveryoptimization-doallowvpnpeercaching) - [DeliveryOptimization/DOCacheHost](policy-csp-deliveryoptimization.md#deliveryoptimization-docachehost) +- [DeliveryOptimization/DOCacheHostSource](policy-csp-deliveryoptimization.md#deliveryoptimization-docachehostsource) - [DeliveryOptimization/DODelayBackgroundDownloadFromHttp](policy-csp-deliveryoptimization.md#deliveryoptimization-dodelaybackgrounddownloadfromhttp) - [DeliveryOptimization/DODelayForegroundDownloadFromHttp](policy-csp-deliveryoptimization.md#deliveryoptimization-dodelayforegrounddownloadfromhttp) - [DeliveryOptimization/DODelayCacheServerFallbackBackground](policy-csp-deliveryoptimization.md#deliveryoptimization-dodelaycacheserverfallbackbackground) @@ -38,9 +39,11 @@ ms.date: 09/16/2019 - [DeliveryOptimization/DODownloadMode](policy-csp-deliveryoptimization.md#deliveryoptimization-dodownloadmode) - [DeliveryOptimization/DOGroupId](policy-csp-deliveryoptimization.md#deliveryoptimization-dogroupid) - [DeliveryOptimization/DOGroupIdSource](policy-csp-deliveryoptimization.md#deliveryoptimization-dogroupidsource) +- [DeliveryOptimization/DOMaxBackgroundDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxbackgrounddownloadbandwidth) - [DeliveryOptimization/DOMaxCacheAge](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxcacheage) - [DeliveryOptimization/DOMaxCacheSize](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxcachesize) - [DeliveryOptimization/DOMaxDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxdownloadbandwidth) +- [DeliveryOptimization/DOMaxForegroundDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxforegrounddownloadbandwidth) - [DeliveryOptimization/DOMaxUploadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxuploadbandwidth) - [DeliveryOptimization/DOMinBackgroundQos](policy-csp-deliveryoptimization.md#deliveryoptimization-dominbackgroundqos) - [DeliveryOptimization/DOMinBatteryPercentageAllowedToUpload](policy-csp-deliveryoptimization.md#deliveryoptimization-dominbatterypercentageallowedtoupload) diff --git a/windows/client-management/mdm/policy-csps-supported-by-iot-enterprise.md b/windows/client-management/mdm/policy-csps-supported-by-iot-enterprise.md index f0837806da..81f8617638 100644 --- a/windows/client-management/mdm/policy-csps-supported-by-iot-enterprise.md +++ b/windows/client-management/mdm/policy-csps-supported-by-iot-enterprise.md @@ -30,6 +30,7 @@ ms.date: 07/18/2019 - [DeliveryOptimization/DOAbsoluteMaxCacheSize](policy-csp-deliveryoptimization.md#deliveryoptimization-doabsolutemaxcachesize) - [DeliveryOptimization/DOAllowVPNPeerCaching](policy-csp-deliveryoptimization.md#deliveryoptimization-doallowvpnpeercaching) - [DeliveryOptimization/DOCacheHost](policy-csp-deliveryoptimization.md#deliveryoptimization-docachehost) +- [DeliveryOptimization/DOCacheHostSource](policy-csp-deliveryoptimization.md#deliveryoptimization-docachehostsource) - [DeliveryOptimization/DODelayBackgroundDownloadFromHttp](policy-csp-deliveryoptimization.md#deliveryoptimization-dodelaybackgrounddownloadfromhttp) - [DeliveryOptimization/DODelayForegroundDownloadFromHttp](policy-csp-deliveryoptimization.md#deliveryoptimization-dodelayforegrounddownloadfromhttp) - [DeliveryOptimization/DODelayCacheServerFallbackBackground](policy-csp-deliveryoptimization.md#deliveryoptimization-dodelaycacheserverfallbackbackground) @@ -37,9 +38,11 @@ ms.date: 07/18/2019 - [DeliveryOptimization/DODownloadMode](policy-csp-deliveryoptimization.md#deliveryoptimization-dodownloadmode) - [DeliveryOptimization/DOGroupId](policy-csp-deliveryoptimization.md#deliveryoptimization-dogroupid) - [DeliveryOptimization/DOGroupIdSource](policy-csp-deliveryoptimization.md#deliveryoptimization-dogroupidsource) +- [DeliveryOptimization/DOMaxBackgroundDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxbackgrounddownloadbandwidth) - [DeliveryOptimization/DOMaxCacheAge](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxcacheage) - [DeliveryOptimization/DOMaxCacheSize](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxcachesize) - [DeliveryOptimization/DOMaxDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxdownloadbandwidth) +- [DeliveryOptimization/DOMaxForegroundDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxforegrounddownloadbandwidth) - [DeliveryOptimization/DOMaxUploadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxuploadbandwidth) - [DeliveryOptimization/DOMinBackgroundQos](policy-csp-deliveryoptimization.md#deliveryoptimization-dominbackgroundqos) - [DeliveryOptimization/DOMinBatteryPercentageAllowedToUpload](policy-csp-deliveryoptimization.md#deliveryoptimization-dominbatterypercentageallowedtoupload) From 7631c95f05e2ebb84ba8fd3cce80474449b13164 Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Tue, 9 Jun 2020 14:00:45 -0700 Subject: [PATCH 15/73] Fixed build warnings --- .../mdm/new-in-windows-mdm-enrollment-management.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md index 18e004f4d3..877fabf20d 100644 --- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md +++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md @@ -109,10 +109,10 @@ For details about Microsoft mobile device management protocols for Windows 10 s DevDetail CSP From c8a91716b700ad75ef5ad673a61f8039d2053ac9 Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Tue, 9 Jun 2020 14:21:58 -0700 Subject: [PATCH 16/73] Added one more deprecated policy to the list --- .../mdm/new-in-windows-mdm-enrollment-management.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md index 877fabf20d..7ca5f2091f 100644 --- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md +++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md @@ -105,11 +105,10 @@ For details about Microsoft mobile device management protocols for Windows 10 s Policy CSP -

Added and updated the following new policies in Windows 10, version 2004:

+

Added the following new policies in Windows 10, version 2004:

+

Updated the following policies in Windows 10, version 2004:

+ +

Deprecated the following policies in Windows 10, version 2004:

+
  • DeliveryOptimization/DOPercentageMaxDownloadBandwidth
  • DevDetail CSP From 70d106e446abe327f82e74c1cf3340592f7fa770 Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Tue, 9 Jun 2020 14:45:04 -0700 Subject: [PATCH 17/73] Minor updates --- .../mdm/new-in-windows-mdm-enrollment-management.md | 2 +- .../mdm/policy-configuration-service-provider.md | 6 +++--- .../mdm/policy-csps-supported-by-iot-core.md | 6 +++--- .../mdm/policy-csps-supported-by-iot-enterprise.md | 6 +++--- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md index 7ca5f2091f..430601798d 100644 --- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md +++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md @@ -117,7 +117,7 @@ For details about Microsoft mobile device management protocols for Windows 10 s
  • TextInput/ConfigureSimplifiedChineseIMEVersion
  • TextInput/ConfigureTraditionalChineseIMEVersion
  • -

    Updated the following policies in Windows 10, version 2004:

    +

    Updated the following policy in Windows 10, version 2004:

    diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md index 070dea30cc..68382e2326 100644 --- a/windows/client-management/mdm/policy-configuration-service-provider.md +++ b/windows/client-management/mdm/policy-configuration-service-provider.md @@ -1112,10 +1112,10 @@ The following diagram shows the Policy configuration service provider in tree fo DeliveryOptimization/DOMaxDownloadBandwidth
    - DeliveryOptimization/DOMaxForegroundDownloadBandwidth + DeliveryOptimization/DOMaxForegroundDownloadBandwidth (deprecated)
    - DeliveryOptimization/DOMaxUploadBandwidth + DeliveryOptimization/DOMaxUploadBandwidth (deprecated)
    DeliveryOptimization/DOMinBackgroundQos @@ -1142,7 +1142,7 @@ The following diagram shows the Policy configuration service provider in tree fo DeliveryOptimization/DOPercentageMaxBackgroundBandwidth
    - DeliveryOptimization/DOPercentageMaxDownloadBandwidth + DeliveryOptimization/DOPercentageMaxDownloadBandwidth (deprecated)
    DeliveryOptimization/DOPercentageMaxForegroundBandwidth diff --git a/windows/client-management/mdm/policy-csps-supported-by-iot-core.md b/windows/client-management/mdm/policy-csps-supported-by-iot-core.md index da5c51c493..c43363b357 100644 --- a/windows/client-management/mdm/policy-csps-supported-by-iot-core.md +++ b/windows/client-management/mdm/policy-csps-supported-by-iot-core.md @@ -42,9 +42,9 @@ ms.date: 09/16/2019 - [DeliveryOptimization/DOMaxBackgroundDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxbackgrounddownloadbandwidth) - [DeliveryOptimization/DOMaxCacheAge](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxcacheage) - [DeliveryOptimization/DOMaxCacheSize](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxcachesize) -- [DeliveryOptimization/DOMaxDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxdownloadbandwidth) +- [DeliveryOptimization/DOMaxDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxdownloadbandwidth) (deprecated) - [DeliveryOptimization/DOMaxForegroundDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxforegrounddownloadbandwidth) -- [DeliveryOptimization/DOMaxUploadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxuploadbandwidth) +- [DeliveryOptimization/DOMaxUploadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxuploadbandwidth) (deprecated) - [DeliveryOptimization/DOMinBackgroundQos](policy-csp-deliveryoptimization.md#deliveryoptimization-dominbackgroundqos) - [DeliveryOptimization/DOMinBatteryPercentageAllowedToUpload](policy-csp-deliveryoptimization.md#deliveryoptimization-dominbatterypercentageallowedtoupload) - [DeliveryOptimization/DOMinDiskSizeAllowedToPeer](policy-csp-deliveryoptimization.md#deliveryoptimization-domindisksizeallowedtopeer) @@ -53,7 +53,7 @@ ms.date: 09/16/2019 - [DeliveryOptimization/DOModifyCacheDrive](policy-csp-deliveryoptimization.md#deliveryoptimization-domodifycachedrive) - [DeliveryOptimization/DOMonthlyUploadDataCap](policy-csp-deliveryoptimization.md#deliveryoptimization-domonthlyuploaddatacap) - [DeliveryOptimization/DOPercentageMaxBackgroundBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-dopercentagemaxbackgroundbandwidth) -- [DeliveryOptimization/DOPercentageMaxDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-dopercentagemaxdownloadbandwidth) +- [DeliveryOptimization/DOPercentageMaxDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-dopercentagemaxdownloadbandwidth) (deprecated) - [DeliveryOptimization/DOPercentageMaxForegroundBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-dopercentagemaxforegroundbandwidth) - [DeliveryOptimization/DORestrictPeerSelectionBy](policy-csp-deliveryoptimization.md#deliveryoptimization-dorestrictpeerselectionby) - [DeliveryOptimization/DOSetHoursToLimitBackgroundDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-dosethourstolimitbackgrounddownloadbandwidth) diff --git a/windows/client-management/mdm/policy-csps-supported-by-iot-enterprise.md b/windows/client-management/mdm/policy-csps-supported-by-iot-enterprise.md index 81f8617638..617be22113 100644 --- a/windows/client-management/mdm/policy-csps-supported-by-iot-enterprise.md +++ b/windows/client-management/mdm/policy-csps-supported-by-iot-enterprise.md @@ -41,9 +41,9 @@ ms.date: 07/18/2019 - [DeliveryOptimization/DOMaxBackgroundDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxbackgrounddownloadbandwidth) - [DeliveryOptimization/DOMaxCacheAge](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxcacheage) - [DeliveryOptimization/DOMaxCacheSize](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxcachesize) -- [DeliveryOptimization/DOMaxDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxdownloadbandwidth) +- [DeliveryOptimization/DOMaxDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxdownloadbandwidth) (deprecated) - [DeliveryOptimization/DOMaxForegroundDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxforegrounddownloadbandwidth) -- [DeliveryOptimization/DOMaxUploadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxuploadbandwidth) +- [DeliveryOptimization/DOMaxUploadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxuploadbandwidth) (deprecated) - [DeliveryOptimization/DOMinBackgroundQos](policy-csp-deliveryoptimization.md#deliveryoptimization-dominbackgroundqos) - [DeliveryOptimization/DOMinBatteryPercentageAllowedToUpload](policy-csp-deliveryoptimization.md#deliveryoptimization-dominbatterypercentageallowedtoupload) - [DeliveryOptimization/DOMinDiskSizeAllowedToPeer](policy-csp-deliveryoptimization.md#deliveryoptimization-domindisksizeallowedtopeer) @@ -52,7 +52,7 @@ ms.date: 07/18/2019 - [DeliveryOptimization/DOModifyCacheDrive](policy-csp-deliveryoptimization.md#deliveryoptimization-domodifycachedrive) - [DeliveryOptimization/DOMonthlyUploadDataCap](policy-csp-deliveryoptimization.md#deliveryoptimization-domonthlyuploaddatacap) - [DeliveryOptimization/DOPercentageMaxBackgroundBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-dopercentagemaxbackgroundbandwidth) -- [DeliveryOptimization/DOPercentageMaxDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-dopercentagemaxdownloadbandwidth) +- [DeliveryOptimization/DOPercentageMaxDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-dopercentagemaxdownloadbandwidth) (deprecated) - [DeliveryOptimization/DOPercentageMaxForegroundBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-dopercentagemaxforegroundbandwidth) - [DeliveryOptimization/DORestrictPeerSelectionBy](policy-csp-deliveryoptimization.md#deliveryoptimization-dorestrictpeerselectionby) - [DeliveryOptimization/DOSetHoursToLimitBackgroundDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-dosethourstolimitbackgrounddownloadbandwidth) From 4f7f130dc9f5990e137f8f0bf6d1ac6d0bb3adea Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Tue, 9 Jun 2020 14:45:24 -0700 Subject: [PATCH 18/73] Update policy-configuration-service-provider.md Minor update --- .../mdm/policy-configuration-service-provider.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md index 68382e2326..bd877c1e04 100644 --- a/windows/client-management/mdm/policy-configuration-service-provider.md +++ b/windows/client-management/mdm/policy-configuration-service-provider.md @@ -1109,10 +1109,10 @@ The following diagram shows the Policy configuration service provider in tree fo DeliveryOptimization/DOMaxCacheSize
    - DeliveryOptimization/DOMaxDownloadBandwidth + DeliveryOptimization/DOMaxDownloadBandwidth (deprecated)
    - DeliveryOptimization/DOMaxForegroundDownloadBandwidth (deprecated) + DeliveryOptimization/DOMaxForegroundDownloadBandwidth
    DeliveryOptimization/DOMaxUploadBandwidth (deprecated) From 9f0c908264cb7a584afdce8150495256589944e8 Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Tue, 9 Jun 2020 17:05:17 -0700 Subject: [PATCH 19/73] Added tech comments --- .../mdm/policy-csp-deliveryoptimization.md | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/windows/client-management/mdm/policy-csp-deliveryoptimization.md b/windows/client-management/mdm/policy-csp-deliveryoptimization.md index f3b34ef7cd..bbba8094f4 100644 --- a/windows/client-management/mdm/policy-csp-deliveryoptimization.md +++ b/windows/client-management/mdm/policy-csp-deliveryoptimization.md @@ -307,7 +307,8 @@ One or more values can be added as either fully qualified domain names (FQDN) or ADMX Info: - GP English name: *Cache Server Hostname* -- GP name: *Cache Server Hostname* +- GP name: *CacheHost* +- GP element: *CacheHost* - GP path: *Windows Components/Delivery Optimization* - GP ADMX file name: *DeliveryOptimization.admx* @@ -375,8 +376,9 @@ This policy allows you to to configure one or more Delivery Optimization in Netw ADMX Info: -- GP English name: *Cache Server Hostname* -- GP name: *Cache Server Hostname* +- GP English name: *Cache Server Hostname Source* +- GP name: *CacheHostSource* +- GP element: *CacheHostSource* - GP path: *Windows Components/Delivery Optimization* - GP ADMX file name: *DeliveryOptimization.admx* @@ -956,7 +958,8 @@ The default value 0 (zero) means that Delivery Optimization dynamically adjusts ADMX Info: - GP English name: *Maximum Background Download Bandwidth (in KB/s)* -- GP name: *Maximum Background Download Bandwidth (in KB/s)* +- GP name: *MaxBackgroundDownloadBandwidth* +- GP element: *MaxBackgroundDownloadBandwidth* - GP path: *Windows Components/Delivery Optimization* - GP ADMX file name: *DeliveryOptimization.admx* @@ -1172,7 +1175,8 @@ The default value 0 (zero) means that Delivery Optimization dynamically adjusts ADMX Info: - GP English name: *Maximum Foreground Download Bandwidth (in KB/s)* -- GP name: *Maximum Foreground Download Bandwidth (in KB/s)* +- GP name: *DOMaxForegroundDownloadBandwidth* +- GP element: *MaxForegroundDownloadBandwidth* - GP path: *Windows Components/Delivery Optimization* - GP ADMX file name: *DeliveryOptimization.admx* @@ -1191,7 +1195,7 @@ ADMX Info: -This policy is deprecated. +This policy is deprecated because it only applies to uploads to Internet peers (only allowed when DownloadMode is set to 3) which is not used in commercial deployments. There is no alternate policy to use. From a8cb570d7ee4863db1d9c64f15ecd34076a45b88 Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Tue, 9 Jun 2020 17:32:05 -0700 Subject: [PATCH 20/73] minor update --- .../client-management/mdm/policy-csp-deliveryoptimization.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/policy-csp-deliveryoptimization.md b/windows/client-management/mdm/policy-csp-deliveryoptimization.md index bbba8094f4..141762f884 100644 --- a/windows/client-management/mdm/policy-csp-deliveryoptimization.md +++ b/windows/client-management/mdm/policy-csp-deliveryoptimization.md @@ -1175,7 +1175,7 @@ The default value 0 (zero) means that Delivery Optimization dynamically adjusts ADMX Info: - GP English name: *Maximum Foreground Download Bandwidth (in KB/s)* -- GP name: *DOMaxForegroundDownloadBandwidth* +- GP name: *MaxForegroundDownloadBandwidth* - GP element: *MaxForegroundDownloadBandwidth* - GP path: *Windows Components/Delivery Optimization* - GP ADMX file name: *DeliveryOptimization.admx* From 425ec93914fea13c653102d885f4329d68f4eff6 Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Wed, 10 Jun 2020 12:33:35 -0700 Subject: [PATCH 21/73] More updates --- .../mdm/policy-csp-deliveryoptimization.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/windows/client-management/mdm/policy-csp-deliveryoptimization.md b/windows/client-management/mdm/policy-csp-deliveryoptimization.md index 141762f884..902ef8e8be 100644 --- a/windows/client-management/mdm/policy-csp-deliveryoptimization.md +++ b/windows/client-management/mdm/policy-csp-deliveryoptimization.md @@ -388,10 +388,12 @@ The following are the supported values: - 1 = DHCP Option ID. - 2 = DHCP Option ID Force. -When DHCP Option ID (1) is set, the client will query DHCP Option ID 235 and use the returned FQDN or IP value as Cache Server Hostname value. This policy will be overridden when the Cache Server Hostname policy has been set. +When DHCP Option ID (1) is set, the client will query DHCP Option ID 235 and use the returned FQDN or IP value as Cache Server Hostname value. This policy will be overridden when the [Cache Server Hostname](#deliveryoptimization-docachehost) policy has been set. + +When DHCP Option ID Force (2) is set, the client will query DHCP Option ID 235 and use the returned FQDN or IP value as Cache Server Hostname value, and will override the Cache Server Hostname policy if it has been set. > [!Note] -> If the DHCP Option ID is formatted incorrectly, the client will fall back to the [Cache Server Hostname policy](#deliveryoptimization-docachehost) value if that value has been set. +> If the DHCP Option ID is formatted incorrectly, the client will fall back to the [Cache Server Hostname](#deliveryoptimization-docachehost) policy value if that value has been set. From 2e762b0ff506a8b542732e3475ed7ee3383ef684 Mon Sep 17 00:00:00 2001 From: 1justingilmore Date: Wed, 10 Jun 2020 17:43:07 -0600 Subject: [PATCH 22/73] Copy edits for 401116 Light copy edits. --- ...ix-a-powershell-scripts-for-surface-hub.md | 34 +---- mdop/appv-v5/app-v-50-prerequisites.md | 143 ++++++------------ ...n-the-mbam-international-release-mbam-1.md | 5 +- .../mbam-20-privacy-statement-mbam-2.md | 27 +--- ...ficate-authentication-device-enrollment.md | 13 +- ...erated-authentication-device-enrollment.md | 48 ++---- .../mdm/mobile-device-enrollment.md | 24 +-- ...remise-authentication-device-enrollment.md | 10 +- ...soft-defender-security-center-antivirus.md | 38 +++-- 9 files changed, 108 insertions(+), 234 deletions(-) diff --git a/devices/surface-hub/appendix-a-powershell-scripts-for-surface-hub.md b/devices/surface-hub/appendix-a-powershell-scripts-for-surface-hub.md index f74f2297fa..9295d1d8ac 100644 --- a/devices/surface-hub/appendix-a-powershell-scripts-for-surface-hub.md +++ b/devices/surface-hub/appendix-a-powershell-scripts-for-surface-hub.md @@ -16,7 +16,6 @@ ms.localizationpriority: medium # PowerShell for Surface Hub - PowerShell scripts to help set up and manage your Microsoft Surface Hub. - [PowerShell scripts for Surface Hub admins](#scripts-for-admins) @@ -30,7 +29,6 @@ PowerShell scripts to help set up and manage your Microsoft Surface Hub. - [Auto-accepting and declining meeting requests](#auto-accept-meetings-cmdlet) - [Accepting external meeting requests](#accept-ext-meetings-cmdlet) - ## Prerequisites To successfully execute these PowerShell scripts, you will need to install the following prerequisites: @@ -41,7 +39,6 @@ To successfully execute these PowerShell scripts, you will need to install the f ## PowerShell scripts for Surface Hub administrators - What do the scripts do? - Create device accounts for setups using pure single-forest on-premises (Microsoft Exchange and Skype 2013 and later only) or online (Microsoft Office 365), that are configured correctly for your Surface Hub. @@ -56,11 +53,8 @@ What do you need in order to run the scripts? >[!NOTE] >Whether you’re creating a new account or modifying an already-existing account, the validation script will verify that your device account is configured correctly. You should always run the validation script before adding a device account to Surface Hub. -  - ## Running the scripts - The account creation scripts will: - Ask for administrator credentials @@ -178,11 +172,8 @@ These are the attributes that are set by the scripts: -  - ## Account creation scripts - These scripts will create a device account for you. You can use the [Account verification script](#acct-verification-ps-scripts) to make sure they ran correctly. The account creation scripts cannot modify an already existing account, but can be used to help you understand which cmdlets need to be run to configure the existing account correctly. @@ -257,7 +248,6 @@ if (!$credNewAccount -Or [System.String]::IsNullOrEmpty($strDisplayName) -Or [Sy exit 1 } - ## Sign in to remote powershell for exchange and lync online ## $credExchange = $null @@ -307,7 +297,8 @@ Import-PSSession $sessExchange -AllowClobber -WarningAction SilentlyContinue Import-PSSession $sessLync -AllowClobber -WarningAction SilentlyContinue ## Create the Exchange mailbox ## -# Note: These exchange commandlets do not always throw their errors as exceptions +>[!Note] +>These exchange commandlets do not always throw their errors as exceptions # Because Get-Mailbox will throw an error if the mailbox is not found $Error.Clear() @@ -324,7 +315,6 @@ $status["Mailbox Setup"] = "Successfully created a mailbox for the new account" $strEmail = $mailbox.WindowsEmailAddress PrintSuccess "The following mailbox has been created for this room: $strEmail" - ## Create or retrieve a policy that will be applied to surface hub devices ## # The policy disables requiring a device password so that the SurfaceHub does not need to be lockable to use Active Sync $strPolicy = Read-Host 'Please enter the name for a new Surface Hub ActiveSync policy that will be created and applied to this account. @@ -674,7 +664,8 @@ Import-PSSession $sessExchange -AllowClobber -WarningAction SilentlyContinue Import-PSSession $sessCS -AllowClobber -WarningAction SilentlyContinue ## Create the Exchange mailbox ## -# Note: These exchange commandlets do not always throw their errors as exceptions +>[!Note] +>These exchange commandlets do not always throw their errors as exceptions # Because Get-Mailbox will throw an error if the mailbox is not found $Error.Clear() @@ -994,7 +985,6 @@ else ## Account verification script - This script will validate the previously-created device account on a Surface Hub, no matter which method was used to create it. This script is basically pass/fail. If one of the test errors out, it will show a detailed error message, but if all tests pass, the end result will be a summary report. For example, you might see: ``` syntax @@ -1446,7 +1436,6 @@ Cleanup ## Enable Skype for Business - This script will enable Skype for Business on a device account. Use it only if Skype for Business wasn't previously enabled during account creation. ```PowerShell @@ -1607,7 +1596,6 @@ Cleanup ## Useful cmdlets - ### Creating a Surface Hub-compatible ActiveSync policy For Surface Hub to use Exchange services, a device account configured with a compatible ActiveSync policy must be provisioned on the device. This policy has the following requirements: @@ -1674,19 +1662,9 @@ Set-CalendarProcessing $strRoomUpn -AutomateProcessing AutoAccept For a device account to accept external meeting requests (a meeting request from an account not in the same tenant/domain), the device account must be set to allow processing of external meeting requests. Once set, the device account will automatically accept or decline meeting requests from external accounts as well as local accounts. ->**Note**  If the **AutomateProcessing** attribute is not set to **AutoAccept**, then setting this will have no effect. - -  +>[!Note] +>If the **AutomateProcessing** attribute is not set to **AutoAccept**, then setting this will have no effect. ```PowerShell Set-CalendarProcessing $strRoomUpn -ProcessExternalMeetingMessages $true ``` - -  - -  - - - - - diff --git a/mdop/appv-v5/app-v-50-prerequisites.md b/mdop/appv-v5/app-v-50-prerequisites.md index e90a62583c..ace08aceef 100644 --- a/mdop/appv-v5/app-v-50-prerequisites.md +++ b/mdop/appv-v5/app-v-50-prerequisites.md @@ -16,11 +16,10 @@ ms.date: 08/30/2016 # App-V 5.0 Prerequisites - Before you begin the Microsoft Application Virtualization (App-V) 5.0 Setup, you should make sure that you have met the prerequisites to install the product. This topic contains information to help you successfully plan for preparing your computing environment before you deploy the App-V 5.0 features. -**Important** -**The prerequisites in this article apply only to App-V 5.0**. For additional prerequisites that apply to App-V 5.0 Service Packs, see the following web pages: +>[!Important] +>**The prerequisites in this article apply only to App-V 5.0**. For additional prerequisites that apply to App-V 5.0 Service Packs, see the following web pages: - [What's new in App-V 5.0 SP1](whats-new-in-app-v-50-sp1.md) @@ -28,8 +27,6 @@ Before you begin the Microsoft Application Virtualization (App-V) 5.0 Setup, you - [App-V 5.0 SP3 Prerequisites](app-v-50-sp3-prerequisites.md) - - The following table lists prerequisite information that pertains to specific operating systems. @@ -69,15 +66,10 @@ The following table lists prerequisite information that pertains to specific ope
    - - ## Installation prerequisites for App-V 5.0 - -**Note** -The following prerequisites are already installed for computers that run Windows 8. - - +>[!Note] +>The following prerequisites are already installed for computers that run Windows 8. Each of the App-V 5.0 features have specific prerequisites that must be met before the App-V 5.0 features can be successfully installed. @@ -100,8 +92,8 @@ The following table lists the installation prerequisites for the App-V 5.0 clien

    Software requirements

    - - ### Prerequisites for the App-V 5.0 Remote Desktop Services client -**Note** -The following prerequisites are already installed for computers that run Windows Server 2012. - - +>[!Note] +>The following prerequisites are already installed for computers that run Windows Server 2012. The following table lists the installation prerequisites for the App-V 5.0 Remote Desktop Services client: @@ -158,8 +146,8 @@ The following table lists the installation prerequisites for the App-V 5.0 Remot

    Software requirements

    - - ### Prerequisites for the App-V 5.0 Sequencer -**Note** -The following prerequisites are already installed for computers that run Windows 8 and Windows Server 2012. - - +>[!Note] +>The following prerequisites are already installed for computers that run Windows 8 and Windows Server 2012. The following table lists the installation prerequisites for the App-V 5.0 Sequencer. If possible, the computer that runs the Sequencer should have the same hardware and software configurations as the computers that will run the virtual applications. -**Note** -If the system requirements of a locally installed application exceed the requirements of the Sequencer, you must meet the requirements of that application. Additionally, because the sequencing process is system resource-intensive, we recommend that the computer that runs the Sequencer has plenty of memory, a fast processor, and a fast hard drive. For more information see [App-V 5.0 Supported Configurations](app-v-50-supported-configurations.md). - - +>[!Note] +>If the system requirements of a locally installed application exceed the requirements of the Sequencer, you must meet the requirements of that application. Additionally, because the sequencing process is system resource-intensive, we recommend that the computer that runs the Sequencer has plenty of memory, a fast processor, and a fast hard drive. For more information see [App-V 5.0 Supported Configurations](app-v-50-supported-configurations.md). @@ -221,16 +203,16 @@ If the system requirements of a locally installed application exceed the require

    Software requirements

    - - ### Prerequisites for the App-V 5.0 server -**Note** -The following prerequisites are already installed for computers that run Windows Server 2012: +>[!Note] +>The following prerequisites are already installed for computers that run Windows Server 2012: - Microsoft .NET Framework 4.5. This eliminates the Microsoft .NET Framework 4 requirement. @@ -256,26 +236,18 @@ The following prerequisites are already installed for computers that run Windows - Download and install [KB2533623](https://support.microsoft.com/kb/2533623) (https://support.microsoft.com/kb/2533623) - **Important** - You can still download install the previous KB. However, it may have been replaced with a more recent version. - - - - + >[!Important] + >You can still download install the previous KB. However, it may have been replaced with a more recent version. The following table lists the installation prerequisites for the App-V 5.0 server. The account that you use to install the server components must have administrative rights on the computer that you are installing on. This account must also have the ability to query Active Directory Directory Services. Before you install and configure the App-V 5.0 servers, you must specify a port where each component will be hosted. You must also add the associated firewall rules to allow incoming requests to the specified ports. -**Note** -Web Distributed Authoring and Versioning (WebDAV) is automatically disabled for the Management Service. - - +>[!Note] +>Web Distributed Authoring and Versioning (WebDAV) is automatically disabled for the Management Service. The App-V 5.0 server is supported for a standalone deployment, where all the components are deployed on the same server, and a distributed deployment. Depending on the topology that you use to deploy the App-V 5.0 server, the data that you will need for each component will slightly change. -**Important** -The installation of the App-V 5.0 server on a computer that runs any previous version or component of App-V is not supported. Additionally, the installation of the server components on a computer that runs Server Core or a Domain Controller is also not supported. - - +>[!Important] +>The installation of the App-V 5.0 server on a computer that runs any previous version or component of App-V is not supported. Additionally, the installation of the server components on a computer that runs Server Core or a Domain Controller is also not supported. @@ -292,8 +264,8 @@ The installation of the App-V 5.0 server on a computer that runs any previous ve

    Management Server

    The App-V 5.0 server components are dependent but they have varying requirements and installation options that must be deployed. Use the following information to prepare your environment to run the App-V 5.0 management server.

    @@ -339,8 +311,8 @@ The installation of the App-V 5.0 server on a computer that runs any previous ve

    The App-V 5.0 server components are dependent but they have varying requirements and installation options that must be deployed. Use the following information to prepare your environment to run the App-V 5.0 management database.

      @@ -349,14 +321,14 @@ The installation of the App-V 5.0 server on a computer that runs any previous ve
    • Custom App-V 5.0 database name (if applicable) – you must specify a unique database name. The default value for the management database is AppVManagement.

    • App-V 5.0 management server location – specifies the machine account on which the management server is deployed. This should be specified in the following format Domain\MachineAccount.

    • App-V 5.0 management server installation administrator - specifies the account that will be used to install the App-V 5.0 management server. You should use the following format: Domain\AdministratorLoginName.

    • -
    • Microsoft SQL Server Service Agent - configure the computer running the App-V 5.0 Management Database so that Microsoft SQL Server Agent service is restarted automatically. For more information see Configure SQL Server Agent to Restart Services Automatically (https://go.microsoft.com/fwlink/?LinkId=273725).

    • +
    • Microsoft SQL Server Service Agent - configure the computer running the App-V 5.0 Management Database so that Microsoft SQL Server Agent service is restarted automatically. For more information see Configure SQL Server Agent to Restart Services Automatically

    Reporting Server

    Publishing Server

    @@ -412,25 +384,8 @@ The installation of the App-V 5.0 server on a computer that runs any previous ve
    - - - - - - - ## Related topics - [Planning to Deploy App-V](planning-to-deploy-app-v.md) [App-V 5.0 Supported Configurations](app-v-50-supported-configurations.md) - - - - - - - - - diff --git a/mdop/mbam-v1/known-issues-in-the-mbam-international-release-mbam-1.md b/mdop/mbam-v1/known-issues-in-the-mbam-international-release-mbam-1.md index d365a7ce2c..19ad1f3d57 100644 --- a/mdop/mbam-v1/known-issues-in-the-mbam-international-release-mbam-1.md +++ b/mdop/mbam-v1/known-issues-in-the-mbam-international-release-mbam-1.md @@ -16,12 +16,10 @@ ms.date: 08/30/2016 # Known Issues in the MBAM International Release - This section contains known issues for Microsoft BitLocker Administration and Monitoring (MBAM) International Release. ## Known Issues in the MBAM International Release - ### The Installation Process Does Not Specify Update Upon updating the Microsoft BitLocker Administration and Monitoring server or servers, the Setup program does not state that an update is being installed. @@ -36,13 +34,12 @@ If you are using a certificate for authentication between MBAM servers, after up ### MBAM Svclog File Filling Disk Space -If you have followed Knowledge Base article 2668170, [https://support.microsoft.com/kb/2668170](https://go.microsoft.com/fwlink/?LinkID=247277), you might have to repeat the KB steps after you install this update. +If you have followed [Knowledge Base article 2668170](https://go.microsoft.com/fwlink/?LinkID=247277), you might have to repeat the KB steps after you install this update. **Workaround**: None. ## Related topics - [Deploying the MBAM 1.0 Language Release Update](deploying-the-mbam-10-language-release-update.md)   diff --git a/mdop/mbam-v2/mbam-20-privacy-statement-mbam-2.md b/mdop/mbam-v2/mbam-20-privacy-statement-mbam-2.md index 1d8f677dab..d2e12fb643 100644 --- a/mdop/mbam-v2/mbam-20-privacy-statement-mbam-2.md +++ b/mdop/mbam-v2/mbam-20-privacy-statement-mbam-2.md @@ -16,10 +16,8 @@ ms.date: 08/30/2016 # MBAM 2.0 Privacy Statement - ## Microsoft BitLocker Administration and Monitoring (MBAM) v2 Privacy Statement - Microsoft is committed to protecting your privacy, while delivering software that brings you the performance, power, and convenience you desire in your personal computing. This privacy statement explains many of the data collection and use practices of Microsoft BitLocker Administration and Monitoring v2 (MBAM). This is a preliminary disclosure that focuses on features that communicate with the Internet and is not intended to be an exhaustive list. Microsoft BitLocker Administration and Monitoring (MBAM) enhances BitLocker by simplifying deployment and key recovery, centralizing provisioning, monitoring and reporting of encryption status for fixed and removable drives, and minimizing support costs. This release provides support for Windows 8 as well as improvements on Configuration Manager Integration and key recovery functionality. @@ -86,13 +84,12 @@ Microsoft Error Reporting is not turned on or off by MBAM. MBAM will utilize wha "HKLM\\Software\\Wow6432Node\\Microsoft\\Microsoft Standalone System Sweeper Tool" (for the 64-bit version) -**Warning** - -Incorrectly editing the registry may severely damage your system. Before making changes to the registry, you should back up any valued data on the PC. You can also use the Last Known Good Configuration startup option if you encounter problems after manual changes have been applied. +>[!Warning] +>Incorrectly editing the registry may severely damage your system. Before making changes to the registry, you should back up any valued data on the PC. You can also use the Last Known Good Configuration startup option if you encounter problems after manual changes have been applied. Important Information: Enterprise customers can use Group Policy to configure how Microsoft Error Reporting behaves on their PCs. Configuration options include the ability to turn off Microsoft Error Reporting. If you are an administrator and wish to configure Group Policy for Microsoft Error Reporting, technical details are available on [TechNet](https://technet.microsoft.com/library/cc709644.aspx). -Additional information on how to modify enable and disable error reporting is available at this support article: [(https://support.microsoft.com/kb/188296)](https://support.microsoft.com/kb/188296). +Additional information on how to modify enable and disable error reporting is available at this support article: [How to disable or enable Dr. Watson for Windows](https://support.microsoft.com/kb/188296). ### Microsoft Update @@ -102,15 +99,15 @@ Microsoft Update is a service that provides Windows updates as well as updates f **Information Collected, Processed, or Transmitted:** -For details about what information is collected and how it is used, see the Update Services Privacy Statement at . +For details about what information is collected and how it is used, see the [Update Services Privacy Statement](https://go.microsoft.com/fwlink/?LinkId=244400). **Use of Information:** -For details about what information is collected and how it is used, see the Update Services Privacy Statement at . +For details about what information is collected and how it is used, see the [Update Services Privacy Statement](https://go.microsoft.com/fwlink/?LinkId=244400). **Choice/Control:** -For details about controlling this feature, see the Update Services Privacy Statement at . +For details about controlling this feature, see the [Update Services Privacy Statement](https://go.microsoft.com/fwlink/?LinkId=244000). ### Customer Experience Improvement Program @@ -120,7 +117,7 @@ The Customer Experience Improvement Program (“CEIP”) collects basic informat **Information Collected, Processed, or Transmitted:** -For more information about the information collected, processed, or transmitted by CEIP, see the CEIP privacy statement at . +For more information about the information collected, processed, or transmitted by CEIP, see the [CEIP privacy statement](https://go.microsoft.com/fwlink/?LinkID=52097). **Use of Information:** @@ -132,14 +129,4 @@ CEIP is off by default. You're offered the opportunity to participate in CEIP du ## Related topics - [Security and Privacy for MBAM 2.0](security-and-privacy-for-mbam-20-mbam-2.md) - -  - -  - - - - - diff --git a/windows/client-management/mdm/certificate-authentication-device-enrollment.md b/windows/client-management/mdm/certificate-authentication-device-enrollment.md index dd72081354..1441d87c96 100644 --- a/windows/client-management/mdm/certificate-authentication-device-enrollment.md +++ b/windows/client-management/mdm/certificate-authentication-device-enrollment.md @@ -14,15 +14,13 @@ ms.date: 06/26/2017 # Certificate authentication device enrollment - This section provides an example of the mobile device enrollment protocol using certificate authentication policy. For details about the Microsoft mobile device enrollment protocol for Windows 10, see [\[MS-MDE2\]: Mobile Device Enrollment Protocol Version 2]( https://go.microsoft.com/fwlink/p/?LinkId=619347). -> **Note**  To set up devices to use certificate authentication for enrollment, you should create a provisioning package. For more information about provisioning packages, see [Build and apply a provisioning package](https://msdn.microsoft.com/library/windows/hardware/dn916107). - +>[!Note] +>To set up devices to use certificate authentication for enrollment, you should create a provisioning package. For more information about provisioning packages, see [Build and apply a provisioning package](https://msdn.microsoft.com/library/windows/hardware/dn916107). ## In this topic - - [Discovery service](#discovery-service) - [Enrollment policy web service](#enrollment-policy-web-service) - [Enrollment web service](#enrollment-web-service) @@ -507,10 +505,3 @@ The following example shows the encoded provisioning XML. protocol. This configuration service provider is being deprecated for Windows 10. --> ``` - -  - - - - - diff --git a/windows/client-management/mdm/federated-authentication-device-enrollment.md b/windows/client-management/mdm/federated-authentication-device-enrollment.md index e8ad3c9cd8..8af297cb56 100644 --- a/windows/client-management/mdm/federated-authentication-device-enrollment.md +++ b/windows/client-management/mdm/federated-authentication-device-enrollment.md @@ -14,7 +14,6 @@ ms.date: 07/28/2017 # Federated authentication device enrollment - This section provides an example of the mobile device enrollment protocol using federated authentication policy. When the authentication policy is set to Federated, the web authentication broker is leveraged by the enrollment client to get a security token. The enrollment client calls the web authentication broker API within the response message to start the process. The server should build the web authentication broker pages to fit the device screen and should be consistent with the existing enrollment UI. The opaque security token that is returned from the broker as an end page is used by the enrollment client as the device security secret during the client certificate request call. The <AuthenticationServiceURL> element the discovery response message specifies web authentication broker page start URL. @@ -23,7 +22,6 @@ For details about the Microsoft mobile device enrollment protocol for Windows 1 ## In this topic - [Discovery service](#discovery-service) [Enrollment policy web service](#enrollment-policy-web-service) [Enrollment web service](#enrollment-web-service) @@ -32,12 +30,10 @@ For the list of enrollment scenarios not supported in Windows 10, see [Enrollme ## Discovery service - The discovery web service provides the configuration information necessary for a user to enroll a phone with a management service. The service is a restful web service over HTTPS (server authentication only). -> **Note**  The administrator of the discovery service must create a host with the address enterpriseenrollment.*domain\_name*.com. - - +>[!Note] +>The administrator of the discovery service must create a host with the address enterpriseenrollment.*domain\_name*.com. The automatic discovery flow of the device uses the domain name of the email address that was submitted to the Workplace settings screen during sign in. The automatic discovery system constructs a URI that uses this hostname by appending the subdomain “enterpriseenrollment” to the domain of the email address, and by appending the path “/EnrollmentServer/Discovery.svc”. For example, if the email address is “sample@contoso.com”, the resulting URI for first Get request would be: http://enterpriseenrollment.contoso.com/EnrollmentServer/Discovery.svc @@ -131,24 +127,21 @@ The discovery response is in the XML format and includes the following fields: - Authentication policy (AuthPolicy) – Indicates what type of authentication is required. For the MDM server, OnPremise is the supported value, which means that the user will be authenticated when calling the management service URL. This field is mandatory. - In Windows, Federated is added as another supported value. This allows the server to leverage the Web Authentication Broker to perform customized user authentication, and term of usage acceptance. -> **Note**  The HTTP server response must not set Transfer-Encoding to Chunked; it must be sent as one message. - - +>[!Note]   +>The HTTP server response must not set Transfer-Encoding to Chunked; it must be sent as one message. When authentication policy is set to be Federated, Web Authentication Broker (WAB) will be leveraged by the enrollment client to get a security token. The WAB start page URL is provided by the discovery service in the response message. The enrollment client will call the WAB API within the response message to start the WAB process. WAB pages are server hosted web pages. The server should build those pages to fit the device screen nicely and be as consistent as possible to other builds in the MDM enrollment UI. The opaque security token that is returned from WAB as an endpage will be used by the enrollment client as the device security secret during the client certificate enrollment request call. -> **Note**  Instead of relying on the user agent string that is passed during authentication to get information, such as the OS version, use the following guidance: +>[!Note] +>Instead of relying on the user agent string that is passed during authentication to get information, such as the OS version, use the following guidance: > - Parse the OS version from the data sent up during the discovery request. > - Append the OS version as a parameter in the AuthenticationServiceURL. > - Parse out the OS version from the AuthenticiationServiceURL when the OS sends the response for authentication. - - A new XML tag, AuthenticationServiceUrl, is introduced in the DiscoveryResponse XML to allow the server to specify the WAB page start URL. For Federated authentication, this XML tag must exist. -> **Note**  The enrollment client is agnostic with regards to the protocol flows for authenticating and returning the security token. While the server might prompt for user credentials directly or enter into a federation protocol with another server and directory service, the enrollment client is agnostic to all of this. To remain agnostic, all protocol flows pertaining to authentication that involve the enrollment client are passive, that is, browser-implemented. - - +>[!Note] +>The enrollment client is agnostic with regards to the protocol flows for authenticating and returning the security token. While the server might prompt for user credentials directly or enter into a federation protocol with another server and directory service, the enrollment client is agnostic to all of this. To remain agnostic, all protocol flows pertaining to authentication that involve the enrollment client are passive, that is, browser-implemented. The following are the explicit requirements for the server. @@ -237,7 +230,6 @@ The following example shows a response received from the discovery web service w ## Enrollment policy web service - Policy service is optional. By default, if no policies are specified, the minimum key length is 2k and the hash algorithm is SHA-1. This web service implements the X.509 Certificate Enrollment Policy Protocol (MS-XCEP) specification that allows customizing certificate enrollment to match different security needs of enterprises at different times (cryptographic agility). The service processes the GetPolicies message from the client, authenticates the client, and returns matching enrollment policies in the GetPoliciesResponse message. @@ -302,9 +294,8 @@ After the user is authenticated, the web service retrieves the certificate templ MS-XCEP supports very flexible enrollment policies using various Complex Types and Attributes. For Windows device, we will first support the minimalKeyLength, the hashAlgorithmOIDReference policies, and the CryptoProviders. The hashAlgorithmOIDReference has related OID and OIDReferenceID and policySchema in the GetPolicesResponse. The policySchema refers to the certificate template version. Version 3 of MS-XCEP supports hashing algorithms. -> **Note**  The HTTP server response must not set Transfer-Encoding to Chunked; it must be sent as one message. - - +>[!Note]   +>The HTTP server response must not set Transfer-Encoding to Chunked; it must be sent as one message. The following snippet shows the policy web service response. @@ -387,7 +378,6 @@ The following snippet shows the policy web service response. ## Enrollment web service - This web service implements the MS-WSTEP protocol. It processes the RequestSecurityToken (RST) message from the client, authenticates the client, requests the certificate from the CA, and returns it in the RequestSecurityTokenResponse (RSTR) to the client. Besides the issued certificate, the response also contains configurations needed to provision the DM client. The RequestSecurityToken (RST) must have the user credential and a certificate request. The user credential in an RST SOAP envelope is the same as in GetPolicies, and can vary depending on whether the authentication policy is OnPremise or Federated. The BinarySecurityToken in an RST SOAP body contains a Base64-encoded PKCS\#10 certificate request, which is generated by the client based on the enrollment policy. The client could have requested an enrollment policy by using MS-XCEP before requesting a certificate using MS-WSTEP. If the PKCS\#10 certificate request is accepted by the certification authority (CA) (the key length, hashing algorithm, and so on match the certificate template), the client can enroll successfully. @@ -396,9 +386,8 @@ Note that the RequestSecurityToken will use a custom TokenType (http: **Note**  The policy service and the enrollment service must be on the same server; that is, they must have the same host name. - - +>[!Note] +>The policy service and the enrollment service must be on the same server; that is, they must have the same host name. The following example shows the enrollment web service request for federated authentication. @@ -487,9 +476,8 @@ The following example shows the enrollment web service request for federated aut After validating the request, the web service looks up the assigned certificate template for the client, update it if needed, sends the PKCS\#10 requests to the CA, processes the response from the CA, constructs an OMA Client Provisioning XML format, and returns it in the RequestSecurityTokenResponse (RSTR). -> **Note**  The HTTP server response must not set Transfer-Encoding to Chunked; it must be sent as one message. - - +>[!Note] +>The HTTP server response must not set Transfer-Encoding to Chunked; it must be sent as one message. Similar to the TokenType in the RST, the RSTR will use a custom ValueType in the BinarySecurityToken (http://schemas.microsoft.com/ConfigurationManager/Enrollment/DeviceEnrollmentProvisionDoc), because the token is more than an X.509 v3 certificate. @@ -640,11 +628,3 @@ The following code shows sample provisioning XML (presented in the preceding pac - The **PrivateKeyContainer** characteristic is required and must be present in the Enrollment provisioning XML by the enrollment. Other important settings are the **PROVIDER-ID**, **NAME**, and **ADDR** parameter elements, which need to contain the unique ID and NAME of your DM provider and the address where the device can connect for configuration provisioning. The ID and NAME can be arbitrary values, but they must be unique. - Also important is SSLCLIENTCERTSEARCHCRITERIA, which is used for selecting the certificate to be used for client authentication. The search is based on the subject attribute of the signed user certificate. - CertificateStore/WSTEP enables certificate renewal. If the server does not support it, do not set it. - - - - - - - - diff --git a/windows/client-management/mdm/mobile-device-enrollment.md b/windows/client-management/mdm/mobile-device-enrollment.md index 1d91d3ec3b..1b6590f392 100644 --- a/windows/client-management/mdm/mobile-device-enrollment.md +++ b/windows/client-management/mdm/mobile-device-enrollment.md @@ -14,7 +14,6 @@ ms.date: 08/11/2017 # Mobile device enrollment - Mobile device enrollment is the first phase of enterprise management. The device is configured to communicate with the MDM server using security precautions during the enrollment process. The enrollment service verifies that only authenticated and authorized devices can be managed by their enterprise. The enrollment process includes the following steps: @@ -33,21 +32,20 @@ The enrollment process includes the following steps: ## Enrollment protocol - There are a number of changes made to the enrollment protocol to better support a variety of scenarios across all platforms. For detailed information about the mobile device enrollment protocol, see [\[MS-MDM\]: Mobile Device Management Protocol](https://go.microsoft.com/fwlink/p/?LinkId=619346) and [\[MS-MDE2\]: Mobile Device Enrollment Protocol Version 2]( https://go.microsoft.com/fwlink/p/?LinkId=619347). The enrollment process involves the following steps: -**Discovery request** +### Discovery request The discovery request is a simple HTTP post call that returns XML over HTTP. The returned XML includes the authentication URL, the management service URL, and the user credential type. -**Certificate enrollment policy** +### Certificate enrollment policy The certificate enrollment policy configuration is an implementation of the MS-XCEP protocol, which is described in \[MS-XCEP\]: X.509 Certificate Enrollment Policy Protocol Specification. Section 4 of the specification provides an example of the policy request and response. The X.509 Certificate Enrollment Policy Protocol is a minimal messaging protocol that includes a single client request message (GetPolicies) with a matching server response message (GetPoliciesResponse). For more information, see [\[MS-XCEP\]: X.509 Certificate Enrollment Policy Protocol](https://go.microsoft.com/fwlink/p/?LinkId=619345) -**Certificate enrollment** +### Certificate enrollment The certificate enrollment is an implementation of the MS-WSTEP protocol. -**Management configuration** +### Management configuration The server sends provisioning XML that contains a server certificate (for SSL server authentication), a client certificate issued by enterprise CA, DM client bootstrap information (for the client to communicate with the management server), an enterprise application token (for the user to install enterprise applications), and the link to download the Company Hub application. The following topics describe the end-to-end enrollment process using various authentication methods: @@ -56,19 +54,18 @@ The following topics describe the end-to-end enrollment process using various au - [Certificate authentication device enrollment](certificate-authentication-device-enrollment.md) - [On-premise authentication device enrollment](on-premise-authentication-device-enrollment.md) -> **Note**  As a best practice, do not use hardcoded server-side checks on values such as: +>[!Note]   +>As a best practice, do not use hardcoded server-side checks on values such as: > - User agent string > - Any fixed URIs that are passed during enrollment > - Specific formatting of any value unless otherwise noted, such as the format of the device ID. - ## Enrollment support for domain-joined devices -  + Devices that are joined to an on-premises Active Directory can enroll into MDM via the Work access page in **Settings**. However, the enrollment can only target the user enrolled with user-specific policies. Device targeted policies will continue to impact all users of the device. ## Disable MDM enrollments - Starting in Windows 10, version 1607, IT admin can disable MDM enrollments for domain-joined PCs using Group Policy. Using the GP editor, the path is **Computer configuration** > **Administrative Templates** > **Windows Components** > **MDM** > **Disable MDM Enrollment**. ![Disable MDM enrollment policy in GP Editor](images/mdm-enrollment-disable-policy.png) @@ -89,7 +86,6 @@ The following scenarios do not allow MDM enrollments: ## Enrollment migration - **Desktop:** After the MDM client upgrade from Windows 8.1 to Windows 10, enrollment migration starts at the first client-initiated sync with the MDM service. The enrollment migration start time depends on the MDM server configuration. For example, for Intune it runs every 6 hours. Until the enrollment migration is completed, the user interface will show no enrollment and server push will not work. @@ -100,7 +96,6 @@ To manually trigger enrollment migration, you can run MDMMaintenenceTask. ## Enrollment error messages - The enrollment server can decline enrollment messages using the SOAP Fault format. Errors created can be sent as follows: ```xml @@ -196,8 +191,6 @@ The enrollment server can decline enrollment messages using the SOAP Fault forma -  - In Windows 10, version 1507, we added the deviceenrollmentserviceerror element. Here is an example: ```xml @@ -291,13 +284,10 @@ In Windows 10, version 1507, we added the deviceenrollmentserviceerror element. -  - TraceID is a freeform text node which is logged. It should identify the server side state for this enrollment attempt. This information may be used by support to look up why the server declined the enrollment. ## Related topics - - [MDM enrollment of Windows-based devices](mdm-enrollment-of-windows-devices.md) - [Federated authentication device enrollment](federated-authentication-device-enrollment.md) - [Certificate authentication device enrollment](certificate-authentication-device-enrollment.md) diff --git a/windows/client-management/mdm/on-premise-authentication-device-enrollment.md b/windows/client-management/mdm/on-premise-authentication-device-enrollment.md index 22c3ac4fbe..8b8510e448 100644 --- a/windows/client-management/mdm/on-premise-authentication-device-enrollment.md +++ b/windows/client-management/mdm/on-premise-authentication-device-enrollment.md @@ -30,7 +30,7 @@ For the list of enrollment scenarios not supported in Windows 10, see [Enrollme The discovery web service provides the configuration information necessary for a user to enroll a device with a management service. The service is a restful web service over HTTPS (server authentication only). -> [!NOTE] +>[!NOTE] >The administrator of the discovery service must create a host with the address enterpriseenrollment.*domain\_name*.com. The device’s automatic discovery flow uses the domain name of the email address that was submitted to the Workplace settings screen during sign in. The automatic discovery system constructs a URI that uses this hostname by appending the subdomain “enterpriseenrollment” to the domain of the email address, and by appending the path “/EnrollmentServer/Discovery.svc”. For example, if the email address is “sample@contoso.com”, the resulting URI for first Get request would be: http://enterpriseenrollment.contoso.com/EnrollmentServer/Discovery.svc @@ -78,7 +78,7 @@ The following logic is applied: - If the device is not redirected, it prompts the user for the server address. - If the device is redirected, it prompts the user to allow the redirect. -The following example shows a request via an HTTP POST command to the discovery web service given user@contoso.com as the email address +The following example shows a request via an HTTP POST command to the discovery web service given user@contoso.com as the email address: ``` https://EnterpriseEnrollment.Contoso.com/EnrollmentServer/Discovery.svc @@ -129,7 +129,7 @@ The discovery response is in the XML format and includes the following fields: - Authentication policy (AuthPolicy) – Indicates what type of authentication is required. For the MDM server, OnPremise is the supported value, which means that the user will be authenticated when calling the management service URL. This field is mandatory. - Federated is added as another supported value. This allows the server to leverage the Web Authentication Broker to perform customized user authentication, and term of usage acceptance. -> [!NOTE] +>[!NOTE] >The HTTP server response must not be chunked; it must be sent as one message. The following example shows a response received from the discovery web service for OnPremise authentication: @@ -214,7 +214,7 @@ After the user is authenticated, the web service retrieves the certificate templ MS-XCEP supports very flexible enrollment policies using various Complex Types and Attributes. We will first support the minimalKeyLength, the hashAlgorithmOIDReference policies, and the CryptoProviders. The hashAlgorithmOIDReference has related OID and OIDReferenceID and policySchema in the GetPolicesResponse. The policySchema refers to the certificate template version. Version 3 of MS-XCEP supports hashing algorithms. -> [!NOTE] +>[!NOTE] >The HTTP server response must not be chunked; it must be sent as one message. The following snippet shows the policy web service response. @@ -306,7 +306,7 @@ The RequestSecurityToken will use a custom TokenType (http://schema The RST may also specify a number of AdditionalContext items, such as DeviceType and Version. Based on these values, for example, the web service can return device-specific and version-specific DM configuration. -> [!NOTE] +>[!NOTE] >The policy service and the enrollment service must be on the same server; that is, they must have the same host name. The following example shows the enrollment web service request for OnPremise authentication. diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-security-center-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-security-center-antivirus.md index c2d53844a7..4d8b9d2e78 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-security-center-antivirus.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-security-center-antivirus.md @@ -26,11 +26,13 @@ In Windows 10, version 1703 and later, the Windows Defender app is part of the W Settings that were previously part of the Windows Defender client and main Windows Settings have been combined and moved to the new app, which is installed by default as part of Windows 10, version 1703. -> [!IMPORTANT] -> Disabling the Windows Security Center service will not disable Microsoft Defender AV or [Windows Defender Firewall](https://docs.microsoft.com/windows/access-protection/windows-firewall/windows-firewall-with-advanced-security). These are disabled automatically when a third-party antivirus or firewall product is installed and kept up to date.
    If you do disable the Windows Security Center service, or configure its associated Group Policy settings to prevent it from starting or running, the Windows Security app may display stale or inaccurate information about any antivirus or firewall products you have installed on the device. ->It may also prevent Microsoft Defender AV from enabling itself if you have an old or outdated third-party antivirus, or if you uninstall any third-party antivirus products you may have previously installed. ->This will significantly lower the protection of your device and could lead to malware infection. +>[!IMPORTANT] +>Disabling the Windows Security Center service will not disable Microsoft Defender AV or [Windows Defender Firewall](https://docs.microsoft.com/windows/access-protection/windows-firewall/windows-firewall-with-advanced-security). These are disabled automatically when a third-party antivirus or firewall product is installed and kept up to date. +>If you do disable the Windows Security Center service, or configure its associated Group Policy settings to prevent it from starting or running, the Windows Security app may display stale or inaccurate information about any antivirus or firewall products you have installed on the device. +>It may also prevent Microsoft Defender AV from enabling itself if you have an old or outdated third-party antivirus, or if you uninstall any third-party antivirus products you may have previously installed. + +>This will significantly lower the protection of your device and could lead to malware infection. See the [Windows Security article](/windows/threat-protection/windows-defender-security-center/windows-defender-security-center) for more information on other Windows security features that can be monitored in the app. @@ -46,7 +48,7 @@ The Windows Security app is a client interface on Windows 10, version 1703 and l ## Comparison of settings and functions of the old app and the new app -All of the previous functions and settings from the Windows Defender app (in versions of Windows 10 before version 1703) are now found in the new Windows Security app. Settings that were previously located in Windows Settings under **Update & security** > **Windows Defender** are also now in the new app. +All of the previous functions and settings from the Windows Defender app (in versions of Windows 10 before version 1703) are now found in the new Windows Security app. Settings that were previously located in Windows Settings under **Update & security** > **Windows Defender** are also now in the new app. The following diagrams compare the location of settings and functions between the old and new apps: @@ -66,8 +68,8 @@ Item | Windows 10, before version 1703 | Windows 10, version 1703 and later | De This section describes how to perform some of the most common tasks when reviewing or interacting with the threat protection provided by Microsoft Defender Antivirus in the Windows Security app. -> [!NOTE] -> If these settings are configured and deployed using Group Policy, the settings described in this section will be greyed-out and unavailable for use on individual endpoints. Changes made through a Group Policy Object must first be deployed to individual endpoints before the setting will be updated in Windows Settings. The [Configure end-user interaction with Microsoft Defender Antivirus](configure-end-user-interaction-microsoft-defender-antivirus.md) topic describes how local policy override settings can be configured. +>[!NOTE] +>If these settings are configured and deployed using Group Policy, the settings described in this section will be greyed-out and unavailable for use on individual endpoints. Changes made through a Group Policy Object must first be deployed to individual endpoints before the setting will be updated in Windows Settings. The [Configure end-user interaction with Microsoft Defender Antivirus](configure-end-user-interaction-microsoft-defender-antivirus.md) topic describes how local policy override settings can be configured. @@ -95,7 +97,6 @@ This section describes how to perform some of the most common tasks when reviewi 4. Click **Check for updates** to download new protection updates (if there are any). - ### Ensure Microsoft Defender Antivirus is enabled in the Windows Security app 1. Open the Windows Security app by clicking the shield icon in the task bar or searching the start menu for **Defender**. @@ -110,7 +111,6 @@ This section describes how to perform some of the most common tasks when reviewi >If you switch **Real-time protection** off, it will automatically turn back on after a short delay. This is to ensure you are protected from malware and threats. >If you install another antivirus product, Microsoft Defender AV will automatically disable itself and will indicate this in the Windows Security app. A setting will appear that will allow you to enable [limited periodic scanning](limited-periodic-scanning-microsoft-defender-antivirus.md). - ### Add exclusions for Microsoft Defender Antivirus in the Windows Security app @@ -135,21 +135,19 @@ The following table summarizes exclusion types and what happens: |**File type** |File extension
    Example: `.test` |All files with the `.test` extension anywhere on your device are skipped by Microsoft Defender Antivirus. | |**Process** |Executable file path
    Example: `c:\test\process.exe` |The specific process and any files that are opened by that process are skipped by Microsoft Defender Antivirus. | -To learn more, see: +To learn more, see: - [Configure and validate exclusions based on file extension and folder location](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus) - [Configure exclusions for files opened by processes](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/configure-process-opened-file-exclusions-microsoft-defender-antivirus) ### Review threat detection history in the Windows Defender Security Center app - 1. Open the Windows Defender Security Center app by clicking the shield icon in the task bar or  - searching the start menu for **Defender**. - - 2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar). - - 3. Click **Threat history** + 1. Open the Windows Defender Security Center app by clicking the shield icon in the task bar or searching the start menu for **Defender**. - 4. Click **See full history** under each of the categories (**Current threats**, **Quarantined threats**,  - **Allowed threats**). + 2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar). + + 3. Click **Threat history** + + 4. Click **See full history** under each of the categories (**Current threats**, **Quarantined threats**, **Allowed threats**). @@ -167,6 +165,4 @@ To learn more, see: ## Related articles -- [Microsoft Defender Antivirus](microsoft-defender-antivirus-in-windows-10.md) - - +- [Microsoft Defender Antivirus](microsoft-defender-antivirus-in-windows-10.md) \ No newline at end of file From 8880251640b8941f2f6ace0845beacedaeede79e Mon Sep 17 00:00:00 2001 From: Steve Burkett Date: Thu, 11 Jun 2020 17:33:11 +1200 Subject: [PATCH 23/73] Update update-compliance-configuration-manual.md Add integer values for System/ConfigureTelemetryOptInSettingsUx in MDM and GP policy sections, and for Allow device name to be sent in Windows diagnostic data in GP policy section. --- .../update/update-compliance-configuration-manual.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/deployment/update/update-compliance-configuration-manual.md b/windows/deployment/update/update-compliance-configuration-manual.md index fc22965271..21fc9f1681 100644 --- a/windows/deployment/update/update-compliance-configuration-manual.md +++ b/windows/deployment/update/update-compliance-configuration-manual.md @@ -43,8 +43,8 @@ Each MDM Policy links to its documentation in the CSP hierarchy, providing its e | Policy | Value | Function | |---------------------------|-|------------------------------------------------------------| |**Provider/*ProviderID*/**[**CommercialID**](https://docs.microsoft.com/windows/client-management/mdm/dmclient-csp#provider-providerid-commercialid) |[Your CommercialID](update-compliance-get-started.md#get-your-commercialid) |Identifies the device as belonging to your organization. | -|**System/**[**AllowTelemetry**](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowtelemetry) |1- Basic |Configures the maximum allowed telemetry to be sent to Microsoft. Individual users can still set this lower than what the policy defines, see the below policy for more information. | -|**System/**[**ConfigureTelemetryOptInSettingsUx**](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-configuretelemetryoptinsettingsux) | Disable Telemetry opt-in Settings | (*Windows 10 1803+*) Determines whether end-users of the device can adjust telemetry to levels lower than the level defined by AllowTelemetry. It is recommended you disable this policy order the effective telemetry level on devices may not be sufficient. | +|**System/**[**AllowTelemetry**](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowtelemetry) | 1- Basic |Configures the maximum allowed telemetry to be sent to Microsoft. Individual users can still set this lower than what the policy defines, see the below policy for more information. | +|**System/**[**ConfigureTelemetryOptInSettingsUx**](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-configuretelemetryoptinsettingsux) | 1 - Disable Telemetry opt-in Settings | (*Windows 10 1803+*) Determines whether end-users of the device can adjust telemetry to levels lower than the level defined by AllowTelemetry. It is recommended you disable this policy or the effective telemetry level on devices may not be sufficient. | |**System/**[**AllowDeviceNameInDiagnosticData**](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowdevicenameindiagnosticdata) | 1 - Allowed | Allows device name to be sent for Windows Diagnostic Data. If this policy is Not Configured or set to 0 (Disabled), Device Name will not be sent and will not be visible in Update Compliance, showing `#` instead. | ### Group Policies @@ -55,8 +55,8 @@ All Group Policies that need to be configured for Update Compliance are under ** |---------------------------|-|-----------------------------------------------------------| |**Configure the Commercial ID** |[Your CommercialID](update-compliance-get-started.md#get-your-commercialid) | Identifies the device as belonging to your organization. | |**Allow Telemetry** | 1 - Basic |Configures the maximum allowed telemetry to be sent to Microsoft. Individual users can still set this lower than what the policy defines, see the below policy for more information. | -|**Configure telemetry opt-in setting user interface** | Disable telemetry opt-in Settings |(*Windows 10 1803+*) Determines whether end-users of the device can adjust telemetry to levels lower than the level defined by AllowTelemetry. It is recommended you disable this policy order the effective telemetry level on devices may not be sufficient. | -|**Allow device name to be sent in Windows diagnostic data** | Enabled | Allows device name to be sent for Windows Diagnostic Data. If this policy is Not Configured or Disabled, Device Name will not be sent and will not be visible in Update Compliance, showing `#` instead. | +|**Configure telemetry opt-in setting user interface** | 1 - Disable telemetry opt-in Settings |(*Windows 10 1803+*) Determines whether end-users of the device can adjust telemetry to levels lower than the level defined by AllowTelemetry. It is recommended you disable this policy order the effective telemetry level on devices may not be sufficient. | +|**Allow device name to be sent in Windows diagnostic data** | 1 - Enabled | Allows device name to be sent for Windows Diagnostic Data. If this policy is Not Configured or Disabled, Device Name will not be sent and will not be visible in Update Compliance, showing `#` instead. | ## Required endpoints From f68acff31774f13f455e99d4eea84177c264859e Mon Sep 17 00:00:00 2001 From: Jaime Ondrusek Date: Thu, 11 Jun 2020 09:24:30 -0700 Subject: [PATCH 24/73] Update update-compliance-configuration-manual.md Corrected some terms and style. --- .../update/update-compliance-configuration-manual.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/deployment/update/update-compliance-configuration-manual.md b/windows/deployment/update/update-compliance-configuration-manual.md index 21fc9f1681..1387e22018 100644 --- a/windows/deployment/update/update-compliance-configuration-manual.md +++ b/windows/deployment/update/update-compliance-configuration-manual.md @@ -43,8 +43,8 @@ Each MDM Policy links to its documentation in the CSP hierarchy, providing its e | Policy | Value | Function | |---------------------------|-|------------------------------------------------------------| |**Provider/*ProviderID*/**[**CommercialID**](https://docs.microsoft.com/windows/client-management/mdm/dmclient-csp#provider-providerid-commercialid) |[Your CommercialID](update-compliance-get-started.md#get-your-commercialid) |Identifies the device as belonging to your organization. | -|**System/**[**AllowTelemetry**](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowtelemetry) | 1- Basic |Configures the maximum allowed telemetry to be sent to Microsoft. Individual users can still set this lower than what the policy defines, see the below policy for more information. | -|**System/**[**ConfigureTelemetryOptInSettingsUx**](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-configuretelemetryoptinsettingsux) | 1 - Disable Telemetry opt-in Settings | (*Windows 10 1803+*) Determines whether end-users of the device can adjust telemetry to levels lower than the level defined by AllowTelemetry. It is recommended you disable this policy or the effective telemetry level on devices may not be sufficient. | +|**System/**[**AllowTelemetry**](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowtelemetry) | 1- Basic |Configures the maximum allowed diagnostic data to be sent to Microsoft. Individual users can still set this lower than what the policy defines, see the below policy for more information. | +|**System/**[**ConfigureTelemetryOptInSettingsUx**](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-configuretelemetryoptinsettingsux) | 1 - Disable Telemetry opt-in Settings | (in Windows 10, version 1803 and later) Determines whether end-users of the device can adjust diagnostic data to levels lower than the level defined by AllowTelemetry. We recommend that you disable this policy or the effective diagnostic data level on devices might not be sufficient. | |**System/**[**AllowDeviceNameInDiagnosticData**](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-system#system-allowdevicenameindiagnosticdata) | 1 - Allowed | Allows device name to be sent for Windows Diagnostic Data. If this policy is Not Configured or set to 0 (Disabled), Device Name will not be sent and will not be visible in Update Compliance, showing `#` instead. | ### Group Policies @@ -54,8 +54,8 @@ All Group Policies that need to be configured for Update Compliance are under ** | Policy | Value | Function | |---------------------------|-|-----------------------------------------------------------| |**Configure the Commercial ID** |[Your CommercialID](update-compliance-get-started.md#get-your-commercialid) | Identifies the device as belonging to your organization. | -|**Allow Telemetry** | 1 - Basic |Configures the maximum allowed telemetry to be sent to Microsoft. Individual users can still set this lower than what the policy defines, see the below policy for more information. | -|**Configure telemetry opt-in setting user interface** | 1 - Disable telemetry opt-in Settings |(*Windows 10 1803+*) Determines whether end-users of the device can adjust telemetry to levels lower than the level defined by AllowTelemetry. It is recommended you disable this policy order the effective telemetry level on devices may not be sufficient. | +|**Allow Telemetry** | 1 - Basic |Configures the maximum allowed diagnostic data to be sent to Microsoft. Individual users can still set this lower than what the policy defines. See the following policy for more information. | +|**Configure telemetry opt-in setting user interface** | 1 - Disable telemetry opt-in Settings |(in Windows 10, version 1803 and later) Determines whether end-users of the device can adjust diagnostic data to levels lower than the level defined by AllowTelemetry. We recommend that you disable this polic, otherwise the effective diagnostic data level on devices might not be sufficient. | |**Allow device name to be sent in Windows diagnostic data** | 1 - Enabled | Allows device name to be sent for Windows Diagnostic Data. If this policy is Not Configured or Disabled, Device Name will not be sent and will not be visible in Update Compliance, showing `#` instead. | ## Required endpoints From b349c9ad5e3e293fa38d2388a423ff16db3aa828 Mon Sep 17 00:00:00 2001 From: 1justingilmore Date: Thu, 11 Jun 2020 11:11:51 -0600 Subject: [PATCH 25/73] Copy edits for 401116 fixed fixed note coding, --- ...ix-a-powershell-scripts-for-surface-hub.md | 16 ++++----- mdop/appv-v5/app-v-50-prerequisites.md | 36 +++++++++---------- .../mbam-20-privacy-statement-mbam-2.md | 4 +-- ...ficate-authentication-device-enrollment.md | 4 +-- ...erated-authentication-device-enrollment.md | 28 +++++++-------- .../mdm/mobile-device-enrollment.md | 10 ++---- ...remise-authentication-device-enrollment.md | 16 ++++----- ...soft-defender-security-center-antivirus.md | 20 +++++------ 8 files changed, 64 insertions(+), 70 deletions(-) diff --git a/devices/surface-hub/appendix-a-powershell-scripts-for-surface-hub.md b/devices/surface-hub/appendix-a-powershell-scripts-for-surface-hub.md index 9295d1d8ac..d4aee59674 100644 --- a/devices/surface-hub/appendix-a-powershell-scripts-for-surface-hub.md +++ b/devices/surface-hub/appendix-a-powershell-scripts-for-surface-hub.md @@ -50,8 +50,8 @@ What do you need in order to run the scripts? - Remote PowerShell access to your organization's domain or tenant, Exchange servers, and Skype for Business servers. - Admin credentials for your organization's domain or tenant, Exchange servers, and Skype for Business servers. ->[!NOTE] ->Whether you’re creating a new account or modifying an already-existing account, the validation script will verify that your device account is configured correctly. You should always run the validation script before adding a device account to Surface Hub. +> [!NOTE] +> Whether you’re creating a new account or modifying an already-existing account, the validation script will verify that your device account is configured correctly. You should always run the validation script before adding a device account to Surface Hub. ## Running the scripts @@ -297,8 +297,8 @@ Import-PSSession $sessExchange -AllowClobber -WarningAction SilentlyContinue Import-PSSession $sessLync -AllowClobber -WarningAction SilentlyContinue ## Create the Exchange mailbox ## ->[!Note] ->These exchange commandlets do not always throw their errors as exceptions +> [!Note] +> These exchange commandlets do not always throw their errors as exceptions # Because Get-Mailbox will throw an error if the mailbox is not found $Error.Clear() @@ -664,8 +664,8 @@ Import-PSSession $sessExchange -AllowClobber -WarningAction SilentlyContinue Import-PSSession $sessCS -AllowClobber -WarningAction SilentlyContinue ## Create the Exchange mailbox ## ->[!Note] ->These exchange commandlets do not always throw their errors as exceptions +> [!Note] +> These exchange commandlets do not always throw their errors as exceptions # Because Get-Mailbox will throw an error if the mailbox is not found $Error.Clear() @@ -1662,8 +1662,8 @@ Set-CalendarProcessing $strRoomUpn -AutomateProcessing AutoAccept For a device account to accept external meeting requests (a meeting request from an account not in the same tenant/domain), the device account must be set to allow processing of external meeting requests. Once set, the device account will automatically accept or decline meeting requests from external accounts as well as local accounts. ->[!Note] ->If the **AutomateProcessing** attribute is not set to **AutoAccept**, then setting this will have no effect. +> [!Note] +> If the **AutomateProcessing** attribute is not set to **AutoAccept**, then setting this will have no effect. ```PowerShell Set-CalendarProcessing $strRoomUpn -ProcessExternalMeetingMessages $true diff --git a/mdop/appv-v5/app-v-50-prerequisites.md b/mdop/appv-v5/app-v-50-prerequisites.md index ace08aceef..428a2cf5f8 100644 --- a/mdop/appv-v5/app-v-50-prerequisites.md +++ b/mdop/appv-v5/app-v-50-prerequisites.md @@ -18,8 +18,8 @@ ms.date: 08/30/2016 Before you begin the Microsoft Application Virtualization (App-V) 5.0 Setup, you should make sure that you have met the prerequisites to install the product. This topic contains information to help you successfully plan for preparing your computing environment before you deploy the App-V 5.0 features. ->[!Important] ->**The prerequisites in this article apply only to App-V 5.0**. For additional prerequisites that apply to App-V 5.0 Service Packs, see the following web pages: +> [!Important] +> **The prerequisites in this article apply only to App-V 5.0**. For additional prerequisites that apply to App-V 5.0 Service Packs, see the following web pages: - [What's new in App-V 5.0 SP1](whats-new-in-app-v-50-sp1.md) @@ -68,8 +68,8 @@ The following table lists prerequisite information that pertains to specific ope ## Installation prerequisites for App-V 5.0 ->[!Note] ->The following prerequisites are already installed for computers that run Windows 8. +> [!Note] +> The following prerequisites are already installed for computers that run Windows 8. Each of the App-V 5.0 features have specific prerequisites that must be met before the App-V 5.0 features can be successfully installed. @@ -126,8 +126,8 @@ The following table lists the installation prerequisites for the App-V 5.0 clien ### Prerequisites for the App-V 5.0 Remote Desktop Services client ->[!Note] ->The following prerequisites are already installed for computers that run Windows Server 2012. +> [!Note] +> The following prerequisites are already installed for computers that run Windows Server 2012. The following table lists the installation prerequisites for the App-V 5.0 Remote Desktop Services client: @@ -180,13 +180,13 @@ The following table lists the installation prerequisites for the App-V 5.0 Remot ### Prerequisites for the App-V 5.0 Sequencer ->[!Note] ->The following prerequisites are already installed for computers that run Windows 8 and Windows Server 2012. +> [!Note] +> The following prerequisites are already installed for computers that run Windows 8 and Windows Server 2012. The following table lists the installation prerequisites for the App-V 5.0 Sequencer. If possible, the computer that runs the Sequencer should have the same hardware and software configurations as the computers that will run the virtual applications. ->[!Note] ->If the system requirements of a locally installed application exceed the requirements of the Sequencer, you must meet the requirements of that application. Additionally, because the sequencing process is system resource-intensive, we recommend that the computer that runs the Sequencer has plenty of memory, a fast processor, and a fast hard drive. For more information see [App-V 5.0 Supported Configurations](app-v-50-supported-configurations.md). +> [!Note] +> If the system requirements of a locally installed application exceed the requirements of the Sequencer, you must meet the requirements of that application. Additionally, because the sequencing process is system resource-intensive, we recommend that the computer that runs the Sequencer has plenty of memory, a fast processor, and a fast hard drive. For more information see [App-V 5.0 Supported Configurations](app-v-50-supported-configurations.md). @@ -227,8 +227,8 @@ The following table lists the installation prerequisites for the App-V 5.0 Seque ### Prerequisites for the App-V 5.0 server ->[!Note] ->The following prerequisites are already installed for computers that run Windows Server 2012: +> [!Note] +> The following prerequisites are already installed for computers that run Windows Server 2012: - Microsoft .NET Framework 4.5. This eliminates the Microsoft .NET Framework 4 requirement. @@ -236,18 +236,18 @@ The following table lists the installation prerequisites for the App-V 5.0 Seque - Download and install [KB2533623](https://support.microsoft.com/kb/2533623) (https://support.microsoft.com/kb/2533623) - >[!Important] - >You can still download install the previous KB. However, it may have been replaced with a more recent version. + > [!Important] + > You can still download install the previous KB. However, it may have been replaced with a more recent version. The following table lists the installation prerequisites for the App-V 5.0 server. The account that you use to install the server components must have administrative rights on the computer that you are installing on. This account must also have the ability to query Active Directory Directory Services. Before you install and configure the App-V 5.0 servers, you must specify a port where each component will be hosted. You must also add the associated firewall rules to allow incoming requests to the specified ports. ->[!Note] ->Web Distributed Authoring and Versioning (WebDAV) is automatically disabled for the Management Service. +> [!Note] +> Web Distributed Authoring and Versioning (WebDAV) is automatically disabled for the Management Service. The App-V 5.0 server is supported for a standalone deployment, where all the components are deployed on the same server, and a distributed deployment. Depending on the topology that you use to deploy the App-V 5.0 server, the data that you will need for each component will slightly change. ->[!Important] ->The installation of the App-V 5.0 server on a computer that runs any previous version or component of App-V is not supported. Additionally, the installation of the server components on a computer that runs Server Core or a Domain Controller is also not supported. +> [!Important] +> The installation of the App-V 5.0 server on a computer that runs any previous version or component of App-V is not supported. Additionally, the installation of the server components on a computer that runs Server Core or a Domain Controller is also not supported.
    diff --git a/mdop/mbam-v2/mbam-20-privacy-statement-mbam-2.md b/mdop/mbam-v2/mbam-20-privacy-statement-mbam-2.md index d2e12fb643..55aa14a2c0 100644 --- a/mdop/mbam-v2/mbam-20-privacy-statement-mbam-2.md +++ b/mdop/mbam-v2/mbam-20-privacy-statement-mbam-2.md @@ -84,8 +84,8 @@ Microsoft Error Reporting is not turned on or off by MBAM. MBAM will utilize wha "HKLM\\Software\\Wow6432Node\\Microsoft\\Microsoft Standalone System Sweeper Tool" (for the 64-bit version) ->[!Warning] ->Incorrectly editing the registry may severely damage your system. Before making changes to the registry, you should back up any valued data on the PC. You can also use the Last Known Good Configuration startup option if you encounter problems after manual changes have been applied. +> [!Warning] +> Incorrectly editing the registry may severely damage your system. Before making changes to the registry, you should back up any valued data on the PC. You can also use the Last Known Good Configuration startup option if you encounter problems after manual changes have been applied. Important Information: Enterprise customers can use Group Policy to configure how Microsoft Error Reporting behaves on their PCs. Configuration options include the ability to turn off Microsoft Error Reporting. If you are an administrator and wish to configure Group Policy for Microsoft Error Reporting, technical details are available on [TechNet](https://technet.microsoft.com/library/cc709644.aspx). diff --git a/windows/client-management/mdm/certificate-authentication-device-enrollment.md b/windows/client-management/mdm/certificate-authentication-device-enrollment.md index 1441d87c96..565fd3436d 100644 --- a/windows/client-management/mdm/certificate-authentication-device-enrollment.md +++ b/windows/client-management/mdm/certificate-authentication-device-enrollment.md @@ -16,8 +16,8 @@ ms.date: 06/26/2017 This section provides an example of the mobile device enrollment protocol using certificate authentication policy. For details about the Microsoft mobile device enrollment protocol for Windows 10, see [\[MS-MDE2\]: Mobile Device Enrollment Protocol Version 2]( https://go.microsoft.com/fwlink/p/?LinkId=619347). ->[!Note] ->To set up devices to use certificate authentication for enrollment, you should create a provisioning package. For more information about provisioning packages, see [Build and apply a provisioning package](https://msdn.microsoft.com/library/windows/hardware/dn916107). +> [!Note] +> To set up devices to use certificate authentication for enrollment, you should create a provisioning package. For more information about provisioning packages, see [Build and apply a provisioning package](https://msdn.microsoft.com/library/windows/hardware/dn916107). ## In this topic diff --git a/windows/client-management/mdm/federated-authentication-device-enrollment.md b/windows/client-management/mdm/federated-authentication-device-enrollment.md index 8af297cb56..69cdc60a1c 100644 --- a/windows/client-management/mdm/federated-authentication-device-enrollment.md +++ b/windows/client-management/mdm/federated-authentication-device-enrollment.md @@ -32,8 +32,8 @@ For the list of enrollment scenarios not supported in Windows 10, see [Enrollme The discovery web service provides the configuration information necessary for a user to enroll a phone with a management service. The service is a restful web service over HTTPS (server authentication only). ->[!Note] ->The administrator of the discovery service must create a host with the address enterpriseenrollment.*domain\_name*.com. +> [!Note] +> The administrator of the discovery service must create a host with the address enterpriseenrollment.*domain\_name*.com. The automatic discovery flow of the device uses the domain name of the email address that was submitted to the Workplace settings screen during sign in. The automatic discovery system constructs a URI that uses this hostname by appending the subdomain “enterpriseenrollment” to the domain of the email address, and by appending the path “/EnrollmentServer/Discovery.svc”. For example, if the email address is “sample@contoso.com”, the resulting URI for first Get request would be: http://enterpriseenrollment.contoso.com/EnrollmentServer/Discovery.svc @@ -127,21 +127,21 @@ The discovery response is in the XML format and includes the following fields: - Authentication policy (AuthPolicy) – Indicates what type of authentication is required. For the MDM server, OnPremise is the supported value, which means that the user will be authenticated when calling the management service URL. This field is mandatory. - In Windows, Federated is added as another supported value. This allows the server to leverage the Web Authentication Broker to perform customized user authentication, and term of usage acceptance. ->[!Note]   ->The HTTP server response must not set Transfer-Encoding to Chunked; it must be sent as one message. +> [!Note]   +> The HTTP server response must not set Transfer-Encoding to Chunked; it must be sent as one message. When authentication policy is set to be Federated, Web Authentication Broker (WAB) will be leveraged by the enrollment client to get a security token. The WAB start page URL is provided by the discovery service in the response message. The enrollment client will call the WAB API within the response message to start the WAB process. WAB pages are server hosted web pages. The server should build those pages to fit the device screen nicely and be as consistent as possible to other builds in the MDM enrollment UI. The opaque security token that is returned from WAB as an endpage will be used by the enrollment client as the device security secret during the client certificate enrollment request call. ->[!Note] ->Instead of relying on the user agent string that is passed during authentication to get information, such as the OS version, use the following guidance: +> [!Note] +> Instead of relying on the user agent string that is passed during authentication to get information, such as the OS version, use the following guidance: > - Parse the OS version from the data sent up during the discovery request. > - Append the OS version as a parameter in the AuthenticationServiceURL. > - Parse out the OS version from the AuthenticiationServiceURL when the OS sends the response for authentication. A new XML tag, AuthenticationServiceUrl, is introduced in the DiscoveryResponse XML to allow the server to specify the WAB page start URL. For Federated authentication, this XML tag must exist. ->[!Note] ->The enrollment client is agnostic with regards to the protocol flows for authenticating and returning the security token. While the server might prompt for user credentials directly or enter into a federation protocol with another server and directory service, the enrollment client is agnostic to all of this. To remain agnostic, all protocol flows pertaining to authentication that involve the enrollment client are passive, that is, browser-implemented. +> [!Note] +> The enrollment client is agnostic with regards to the protocol flows for authenticating and returning the security token. While the server might prompt for user credentials directly or enter into a federation protocol with another server and directory service, the enrollment client is agnostic to all of this. To remain agnostic, all protocol flows pertaining to authentication that involve the enrollment client are passive, that is, browser-implemented. The following are the explicit requirements for the server. @@ -294,8 +294,8 @@ After the user is authenticated, the web service retrieves the certificate templ MS-XCEP supports very flexible enrollment policies using various Complex Types and Attributes. For Windows device, we will first support the minimalKeyLength, the hashAlgorithmOIDReference policies, and the CryptoProviders. The hashAlgorithmOIDReference has related OID and OIDReferenceID and policySchema in the GetPolicesResponse. The policySchema refers to the certificate template version. Version 3 of MS-XCEP supports hashing algorithms. ->[!Note]   ->The HTTP server response must not set Transfer-Encoding to Chunked; it must be sent as one message. +> [!Note]   +> The HTTP server response must not set Transfer-Encoding to Chunked; it must be sent as one message. The following snippet shows the policy web service response. @@ -386,8 +386,8 @@ Note that the RequestSecurityToken will use a custom TokenType (http:[!Note] ->The policy service and the enrollment service must be on the same server; that is, they must have the same host name. +> [!Note] +> The policy service and the enrollment service must be on the same server; that is, they must have the same host name. The following example shows the enrollment web service request for federated authentication. @@ -476,8 +476,8 @@ The following example shows the enrollment web service request for federated aut After validating the request, the web service looks up the assigned certificate template for the client, update it if needed, sends the PKCS\#10 requests to the CA, processes the response from the CA, constructs an OMA Client Provisioning XML format, and returns it in the RequestSecurityTokenResponse (RSTR). ->[!Note] ->The HTTP server response must not set Transfer-Encoding to Chunked; it must be sent as one message. +> [!Note] +> The HTTP server response must not set Transfer-Encoding to Chunked; it must be sent as one message. Similar to the TokenType in the RST, the RSTR will use a custom ValueType in the BinarySecurityToken (http://schemas.microsoft.com/ConfigurationManager/Enrollment/DeviceEnrollmentProvisionDoc), because the token is more than an X.509 v3 certificate. diff --git a/windows/client-management/mdm/mobile-device-enrollment.md b/windows/client-management/mdm/mobile-device-enrollment.md index 1b6590f392..bb09b8f063 100644 --- a/windows/client-management/mdm/mobile-device-enrollment.md +++ b/windows/client-management/mdm/mobile-device-enrollment.md @@ -54,8 +54,8 @@ The following topics describe the end-to-end enrollment process using various au - [Certificate authentication device enrollment](certificate-authentication-device-enrollment.md) - [On-premise authentication device enrollment](on-premise-authentication-device-enrollment.md) ->[!Note]   ->As a best practice, do not use hardcoded server-side checks on values such as: +> [!Note]   +> As a best practice, do not use hardcoded server-side checks on values such as: > - User agent string > - Any fixed URIs that are passed during enrollment > - Specific formatting of any value unless otherwise noted, such as the format of the device ID. @@ -292,9 +292,3 @@ TraceID is a freeform text node which is logged. It should identify the server s - [Federated authentication device enrollment](federated-authentication-device-enrollment.md) - [Certificate authentication device enrollment](certificate-authentication-device-enrollment.md) - [On-premise authentication device enrollment](on-premise-authentication-device-enrollment.md) - - - - - - diff --git a/windows/client-management/mdm/on-premise-authentication-device-enrollment.md b/windows/client-management/mdm/on-premise-authentication-device-enrollment.md index 8b8510e448..2ff94e841f 100644 --- a/windows/client-management/mdm/on-premise-authentication-device-enrollment.md +++ b/windows/client-management/mdm/on-premise-authentication-device-enrollment.md @@ -30,8 +30,8 @@ For the list of enrollment scenarios not supported in Windows 10, see [Enrollme The discovery web service provides the configuration information necessary for a user to enroll a device with a management service. The service is a restful web service over HTTPS (server authentication only). ->[!NOTE] ->The administrator of the discovery service must create a host with the address enterpriseenrollment.*domain\_name*.com. +> [!NOTE] +> The administrator of the discovery service must create a host with the address enterpriseenrollment.*domain\_name*.com. The device’s automatic discovery flow uses the domain name of the email address that was submitted to the Workplace settings screen during sign in. The automatic discovery system constructs a URI that uses this hostname by appending the subdomain “enterpriseenrollment” to the domain of the email address, and by appending the path “/EnrollmentServer/Discovery.svc”. For example, if the email address is “sample@contoso.com”, the resulting URI for first Get request would be: http://enterpriseenrollment.contoso.com/EnrollmentServer/Discovery.svc @@ -129,8 +129,8 @@ The discovery response is in the XML format and includes the following fields: - Authentication policy (AuthPolicy) – Indicates what type of authentication is required. For the MDM server, OnPremise is the supported value, which means that the user will be authenticated when calling the management service URL. This field is mandatory. - Federated is added as another supported value. This allows the server to leverage the Web Authentication Broker to perform customized user authentication, and term of usage acceptance. ->[!NOTE] ->The HTTP server response must not be chunked; it must be sent as one message. +> [!NOTE] +> The HTTP server response must not be chunked; it must be sent as one message. The following example shows a response received from the discovery web service for OnPremise authentication: @@ -214,8 +214,8 @@ After the user is authenticated, the web service retrieves the certificate templ MS-XCEP supports very flexible enrollment policies using various Complex Types and Attributes. We will first support the minimalKeyLength, the hashAlgorithmOIDReference policies, and the CryptoProviders. The hashAlgorithmOIDReference has related OID and OIDReferenceID and policySchema in the GetPolicesResponse. The policySchema refers to the certificate template version. Version 3 of MS-XCEP supports hashing algorithms. ->[!NOTE] ->The HTTP server response must not be chunked; it must be sent as one message. +> [!NOTE] +> The HTTP server response must not be chunked; it must be sent as one message. The following snippet shows the policy web service response. @@ -306,8 +306,8 @@ The RequestSecurityToken will use a custom TokenType (http://schema The RST may also specify a number of AdditionalContext items, such as DeviceType and Version. Based on these values, for example, the web service can return device-specific and version-specific DM configuration. ->[!NOTE] ->The policy service and the enrollment service must be on the same server; that is, they must have the same host name. +> [!NOTE] +> The policy service and the enrollment service must be on the same server; that is, they must have the same host name. The following example shows the enrollment web service request for OnPremise authentication. diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-security-center-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-security-center-antivirus.md index 4d8b9d2e78..6367bd636a 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-security-center-antivirus.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-security-center-antivirus.md @@ -26,13 +26,13 @@ In Windows 10, version 1703 and later, the Windows Defender app is part of the W Settings that were previously part of the Windows Defender client and main Windows Settings have been combined and moved to the new app, which is installed by default as part of Windows 10, version 1703. ->[!IMPORTANT] ->Disabling the Windows Security Center service will not disable Microsoft Defender AV or [Windows Defender Firewall](https://docs.microsoft.com/windows/access-protection/windows-firewall/windows-firewall-with-advanced-security). These are disabled automatically when a third-party antivirus or firewall product is installed and kept up to date. ->If you do disable the Windows Security Center service, or configure its associated Group Policy settings to prevent it from starting or running, the Windows Security app may display stale or inaccurate information about any antivirus or firewall products you have installed on the device. +> [!IMPORTANT] +> Disabling the Windows Security Center service will not disable Microsoft Defender AV or [Windows Defender Firewall](https://docs.microsoft.com/windows/access-protection/windows-firewall/windows-firewall-with-advanced-security). These are disabled automatically when a third-party antivirus or firewall product is installed and kept up to date. +> If you do disable the Windows Security Center service, or configure its associated Group Policy settings to prevent it from starting or running, the Windows Security app may display stale or inaccurate information about any antivirus or firewall products you have installed on the device. ->It may also prevent Microsoft Defender AV from enabling itself if you have an old or outdated third-party antivirus, or if you uninstall any third-party antivirus products you may have previously installed. +> It may also prevent Microsoft Defender AV from enabling itself if you have an old or outdated third-party antivirus, or if you uninstall any third-party antivirus products you may have previously installed. ->This will significantly lower the protection of your device and could lead to malware infection. +> This will significantly lower the protection of your device and could lead to malware infection. See the [Windows Security article](/windows/threat-protection/windows-defender-security-center/windows-defender-security-center) for more information on other Windows security features that can be monitored in the app. @@ -68,8 +68,8 @@ Item | Windows 10, before version 1703 | Windows 10, version 1703 and later | De This section describes how to perform some of the most common tasks when reviewing or interacting with the threat protection provided by Microsoft Defender Antivirus in the Windows Security app. ->[!NOTE] ->If these settings are configured and deployed using Group Policy, the settings described in this section will be greyed-out and unavailable for use on individual endpoints. Changes made through a Group Policy Object must first be deployed to individual endpoints before the setting will be updated in Windows Settings. The [Configure end-user interaction with Microsoft Defender Antivirus](configure-end-user-interaction-microsoft-defender-antivirus.md) topic describes how local policy override settings can be configured. +> [!NOTE] +> If these settings are configured and deployed using Group Policy, the settings described in this section will be greyed-out and unavailable for use on individual endpoints. Changes made through a Group Policy Object must first be deployed to individual endpoints before the setting will be updated in Windows Settings. The [Configure end-user interaction with Microsoft Defender Antivirus](configure-end-user-interaction-microsoft-defender-antivirus.md) topic describes how local policy override settings can be configured. @@ -107,9 +107,9 @@ This section describes how to perform some of the most common tasks when reviewi 4. Toggle the **Real-time protection** switch to **On**. - >[!NOTE] - >If you switch **Real-time protection** off, it will automatically turn back on after a short delay. This is to ensure you are protected from malware and threats. - >If you install another antivirus product, Microsoft Defender AV will automatically disable itself and will indicate this in the Windows Security app. A setting will appear that will allow you to enable [limited periodic scanning](limited-periodic-scanning-microsoft-defender-antivirus.md). + > [!NOTE] + > If you switch **Real-time protection** off, it will automatically turn back on after a short delay. This is to ensure you are protected from malware and threats. + > If you install another antivirus product, Microsoft Defender AV will automatically disable itself and will indicate this in the Windows Security app. A setting will appear that will allow you to enable [limited periodic scanning](limited-periodic-scanning-microsoft-defender-antivirus.md). From fb4f3ea1686b17b6de3aa45bd751910199344d53 Mon Sep 17 00:00:00 2001 From: Thomas Raya Date: Thu, 11 Jun 2020 11:11:12 -0700 Subject: [PATCH 26/73] Add image file --- .../images/device_details_tab_1903.png | Bin 0 -> 32620 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 windows/security/information-protection/images/device_details_tab_1903.png diff --git a/windows/security/information-protection/images/device_details_tab_1903.png b/windows/security/information-protection/images/device_details_tab_1903.png new file mode 100644 index 0000000000000000000000000000000000000000..beb0337379e3c5939a3a9d129584155f03bbf660 GIT binary patch literal 32620 zcmbrlWmKC_^e#$WD9{!wP@q78;>8_GDQ?9bN^uV^L0XCwZ*d9G;_iVUf#Mp11x*6M zQY>gl@yqXj?!D`LIiJpltYos*J9}pDnc2@g&wisnYATUDrhQCAL`0&Z{6U9^=+-e2 z(QWaEw{QNLA_9K9@u@@21bMOB? zx6pQs{zOEfw^TmJ>G@miqVAbdoOjAz?Ole35<*tzP+^lOo>!_F-%B5cF~=}JoI}N+ zP$a&;^O?;jQD8N{Ipx#qQQYmel)!{9V*%2PdtQ5EqxLdKne+3rV`ID_*L9U7q@<(` z_V5k$AjStu14Sn%O-;UPF0Sd^m=stNYhfBM*w5R0t?}IUN3dC|cUe_c6$!O~qrJTn zl?UxDqKn8YEBn2DN+KeM@W+1lpqn5LBBEdSIFYHve9P*$h=_PTVyeY^k_2z2*7z>s z{NJXRm@W~~J7PV^cBY9}F%i)hDkF^B=3wTHe@uRLo6maE*xxwM;j0fkn4z1V=!-!q zfKikhLrV0Hs}j&$i~XNYYrBItq{b+Sh{kVI;;c(X|36c1pRabg{F)W6{|zvUj`do~ zx9Uh{^=E!^+yMptsj`Z7R6;DE1D%Njn!BcW{PN7QNXj0~4!bt}ZWM?s)?YMl5T9{s zHwO!B+hcH9Qf|(LyWCFt6)PI>(DzVN~a4}R?K=@BRA`JqsF%YNnjBL=s;zZ*(fe{kwX z=6Fp1pge#}02Z7k8xW7;-qMAYg=G^}J_ zSdIy$`%;0wJ@!)?aKC;=ju#3&YFU$pxH@7v9GWQW<0?3e=e8b}8o;Q9+`csvyTJ^c zn>G!==t#ll`S<9drl^VgPCjFgVKc01A*CgZ6Pio1t@AUvshw|6nr1IB@{1j^k{@vR zs|&XfvPmEpmM(pUZeO!0V0tjD_|%4;vp3s43Vc}e9M|49*q~+8if1|$xfrq^w|s^+ z`Q9vX1pJ8U_!G!)U+!vFa^HuWszv)cJ;KYV^nN@osiQRuj-Z&!G6KA4X?kzv9xd3F z<+3a8FcVYcNC#_mnRF4()dv4YiL}!>$&~s=b#*QJ_0S@nbrR`>M_sBOoNUmg1MtY{ zd-iOZ6OfEcNSQnu4=G+?@V#^LP>h^p0T)jAyH8s07~_Cu2iNxbW;ND5I{8aW?Rg*Z zS$@ZEXC9QgNGs?#4RJ;$KC0HIwQrt0BFmp~_0vG#-y!j2`z~U@-q5mf3L_};8ShM+w$Np&&z6w&Mp zCOwE&wqt*$6CHR!>U>08Z2F>qb-JIw08j--#WZ3}zP0H$;Ee}Y3=;Sd)u%4iuKQ2Y ziQ!ICbZ$MO3;Vnqv_xvo-&~qvVdwTdE&-_CMK3z(j}4{)2@q3JWZnuc(P`eh(kMsB z1=MCtN4G8qcI0mhVAtS*6hnaS?a}>Ewq}v0v6&6FxkS3a!n0*`PBBScWPa0k`&K+@ zz|3mM=vJ8XE>K>1#-F$HJe*FFVLud$`Q1T}k0i54nYjf@v0m z2TNWrj7h{{w7F*@bY8`@>?SxCXVTe2#dZ=ppq1;@c`lBW68-dVJee4A$WuxjRoc=O z0Xc+mn5z@odbYVsRKB?$7p{f16kk zK&C-^A2D3qq7BQEa1yUM1F|ee`n%Bn6G_4J4^!n1Kvi)4)vrJI5qK9Z@9zoT_5-I}PvT>gTTcNev3}GoWXiGDGf#j#)dn`U zxjh45%IYYM!BMIs6X`XxMThr3^V5zaD2F0r&|73|m&3FnyjK z-HPjsMU>R`!Kmw3ghEABR6H<8B1ZsM6))0({$`{V>T5i^(sePE8UKTVU-e&L!C~QtGRbC?Ho<>dp3Sdj?nK0lr#v zTA%Yw{B?^U0`UN^qvB`U9IMxVWbN}hqwB%Ki`!KmV$;{|Xx-Jfi#uQauvxpb6(jwW z+4uqA!z{afDJS4uyuZ?)2{(2PVvhEkC0?u2V7@woX7g7XKs|y-`e%b@nc#s^UfDI> z{fkF=6LzyC{&Yg_=(8;ww+2NJJti*wLKaQKtpPLH!#^NpiEu*iPd6`RG_TsBK4$fg z6xhnAF}}2qdUPG#Y%B2^*@8VEl*{1U&DItvHNc!gaJ9{T4jx$2BZJitE1H!23N?82iGW{(jU`}KG zZ9^8E_TjIEMXsK&lqTpKGqa>1>?9}EIQ_rwg^rLSphSau2HmABvtU~n*65t&>` zNhO@U;XOWGiN9P&8I6dvj~LU^f|nrkF)&4~AL1|xJIDDS5zTEUqA08GfIHCnHL~B` zmk&a*V{Nh1dOb|bP9Hw%Y9u=<(RGwAi`UzPZ37N`|Kz$ksfi#Kbh{bk8%RWjUdKWt z*4&h(-Atw{V-@3<{ysCi)PZHk7v1s>FHB1~~a*^2J$M+S{TUo_j=of(8|l_slFy zMHp44o>X@=dW1BgGX(n({D>6iByf8fKQ-=_m*b52Vzyh*++mj`Ioc%Uzhv^`({)sQ zJjs9AWFUSau~`0{hA@s&SkBRCR6^oqe7t`mH=JVDV9to%Gc7qnYQ$g2B{QM|n9KCE z{SI~}aLM&p4Yq-PJn?x4x#$L5My^^D2D7G2v_JtQ@=gwu^$&cri+O34M!=%+1?&|^ zGQ}Zl{awP3adsb^>DId>ZztI007#;oLv9Y_ti^mSDqOCKdHke{FV{ecRoHu;4cGoj z#V8&!7I?lQ$&u;i=>u(OQysBOJBd-2;^anCK>wJaoW_A$tyN4j&8&e~L+ANhPuM!H z7T^EjD1naFbK~GihH1ksQ3o{r#947!OJ!La*;UwnlYD!Q!tSfCD>6w*$uYfjha-+< zxdgPOv_H|l#u6d$0)OcnJrNSraFio>5UgD5=L2b2+FF#(8$9}uNKU#uOMuO;){sTZ zT|B>mXhgEq|3S9Mr#K=ap>V(hqF+p$$aHSw?*Bn|H&zlir%L`8=u@t}mRC}W`d_#( z?2@s;4z}_?(C#J>)uCcfh=@X1md!*hj7Nl*7uBqQp)qX`*NRbxg9uXXOuS|;D+ojmqqdr{h6_u8j*4F+I zJm5Ojs6mPsT(kbfP*PKSvHeW|$=cf5f*$?Vc}=I%;q^Zc`vD&exJOFbuMp(AbC%UF zQ~{3YSf1 z>7)-&5;!ma73DS@Yn7j0j9sroYvU%HGrJO{(CwFI1IGLGPjQ_T;pa7XFlgbBSwPL@ z#mas+`g&7T_1(LVA3rK9n;Do`?W9B`GQaTIy&JS!@=|f84K55CqAHKk72zFUTFrXt zJ7fS@Noq{u91Gj~0=O=Eg$$)XCL_ee98OM7K2NK!ACuV~R#h7w<`N?}TOjrm_;dm= zR#j7ZP<8xHFGZVJoLqK@5Z;!8Gudb()7RI}lSwV?KdlsGWGQtyVB6*?(I5u1cJ-Gp zoagp}kD`ASpQ-t{Ucw&}4i5#!FsnKy2K~m!mIY!$jOW;LR!S4z`6ljdw0UoVVm+d-m+m%&xGrv!=%V zlX8$8tB+bq^_kaay^nzt=ly`1tB(|vH18JL1ITj?4|5S-+a`|)htCs7ve(2P)JA8` zXAQ>jLc-kGkzVi&{%FOwdyF6lvdbz=+Jr~ zkx|^!rX}K_bYe1_7eei)+Md2{TPZ}5+qBDIpQR>=vB=o}kYm}~Yc+B}-a8QtoK>Gp zq14OVe;wZCIPr>O5Z_wir!o(3Km13IxdNB(^y+-$kA;VxnZTcf3b`k()MA3qpS*Zg zT3CmgFR4$#IJ{lXyFP;B?nJ?5SF;&|1{^@G@2;8@hQAi^DwaZQMQ6zT^9n_Wxb1N-j-iF-|!uLN8myT8*TKy00vzTMInn6YPf z3JrGV2GFwwQ74%W!|}A%G(Q$F1oqf4_XOI>?M~@HzP5`8e_lD(fR#oEp>yR*NvY%DPwbq!%#6)1{sl> zAQfxV`GJ#DwZU3y!#Vb^(XJZD&ORM+C>yeZiEnN_cK9N3 ztcHR@*#AZHwa98qN8E5RU5ElB`n2t(QQe;ZT|rUySPal7wmtlBRq10ipxGld&;s22 z?;uK!mG$1E-+nJe-40Zl(l4r%K_a}@mI>5(Ss02$4}|Z z)OoAg%2M_XWvhcz`{SNbqL@ommQ0I@uQu#1K>3}EdpjT>3orh~E z(C0clf(GG#5)%*aPExT}?De9Hmx{#<$qjE9E|CoZJ4bXaWpzJmJVCSaXfW?i-0X5;*UC6p;MO_#2_WD#xGRVZ?9(Sf(~>3yutetfx|r+S`> z!v)*t_OO>F;vwyQt@IWiG;4!v3Nn`UgNMCfXJ;zSnU|7iyT!igu)`P4t7ngUt`@yY z%TI^D_}gWqH-J;W78h?6stA%<`sP2s z?BG0KytkgVj=xu8JPH#P!D{PAFol`bZ|Vy7Kns7E z6lO?B9L*||7jY5_Mk5A7s)B!hIQKMqs3i?i@bw&zmOiB&guSMOO8e2vgHL%~ zNXm3gdJ)zKOMe{pY~d;2sTX(R8^HrSivV%qJeOi_ra7Mx)dr7MAs-Fw%Qoy!Q_bq* z7~IQ7)5i6`h@OOGywCuhDH2s^$;%Lb>S=&xblPeAD&^8wGQvpxr(A9B4g;Wh``bQslO zj!30Ac)18IO)5qo$8Ek|W+Axj>E1kchJ`RBr*7?Wi|#PWzfN&Ucb#h)^-TG`|Ag*b zzrt`4mdPxjxAytd0-TtjsyMDNA;*~>M1H%PcW>$PntV35F=!pV>)RTZypwCW#KZL} zm@g)fD)xC^0%h`iARdugWp_I%X6B?~rm{Bg7gP0HpgcvvJ}e&bE$||-w79E271;h+ za9&#Uh`syLTD!8S|7{NnjxKKDBq0|v`3rFrT6dki<3JddoI9`2r17 zH)ui}zO`IJbr}@;*ipahSXd{?Jm@c`fSj~I;q}G>w`qgt{P98k3c1T|-J|-;nxS~y zRA}Sj=qV`|Rc0biWb&YUyYN>OF-dA0*$<1_RlOhA1!eg+bP?RV!4ChtLM3eS&|ZqJ zCwxG(J9yuLg$p?LYPQNN!}ay+U*2=VNoJ$PXJ!*Av_fP?Lu%x5`i`O#JbsqrB>@|Mrk)460Zw{)?Wpe-7ik;fa^hM*5#}7x5{$2R@Bf2>> z*IQwe%3qC-TxKeb9c{~nRfFq+F1LWxS*MB+V$BnEn_A0n5#rHf+oMX~OU2Lob4>WZ zhGq;R6;4Ldc?~FDR()y}XJfU>Lx{y2pTAfupS~_19mHLb?~vE49STYnA0E}TVFu#- z1&meRO$~akmkX<5>4+by?X_=Pg0efjgKDmi89vny9xRvH$G7|;CGey(8YSo=uf;&^ z7kBntl4lw_fR2KaNH1#(8jhnf+RUm~Q9fn(7hOL$Bykie1|1SE6V2{R+K-cW)2f%r`+1>ws^n>l6-Zz%Is+3N-q_d}4@<9Z z%z=r14@KDKRf>_3YiJieDjqScGVYjD|EL_)7h$;0ddlvS0z9GPF0kH!xMcp0gY;%7 zxF_kj)0@4Lu=yT?>7L@V7CTqp29Ra*aku^bqpJxqOpz9={c)t9P`Q9!^mEat=+CNZ zS>4*$IJxLJy5eV1a3z(6Kk?H~rU9>&I%`@57|U2^*HLtC;@aEyi?(7+8Vu{`WFbBu zV=boxucyRh?QJJQ=xY4aQVrJxb?>xWNO^d*gmAevgXLPmTSqo459{VD2r_}H{pS~x z6Z*{1!UU(V;EfrhBdC|E@-6 zTNjSMI46VE86s`9F}wxscugBv)O69Ro}G)Bse$=9xK#qR-P#IL9swk(C?DhFc|$FA zbuY`lU}UsEOnVZNwOlVwpjCi9{8E?aFsD;|<8iY&o_AQoNKkjeVO835mm(lEJ->a1 zM^=mY(a=zAGtyqVWsJIcgzTwtD2%V?I;%0|Z}}0!DJx~sJO^puZ2^&z;bB!;_mRSI zbVkR%4>OMim&MXp+WWf~e?`e*7qLl*j4PK=m9Wvv%EjK-=wo)H+ zcnD|~ocv~^)gE`)*{)-P8W#ocPoVoIV^&j&^vuGhl5%(HImAvhKd!;>8%Y9@>~6BJ z?*yOxYlYoaD2mQrsV@V}){75vubrmel0@d1NhL~d(TU~qy%~~ib_v5|O`&-u=P?!* zCQqqXR!`0l2Om`iqwX=RDC1GZfJ9NkT%Sj9-Oq088e8Lr&GHcE0k#hx9>dFD_RKSKgJaNAXDoYu-PzS>jBd zxYLMw-k<`xPPaT-85vKiAJ&7bO%|NbzYKW)x#V?XyW)KZ2@nMA`n$07iU|vxCYAB< z5YkICu%y*}7a_SctbgIC#PD_2 zka*~g^h4LZrRQh407elr-vq?%?&0CjF&!eEUxt0{YswdD@WOe)ywyL}u(R3X_Fvb{ zcog^}0xEPlE1cANG+sv(3Oym@g#c{U?}lhciyv*kMMbB6QsdC}4o85zPe)r8cafF@hx&@9qIMzsxxnbXQ#_}H0aF}Occl0)Og4+^`a>{ai2+p5EAq#a zkVCQOJgi!8FI@%~wY?WdBG}hU#jr|BNDAt&DyZ;TyZf)V2p?B6?)$t6+a$lKeY3%epel*iGglXdSmr|{wf_`*}d@zXlkjCBa zJBgX^L^h45nz6}lN(G#grH}PNjeA~&Rlpz~oi?vJ_0n2kl9XqB^JLEr#IJLv?2r}M zeZBpC<*O zu32oGa_Dil?~Bw`nhLf2CQGpiH(2u5P0Imz_DHE%Xpw>mUVoM12|2MB#h6wi$(G$40SRgM`-L_*kc`FAup+te`coAo-BO$w#Oa`G!8jr)3xQlbN{S{2fxm zoZr4W$DqN#e$>HX%->8IIkeZYnmk799tc{Rm$!$myl{8BSO?Tp#Ds)|{1lHWS|65= z0u|_Z$shpL72Dg+%)vF{b8unNW{XaOg{L+v_*eA?46iG)VW3%JflYsHjs}Nxw6q|y zd}i}dORd4lN;-Y%o*So^&hAlbCI05-KKmw^HbUK%-)tpw)#&c7sMJyPl^$wisq*SC zb@@FGhO?yl?L_*C_yCWG_B1Frf5u}vM${XP zAtfCxuje)X{xTH;(*|r=OYvEtD%iOZhk7M4$|0@{7If(AOE{ zxCkb)lNi!;^wBtr__rY&8&D&{NfP<3n_-Wdk*#IBL$bnSg9b>?iKKbvyD)5LYBq-@ zI)Yh~h;t(48Fnb>e+MthW(kkS{r!VgIx%}_PZi37bR`9uTUGvoioJ>kn*_GPle5{i z&}#PPE!Vp}(E55YuFtV88vx_WOGEc4r4Jt>BW0leqk3wXPUwSb$l)2NM=0drAj&*f zDKZN3vXPF5yKT?I#=;qsYnb9?)xw{bG1iq0S6(%Z+PxQU3u5?CC=v1C_9;&`5eVQIgo7%Jo}{bEy{{UmI)au?Hbv(vtuv!dz#6GBHPUD zhFwYW3YmYc?V;_6Qees~vQ@}D=jneus3m>0>|^6Fo@#E;6QR%R&t}t1k1L4WZu=J= z)!r&J{|UV=i7s4y#b@v8F%e+8*BHon7S#={7ei}X+Me{Ao>CUcq>DT{P?Oy0q@rRt zm^`hm7rRDECqBObk+6?S@9oGno%ds_bK^>fwgeY95@>jS12Ji)Mu6ps)T78F4tnqS z;Y5!qa%^_Xn#-q8zm9(T==5BpxRJy(&(sEp)#4g_1L$AuoDYw^lUr~&Xu3C*mA6F* zldhK3$lUrjC!OIkeL2C8xs@+ze%l1fcXQ8!exU(>NVW_Ct$$0u>Iz}l*1+G7)$)iR zeGM;I==u76Fx(H?=>hrRECGUhV!4TuKd zQ_W_i3BKLX_WFO5p5LzSoF`fa)O@6+Gh60;qf+L3#>P(@IF_DK0+j8P6U)y$y z_m2p;nW}+zGCl+3yqW8iYj3v8RbB=SKOz*w>Yv)}4fFAisE~S^Ncc>@FR~sUv+ZA_&wyBZ~^4Icgd_Wv$4m_~(4N&m?L*gUc=S70)2xv-~ z&R?~)Evj?F3P&C9&1kq?SG6s=vJofX)Fc?*e(DVuA8EHXm95>4Y-?z*JrTwMYAS;~ z27|&|6+Wt3cvu{s@*EYhp6jyj5k+TKkSS78P}?Z(G-b1Kk0-h`hhAH?vZ)l=F_Dur#$x2w-B=N8# zdl<^NVyd7tW*Iac!F9ZC{GI(`8v0B$4OOGJlb(k-$2Fc2b`jPYgK?X>3Lg|mbr`c% zznSyV(kY+dY{M1%g>!$XL_f13x56A4S6a5|01Z>f zsp%A9PhtlLKkoq*v}KZm1(eu}sDwY526%+Lq;WAaVrEGPjnTL>CjWk{*<`>=fvx@>YW9pxC`iiOOjHy3~*RaiTp|quOth8t5X5)#)PyL9AX+O@GqhLcM#mVN;&@yE9 zoSi_v|5Qw{w9yNknmEVz1UDUocRt5;7T=^8=Lu$HD9>)V(VN-Wk> z0+acgm07|j-rXZ9)j{acZvekq(>TDM&_hBVDdtM_*{-jgnt{vsms^)-cuJ}y3$Gn* zrajbe%@extw$(}2|6dIbCBK1^S z?5;P*;fJ@G>SG_MncUxk+Bfhwz!hU;GJGU>=im0Ac3-L_(S^@$ke%y8zw?<;tmfyx zBk6pgbg_%qduV7yjXO4!e=l8r>?;|g41kSjIbBZYj1HrDB@eknbYY>a%5tOX|BWmZ z`cLwA`@d`60KO_JK863cWjws6zN&7j-_vMS4~KZ=EPzjNLrtC;xw#1k@Fe z2ZMd^plI2Mt=~-@zhlo@B__>-=`&~5=}YcaJi;=O8OVYLUh2u36;xoinjL*(-55vur8ubzGd%NbXfRQRPkYj$w zD@+lhkOt>S38D$r_Gwv4CQd6h(b0Jx6GNMjt?AEhJL?Tl{by+`=yR%V_qn#JZ_W8? z9@HY+(^k1$G*yC*AH}LSe0zdvp*ovM_mY#pj7Ro(nd-uLL$y>2yoLU&(Ih%8IAF#z?Ze_|%7Bx8pnXOqsxF+2^=CVt0C!--u*cq##V2Aah-p zOu6*xDzk}8GgrcArPoT0+*Ph+XiRR@J-)J~JA5{~IT!W@8{)RO7Ba5qeYP-a)H$@( zeU1_k_qxu?(xSXK`s7 zD(tcN^A4$j#DxwybW+s_mOZVXnrAF+jdz4=sZ{5)oL!VC)ufK`gKRCgt=-*s7B55F z$W}TT31uhNnFCXc?gC35RK7o2SLk(ZDcOv2AO~**#T{l(lKBHteGqvJE~1(BE8Wdn z<(hIjv>0@;dn8c5njq$ZAZOrMdO|pZ_dTHAHr@eRm>)%lw~ZF^D3~3XgLVY9E3wrj zYtqZkDsy-b336!xNHs+#B@R&rw<$^m;gs|cIwM2uv#)E^wh9zM`@>8aUS^>ou5Vr_ z6GH-Sf|NKwzrw#dxijurlOGsXAbPqMR@TH8Tvk2}GEbB_%*~6?PV}}tR~u11@N<4l z$Y17)d3m0GKO{Xi2e&pE1a&6&E4ZvO{f{Co~*l(qkb4(XFFGf z>+J}joAL9QC}{k-aQ9_!3`|UaQ5W4_lX+H1t<)R&ozdd}c%9iW!Z_?jFyi>0y~A^j z+=*YNOS0S{r^tDx-|e;0Sj5sTz1+<_F~PF7*7xATv=#w?leCue2!Axubm|R#AQTBq zfOBvJAn4@gZMMwa8jHpTTiBsDfue{&jlXnXOVzQ++2Q2mmC;lR1|d3bpZu=mmG~qr zXAGe2- zbBj`X&--YvAHb*SFJPhE!&?8>*){ft=^9B4;8*cnM%z11+faJJ*7!-4q+0m?ERYeh z!hQ^SP72O~G)B4o&kuCXQM0XljQKscbz&>BB7ng@r{8jp8u2rN3xn}|d!Jnpsq_hf zLO`d^c0Q65LY&$OI5o-TAz?u|U89_H>ivAMVP{*1Z`R??H!~*X=}tb)jsUx<uFJ!}lM&j82N-XsO$87eSwx(WR}{TvspQa;kc z)88K$*xzpoUmCMEAG1FR zlsmz>vR%kf@JGPHGG_4RG1Qfmjhsz=p=mD=*CtU7sNq#5lh|mq8K!`$P#tMX9~8LR zd7K+SLd!oP+uEHs)TN=DQ?q%kWBzI=wu+E!zw530EKXu)YKCI>SU1cT?W79*;Fy)+ z1gvF)gjHFMud$%!=l;kb9AWaTbr>1`XJ5#((5Zq;-omoEPGmY;%;TyU)xmMk29S4@ zFDf?H>3@y+jo%2oPwvu`2fs8jeCn~}4f=Dln`asU$I&pUx*7kXsd>Q>R|8j{p~1(p z!10OkkM3b*^S>o)IE@Gq*%3f<*g1gDzOApa!LLUX-YYd(n)IxG#_sGZxuGcB+<*KO zCi<-*g=Tk`{^?Gz95@?Lfw9ofWL(>(%wFcVd{@YXbPnUK{y33EJ`z%Jq2t?cl{C}c zAm#qihjMl{Yb$e)r}A|8v0n>iTN8&fO+b-$GoDlM!rqaq%4?zYm3qW^`efW4XCA(Q zBE)Q{W-O%5_wN?+P;jw zASRA7*6q7Ks*#D&9d(ad53S;zbCsA0oSh=QTHZHTR-F<=%7$Kn^78UhQYh%@H5jI+ zFXj}Unp#7W;em^=*XK_dsstRn$|*;V@7)z1^(|Vr5#MWgA?y(T6;U4btR>nlsz~9U zJ&*TXZ3xOt-bWjjiQ{06$1nu;SwV0~qxGD=kVGo_W{-68fwU?wZ@nUR9<4XFD4FXs zge#oeXGHp5ylB(S$%yw6mJua&e3STMv_@cz49X8=!SG5cj|Sq|PKrh5 zjZ4c)b9~jD)|-~o>#1iot8;6rB!-4rz<9O9v$H1;j5i|z*B4t~;*Zs|ac9h284u$DNDjTPMPzxJ*)g802FFB*vU)C~AHNZbDlEY={+-9(S z?M60*lfl1`E70^80pjfG8Wj2roi4)0er3h^rRZU=KF0D@_ZoVEU+{JOb0} zbd~MX~u(Me=osRLF&SUPZ zlopbMfl1#fM0BS*)Jf$$aapRPqQ`Y9+rYd1i zQgvw1b6(IN2Z$T$cm}>l|0(Jm+in!=5w?x%wGYhGej)y$#{qZdvmMu% z`k~QIwjGk%xp)1re7o8Vn%=%Rl=z}jG~PtQTq#0pVOhn+!ZGHY;@OS-7ICvm8o&Zi z^`_hDj4zJ=hE06?2cw#+GHy{fRn_xc$SOTv%hsI9myax`G1)`=c@P47ZUrmBO**C$ z@#T-Cpdb5eSQ-xDcgNrgI%lE}31??#TU$=`6JcRtJ3BjZadCRQj*gDT#>T9ytTv7} zb=Ap3qobp7(a`~?hwFW@)QR+x8(Ukd^|@2Ci4Ih_`Xd5=tjrHXoBhlpC}n(@AXm2A z$h4h%W@(wYb9{y0yBjhX8ylOiQjI zG9_})E=7n2+IDc-yDM zkd;H#9oMq*;YaZXMt)mYZE0Glk{$UIFTIq)*Xv+Xndma7-HHh+Oox%aRe*e!VGCoU zcB*Cn*#Tn58&X0PTf7n8dJu>W*k?7r16hJTS$BxNU_-?K4m zwmoFti=%nnaxo`-(u(!td%jb0Do_<34zx7BTnyRN2U{+&0yl>b#m&h0l!J;9p@pcc zZ0%@{d+Py1WkaX7d$c{~@&-10!ky)up8STs_Oa37D=R64JR?j8VSPTn{`P7D5~!Hl zM3hIpSmn)XTa_#efC{KU__C4BjGY4K59{9y#+>XaMF3UmD`wu-L7VT$CX0qIY<({o z=zCCsO4Mv^=r=M7iHtP`n7H|dSOvbfv#4mc-P(S^l~Sb9yyPs5+^!Hza~>Wu@?p9* z7d~~-N!t*YH|WPf3>{mSi~>Ry$@#csW@bXTWgXbyqS!w-)!^~XwuAQs9ucA|#-Qhi ztTXu9*PSOQQJR}8uW%kG<4(h~=b&f$C(-Q4yg>I!#sXpBuAsZ;;eG#B^Ncraw!zD` z1{WiBNzfVd1I%gU(a7T8?;j@N!R8S1T1cMKO}M^I}+pa0fY!!x&mfNoTu_1+U7+f^`s#M(kh$LpEk ziJ%5p_U`M#UO2EMw2EiWwXoVA%m)oOIg=4Z`c{HA({32#X8rR7lYk2gZ%-#VW4F($ zo|-dsg8WS91zMakh#y)}qx(@N7n4BqRp;Rzd(H|sK=dp2#{^dzW^7+By1b#M!C$t^ z_uli2PB+Lb0`XJ5ro23mfTJJU#=`URWP$^yiZw(;M2gKeVA;(fmuK6vHH@+$L5oeU z6$Vu%H!tFT`}PeAy-Z?N+koe3(Waz}1~*?_W<{Jg=4j2a2VCq5ORtf96X4A1h6?n* z51D2}0gs&~-D6gxcPM-z1LhXxmHeSf{L#+nMFAhM{t%ivKBa%BgM8xORr28{FVT79 zpW+&_Y-JpzS=`*s2X+pt8u2yw)Y+FM@tIATt=Oy6%QiwDt)(qKPqs)3DrRf}KwD`k zHUM!5N^L(fRaMTMBbXzP)*yTCd#tn_bJ9j#-=25_WIyse{ZA~HUMjY)Vd>kJ3~I@( zTEL2q0Nq`qK99OMvXmBo5H9ekcE9D_maXM^5z@9I8nU(KEXo^~`gAFXJ#Im`8lVLX z_WyT%m3{u@gz>fiuxM;}+p>S`T+o(7@aW^rLXp6OqU9~JqD0M_sh{M_=_z@i-CEC< zS?z|R`T^KhtOea(tCormUjOU?Cz2-zRF@=;LBl?n%gwiu>cLk1d!iVeEeo>D?^gE^Njh-%eDe@wYheim1MieHqSpdehbdX zi8e%}Mra!9pgh@=8Y(-266;3SQn82Rm&f`F2_0k1M_V01?SD)8du_Bv0C{zUfM9c< z<<#|Vr;|9c9oP(iSatd17%64{5prBJL)Or~uq2Sg5TqLIU&ey+gEx53w32v!V=I5u zK$nSwp!WGIhsYw&?cvr;i`&k2PPB~6SFXBN7sTduG9?$K?#A<&4y=lI z43@(cX8gO%ir5=WXzOQfIf^_liV`syHUOd^HJg*j6XoF{WMcKjnGC|WeJhFFf<)`+ zoXb~YA+7DjJ%#4P>X$6SPK|N-7^FB|;*xqS@HbnfFYDXnU}F4;Qt`L5{fGfnh3di+ z!o}=^RyFkl700U_0G5U0GB#3D#kc;EySuw59vX18p%6<|XT8wf{do)|4l;B9FJ2vZWjv@^?WN&vdT_RY2v+0m|N~E>DX2ZrG zwK%G;oAQJzhpVP0y1l{NeORgnl&E2-%~(H6TedZCrnyGqmoEZ0)HMo3Aw=VAhP6^h z)BSP~B zEobz2`xgcO^V__+-YWSx8N`DnGj?8XU@uSgi8Eq^m^3IU&`;h=<%Mu0F!I{59+xAk zvg6Z`bek{7Ta){A+6j_8u-3h0uHfO>oy}E}HWdE?>Oklrb~b%Pc#4gGoTS*LP|4+| zRsuY)v`yt%ve~E;(Ro3>?0ayL9L8Cl;~D!B`Po#UJ4Mx79m$#HeOLKO0564gTkNG+ z&uLPFs$o~qz-3b7O(>qG<5!*+*V*o{H}h^Hv;(f{Y8qq@!_O~Eh!J{JJ1u#A;y_*V z8cQ!?_2EQ!9_02m=dh~LZp`qKXDEN~!8gp6@b0Obqdq-BXp7td)pj8)$ja^-+8s=l z`v0`|-BD3(OP_eXiim&$f@F~_Ns?qxaz=6n34-J%3r&Mck}Nq$5CO?KHCf3`&anwC zIW?han%KBLdIY`zOw}P@dvvKNeI}H~siZ zV9M%Ay8b0)CEiA+@sHO1vB@PXud;%u>hcfz=zL>3u(`XAG2NB12`&KS!3h0qM~hB91HBtNpAu>Y(fyvNiD3-@pxwjNL%CO<$dy@ zG&?)Hpg@t9L%;k73>JEHtc9$vqec40_C<@s%2>hBF}vz%XttL)1%+){nKLEHVX(mWYE9p&wAkD(rZ1muErifO&9%+r-hFVUKe{K>MPn~_fDn_u#ygfy*>*X2wh$)A2yczgE1A&SJl$*I z(}VZ3sfacBBz}Iih@1!CdsJF^1XcF)*v;E1PqCCuH`W?!ipIM`(E=-cjKI2I`JS>F z)ween^3VIl4)>ds7T-KOUTHe0np}9-CxWJeu)d}?aAX=1taPqJ&NmVz#!kZBkXYPf zSrZ6n`&8$``1@#Q#+vf;*NTw^;L=v?ey#-f%C~*Gt5ave$sIs~;}tzhOXyX@6fUwc z-%RpWs|1gtYV4Nx{^M2Qs8Wp?D;Mu$_RF86-QotV2y=Qwi^@x<<3!ON5DVY8=5&_A zDCAfXSY1M~J3voKQs6w^G;YOh&b?BFZq%dhr9~>4U_0^RL#9&x*qG!>k%FAfhBA(c zd2KC+wp3Ks5Z7D6t*Pe5(VF3EtJcP~U{}a_j0bMm+hjAMP?oaXz{YLaqcwp*@Wwcg z)bpeONm8aA6FXMM7rHwVprsx~H@#Lxw)&c%FT4*%()PQzeg(W)UBNxtp3m-9KpU_( zrv!P_m?51q@~ihjt9j82gScq^Q!oa(kllT!CZ(_W(Kxqes3E`;U zdCR*mIZx_d$A2D|h4JQTq~XkAx_z`U(yX2-QMu(~q$bH>H6L8okGELywv81lVFhAX zoe(tkJuR(8N(W!b5FA+2rh!_UjNPD{ro_n87TjsdY0E{cip zo2r(3Wjf7=5Ki#B>??iq+(#pXfALMe={lvd3!{A(b6WZs+tW+&@gt;XMidlS*bbY! zHQ~X8SLVKYdk2EeM);{`=WWyngSZuZgq%LZa|KnsM(hiTOJo_zXnzHQArRG#aQue5 z3}E!ug8U25d6wd;rrfY3VWO~i%16bcyybZBt7`Om*)q78bec1BorI)MUWNwp0 z0SEK``#`YYj+l51+KWUYF(=K?nd9kfG<8FkW+9Mo*)2ZLp8Xg|axJ4%(j+WPrhn35 z`qbI~#OYu?)yrE$luVUcJj`eIHqkFZV<^wlb0BuQuEe)%-tH5-F89L3e{cS)`bv$~ z1M_d+D-OsWA|FQF$EV1m^^b5DL!O>)huACUsnm#@9NKU(`}4+*wklmORe&sHlNQ%E z-Gk|0o;$jNK#!;9-PQ*M1O=TF4|h~prZ)Mk`yVH5#j&VQPEFB?dKRaqrhfbO4TuE* z;Ws?Y*RPM&ru=nxlj=4PHuqpu(k70!YIn0gp>F0C_O?y0M5s@!%+_M1%{?s~d_}4v z(i{bJoX5tNEi9LbW8D_2)P~PyxeX}TZaLc*D#cL~tkj7`Frg$8SHD}49j3LSYdY&U zVFtO3g{{vZkzG;Z>zym1j}o`k_bOqzCLA#xuRmi5krG>y&D^T0s<~uc%x~5bVn!a+ zWcI}wR89Z-rRjFqYl!^-G@OTlMBEmD<=Ep~zYTI6IFFd_h$Vu1o1|yPrs)hH#ZMnr1aV&Jw;E^r?d#07DJsGV=@T2p=_OGo!gPOK0cwno*P5Y zlB6Y>T72~?COuhU5@75oc^w@_eG#ZFr$bPKzp~Fe7MJp7MaRqxT_GkONqsRL7`XB) zEZVAZ51((;RY~C@H;;LBWvweNI?$z{K6i(kWowZ|F6qlV!Nql_RY~xti zf;4$)XF-M*E^eumi_%Qh>LUyI59x=ICSWI%6|9Hs=tVUsl$usL;>m z|f`;eX_~+Zz*EgJmsM*CikSN=4w>GIODREg`E>zc^naCM$8BKnGh};Pvp-wzmE}AEj(%t*0{uIenEFpJogbZrp}FP0Nia#+V5W&Dm_p z%81*ChO*@rmwZm4dm0`K<0B_eikaFUAJ^g0(!BdLzYlfR&~WH5s^P14(75$cq3VDV z*Q8)*%p@x3i2DI@rMIEBHW6^NV>We2cr$npTVdH<>onhBH}MqUScpAj{5892Z$pqd;aB)hk5RY39jQ-vf=M%lvhPx zx>HJq)|zhLSlaGx3-tD}jA~%2J*Fx(lY^M7WVaiR?Z(Y`oi$P_Zk7^Zwo+4x=p+*o z^ww6$te#bl@g`HG7_iw=Jc!{L%4ih=BjJf9MzElZU!CDFri<|ct?o!Fd9MD1_;`h{ zBzN!Lb#-;EtgMWUjZHJQIjw0+H-9`KsML z@0MxmJPR>xar;8=? z+iL3TKeDlGy>oaYlOi*Dej$@tua*7Noyf~0%glfq*xQ8*a&jF4@Vn;^C;T`FiS9wJ z#++;}bpC>5)YjJ0JU{~Q68wAj4pBt=M0b35H_`CjpmY0Zy)sit--`~(B~@m=Jf2@E zGu|sw5>J_t(-q5BFBof>7#XMO)t+R;ZF2x)wTrWrl{>HiC@wCR#E3ryz#%~M3$~^I zX)6zSY(H#h97{B{xX}M9DJ1Vohrez!rJUi$WDUdd+9jK>vT@5I`(t8;}9df4_*Yxal0&Se-2N zFT|3Bmij}0P-P!X&vqFJN+MnUji&-6jzq`*6R~s`4H3@a;QZhY%yB0VYCIiL8sx7pE{(3Q^R~Le zTS)1j&fjnP_$xj?c_$WQ25eYsK51{0Vu;i1m4p=72n;BOs}8XDDTWf@6GTR|Ce71r4nXymxaXu3)-m-VlFichPAcR-)DcDq%tG+JDw=o+d*=1kL zM=ApfnCR>l9+rIJdh*r!D<^EK3M`0?AvWTA*Hmi`&5-4dl~!EFNP z)Ye&>dFw^~YLt$pcd_c6?&_jj5(@-s#~nQPp6SupyKRcwj|Cm5cSrtO#5@TQxP|kA z#x^-;q8A0&RscxT@ial>K^!WYJnR;LKtF!rHH{E|d>de)^apwTy9 zx~Gre%CTP~$&AUQeVbeIdec3`084*>APeQ`%Bmk;x8@ZpMJ(J>*kSaA|%{0sV0u3*LZK%1cjLC zKrYV;o=v~d_FIhWNKJ*KDLB*r8}rs9Kk_bCm05H9ESuU!XmBdf3t0XdB*$!qHa~){ z&IDMtvRX(p5A~&aKN*nlhunEfjZrGgLe_^LJz^9dm~~3IBv$pNe=}zyOjp>aDbCUx zl{lPH=`eE`#7rWu*elemX6>H^q!C2-dypgqyz*ZElE6l*-;2+205dB)UT2iam6dA{0B`WOm@k%&exlzD zQ3W-(3{UrX4y;N|=5*7?eb{3D8R1n7kd_+KUppKud3js&X2yA@?s@J}SFk}>l#R0J zeze66oQ8Xfo2^FBDQo$r>AFd6Lzw|4F*=MD&ih0Kr7K+owq>Ium4eFoPnYjk5#023 z>DAp-LMDekL#NBSfBE@K(ICJb`V#&396ykvXI5zcik0*(I=d4#yeF;MP}P2!Vzy#g zHq5eM4xA4<8*JFduA!3XPP$==N?xAO##=Hxm2OpTD2?l%rK86MsS#09S+CsL14Zu! zNsW}>M*-QjiuOe;L!gX+Xf2GBUTOp2Sz~N157|g4)(G%$bT6CLvlN zvVGpl5C-cJYVkaVrwcNenx@!VyL3yI7~BM;qndDjgzS%JP-fm&-YT7KdNa1hN%fqo zE;(1!B4;`lG8h_h0U+hk-+KX?AOEP-*K{$lou*6zZI%s(@BOhulJ^ARZ|`856fo?C zPYyq3-%3jJ?cF?`D(a7i_Sr;B5Gpxdzdj|VVcuA`9cg8pKb2*fcVUq-K>77m{$jr0 z7$`IU83g=?jhd63+-ypToBTZ;=+Z;gpvIKm7aBUZ*jDYap*uPkPQr>xPuUNzMo5t} z27;dY`Kb;4uUN;O_4x026^>?$sni5Urqfono5(mH z#LjG?2%#FvZk1}&6cOolaG6?XOQ;RwJEJI_MfVAI*m`AU8oU-96KPVxF0nB)dOGGs zBh)zCZ`WPF-m*Y6S(aw``m4=bNARG);{X|R>oXYVBx;hb(ZxLg!Ps1YqRBk%K9P{9 z`XS@LrHx|H`-8U^?SB%P1}q{P}jU5It^oNO2qV0T z@7vVSqig|;!V`9Q=Xb}Za&X3=Sf0MMpKe2RLBm-k$za)-kG zt4sUjE`8}fZ#SKgsQ3g84c!sGbQ^IUBkSZ($L*g3`|R_Gh!c4;Y-)yQXZ4kJjXe)h zC-C^s>mtOE2BH-~{?x`F7K!lv52>}?Bz$hjo#fLiEXJQH!DG$Hkjh>eg$4xMsjPiALNRgP8q55p zzCAr9rm|D}?CLV_Jo!LQHxYHu>LjRp5cA2r<2IZ}`w<&+o~7*@am!!RAEa}qOkAAr zVTR@98CMeq8(D<*jCuq?P-KKKYTcj*4{yt`q&D*#zaOII(QS01H+b>eNSGVk5`?)O zv^9QsjFxdytUfb8&1rI*mq5+&a748$8FL2@paHI~{E2uk56yecAqge4oZ`$Mm(2uIV&N z>+laqE&Oiiy?x)6vuSj~`8*h-wxiGZgv}4m34m8K;QK*T065>;hG#U*YjAn}%LdsO zwKfQ}KL@vrA=$v&7E#K#!es629))Ln7n3nc!YzqE)YBX8fb^0pcT^eCm(m+3tx@S*&xK=XlX(<$=cv(d{ENSxaSyYWV~PvA z)abjm%Z~ZRE~)l=dTE~+m-`33{mkEQmVE1{i~andb8`k>eo&hZT(03betigM6+N6mONvv+ zN;kvb&pbON_~3YB{Bsv5n&90t(`pQzG4^s#vfopDaB1svU}LPpA}1I948Vxg&yPj< zU#;=yx|3@NdJtu|nK)qSnLWUail9O5UYs>DlkpfSOp z>#=F?dk-{V{rKAi4{gelvzg5OC&jbb;3y~I0g7CE^r#>|zgVme7MEO=cqDn7V)5wq zG$}ITL_E>QZfx>hU^!(-kVJ#`!O`jY0Za^mZFmDUtGCQ!DtWzi!uXi+$@LHe_>LPSQwP#Y(@@T(93HZykr+o(v z4fuJOhu_a!`IVk@Q<_1XE@LW&qQJ(VD+tI-Z3aoYwW}z;utx%nzWeu`%L0^bh^V-F z2r&n|(i5tJi)eg;14w6dO;#g zUrWrwRCg35zgxRb=8sSENox7w_iP2=A$=5?K3gQz#O~I8X+QtiTAybyHPPpO?i)XF zHg@CZgQ2t`TfFGWN|CfS@X+NE$)XNPt{nSd!_pQF^+ugz>5a@o{yLC#Przl^6Jl3l zUN=lVFV*uvsVu*mvs0kIDipT2&vz|JUM*f-jzo@TcZ1m2RQn#Di#>@e$W=vTWTsO; zlXt0}-5H44^d>;~&Chu!K?BDh=w&Rvv-&Q_Jwe6fyhZxur=nabXlO_!T)d&nSf$!I zns(j?O*WiTH_0iHei>v3M)-+uEGWvS#02B0Fv3f5so_QB%v_QwI2h;>49M4rC zGUBMHXpb&V!}E%LkZUw2%pxTfFFn<)$}_<)?rl?wvA~Ch1Q}ywY;>RVO`~LASOK0j zr!hqDNqv`1osFKFlW{&qIdi{1SU95J-FavV0ZaP=;0OD^J|?nrp_O>6UCMQtS>>%m7{20uwzx%uc z@Z_(Y8T9!r+xIh8d9w0kCp^``78ES=2|iNd?5Y4DEd+uv;>=;lwF|AkUuomsZY=knKPc#=dGfpdtkfjpV*TYX_B z9wC#gSNUe;fM1Wh5_t~yNBwGEU(jwc%lFe`3Irn!x8JSXzS2}uT0-@SNHMHAG-nL@ z+&gVnABx&5NL1bEEJKEPTDkToa8*6|1#h<5uJ#! z>Egu)y6pvR>B}9Ex~P-QGxw8cH&MGkQ;xjlUa=aIwKZ3Tr(|55AjDhA{Le`qE_rUJ za5J2DYYGW-Z6S6=$+=BjTF|VFiDxtSynxN1(^e>|L$G1yLefb112>(qtM~nw@uR9I zz+B&+tc@l}D(kKO9WP+n^39wc4lGc@g3(lg=WbW|f*OkSJg|Q(Xx3>jibB9@8U}`* z^uUrOtEKgkcW2tYO9{qYQBfd<_BA`^cOVIfXq|t&h5ye$)g3Q$bMt@8&l~wB`#S;! zcl%$6wE^KXASC*)2Le!}>-rPd0kgV#CbTB}bw-Bb(rX zRz;ZVYoiNOZPvAQGE~CO`E2Q`UaosF6|jvfUGMbRdpn)r;9L;I#3L`bwe8(} z2YX?xW_SB-Izc9DMavey?yf^B?bwsM1-W8rd8@rJNO3S>5=G;ZfrEylG?e8}_{3*g zpEkZPhU6v_AcO6W4v0 z=wMKt-k7n=>R1wy;N)Q9^K#z@vGEBpTR!F`)zGbxBsOTkO&ot4Af)sd-a0vTnr6iD z{kdSp$yf;dzSf%qox!Z}i&^e|{VQ>*o$uYH@Nh?#FR`xr&TkteKiO1acYjBsebRo)?twn`xvLF&y={zO=MdjKu{# z9-|HQ?=|K#eN%W@u+#f=bi1+m{i+*B^nCOgKEq9%lU<-GzX7401O!;qM`6*lU5C3F zmi>L(o;Z^(96>Mb9u{)~y+svxMJ1@Luz$L0dfIh2BdGZUpt z(;a_2t_E&q1{&pQCXsq|$Quzrsw zW07tp`pd@TOSz-dTOxqqN&a40xSlfvt8$5NxEPw_ZWD4oFh{fp_fP#CANJREHucOO z(%plXw-Lxy5`8U9%?ZP`>zXZU!k8^WPE%u2&~t(3AzNh+g08)sU72sy7Dd9}zEJNU zzAy+R4@f}y+fi2E#SHJ%b*s~k)8sMdzIoe>DHUAC2V?ub4(Enj!`O;!Q_3XQ<7jk$ zI9(t+3fg_NmkaPc7Y}+@`28MITenUJ@=vB!A&Uk1ioa&`-|O@CKkV1IJh0PD)mjss zKkP5I5cDJp1(owKMRq5b2rt9lI{0qwxBviDwgFh8sEHV_P^8((DQC4ntd6c0g>wx| znE!EElsFymU4A|zY;gND?mapf_t&b|XfY}`><9yS#+`RsCjyLokOiyN2X=95B{TVX z?Cp70ek@psjCo1lgtYI)AC~0BmBto7C4EjlTKc`r;b9oFE8GH2gu3ZDk59$X6ukCf zKQ@supWmgDKRuPVA2PGG74;h5Fi({C&F@lKlVU)d_ukH_`0xRK=X7R}$60Z?agass zAbPaY*xXjsx%x+WJ+8Ro^4Cx0cu!rWX00dfJqJ?F$DKcqcj2;edfvDeUu}d1Eq|$cn8BK^hUM5}R4i%g5@sFb7;Wi(lE4^7)hBcEm`p|+kl7x8j#d{7Fr>=%QBGh-!HV{4O;4Crv?Yg3ilbK+Ti+T03C zK78u_u7a8Q14Xsu$2@IocGQg(-P`Qaw^%an_K3DlsY#6;zI@u~g5Y&Cc}PW`8J`2w zWGLb846LFA`v2aV=f@8T{X`-g)i-_QhYQv;Y&ex~UWo>v)2@Ratc zsJQEN+yY|As-Zx{yK}EPqk#Y5hy5hv_)}Xi4Sr+-Go3dnS}7~!uvX7tr%NJ++p4i( z$CsuK40E{EEFKw|?qJRKh}xHWIcr?Ywh#YyV})}>qp#PhBex}nLm-Z>Zu?>0!JK$) z)v5dL#)~Lts^+lu*H- zXi(ht_sTv#r|ypwN+d+ypi~`A14+bEdw$a4ytZeP(;du)-r;3WQg)&5JHP_>06d}Y=zhYI(qQW0f4IR38%Sz54ag%w8aB8pUxI2*3~5+-p8`h5RuS=QUKe zRV38Sw3Xhssgn)R;&tf8rI;()@}Zf~b>Q3Itp;Av2|2dXH6C1s+n=*0FGRcppTiqQ zo{l+nl~c0V^k+O4_6rBUvK!=x{GfIGu8K;ssj{N%qIesT;Kk)cT_Uz>NLu9bbj%?( zey}U)rLFgO!vGfK;T@a#Qg3%hdr9GC_N;^lL1tW;3k4!wuRDePGt&$`^?>G`cqy9+ zA{r`iH{=OdhrQeDI|*q)YITJb4oI#hXsy#+D7{p$>J0{pG4T=781T7PA0F%7LI^u! zig^)Q{IjSh*sR6vg5?hFH5yD$0SXWOiugeaz;$_OLTmC^|p6^ zHV(HXL{WC^CelEFh|V~kcr~+mYS+Uz2Div}R6=m>)^&j20Qd-&RdNz@2ccU3R@!;o zdkHDkORldpgzzq#qPwGa?~_vxXX}-`!A)drK2Yy>p^wZAk%%mENTWzR zU-f>?nCGIax_t3I$2ch|$K{UK@_tiS*JjCc&&ZOmYb*ZVWcOuLU39)y>3J$hgRhlR zFI)H5U`fjM-`v&M#^7V31BYjTkdVwy+Da5DYtGA0dwBJ2Mtq{uTkXUXpMLdfLX&2|%QV?y9thM9oVHY(I1 zzkeB}oOJ!64KnhapWlh$u;mKX5iE|DSK`@ec@zIXk@HW;0Y-{qjHPA^&DO z~ zaB*>e>kELP{q`na`1tt0Pya)W*IypirT_b^;PAvX)sj0NJP`=&{O`#5ub%q~&>|LQ zhV#C3^aD_FR1W_yO@WL6a6vHO4+#he{;5V26Pn*@q@e-Ofd6QHq%W{r4){i(=!K!l z6c2*y=~L`j`(@U4c!Ub`Um>Zyi<>|~19Wb777GXYubdqYSD=8gCg=<+; PUv;G zI7EN}@}GHSfU{DUuUvSK&OgT^cL3$RkCOY(qDI#e{96#|f9J530x5awZ%qWOiUANP zfc(n7BnCd}H*?iy?CEuzUZcV!>5x`fc^sS*^k=IpfFa1k=sQ3kNJIv$> zuBNW!0D}4}nF5sWQ3S`5)FIGr`}XvR1xMvdqd!LrL(f9B1J8*7TfcCPDz16 zTuA{SXFLQp8?cX7>Oipa9Sj{Xh@PxIh8syiuUG>`e{ka>7Kqy}<$p>IVcmcsVHPa@-G7SBCq8#VduFwjs$=sjzidqZCZ zAHXPR&fTp#LQb3U`Yyb2Ndf8lHe*3HIUVz&jX&QOyDpkGH+b!FJ$@o#iSWVfGgh*4 zu9SX<9+nzO?A+iPwRGAMcu2|9>$h0a@%_i1emXU>zZ%+@SNkYG{CM{qm!9<-zy0a) z)K9#$PMRe&o6*k-=CXDz;W7W2y0-ZdS_I)Rtl=>{g-x%{kdTg9%&l`llv^Cq)Xar6 zD_{`NZ+}-KuVQD{L*qezO2efM<>R$1-Q_1+UN&o3_i+%h*;N~^M`ZkJ@+<8D{haBm zmGHluotna&bzYKa|5;;Q3XV(rX?s{zpIMEdv)rMbG(b2x*WJH8gGm6!TF^2q8^ewH-J13 zm~j_s%SeBvOX+n8qv8#Z$)Kd8p^*($c7hruq}?Y;icLwRmLG^xecP0m(Alq`^2xj= zQhCVAt4BdGEN`u&gE7y#+{VKb%57p13UnQ-bXsIYo;(@BLmlWZ+V+&6Z3>~L0;)>x zzs~jr>lC5Rt()E+Au0Qytci0vmR!MH)AfxGkd2RtAtzg|YbSdQUqEC^%6*c!*o>5f zM-9$3HSltC2v96TP(gdqVXSXoM$V_#T$H9{6Gf(?N6Gtj3g_iaq&#hftH@>N1ZP|~ z{_*ad{nz~Q3xd3CVl8PilN3=^@BJmy=3pW^!S1yvbw&!GJhS?_U%fP6t2}(5EE!(> zq@TxqXa`f)dK5%9pDDhYZWG@~Y%l|*B5Yzd$*kst;DwL`d|XXoPZqK%=H%=9_A)~0#@J^=&&t)s?==pt(X&ZI*{cj zOoN;2ZRkCnOeE-ZZC4BYJe-iK0kr)=)~E6*pCi{olhB4JATe;$|LB@+D0TYOcqnxKD+wQ?`=0TSFHY z9ho?V>j93xgNz4=bBDz!w5O-?dde4th%I67O94+P{?IIOcLN*UN>feir?y*lU;DOI z0)vj|-lBw|P8r1qcVShZI;yAFZ9GV2Iv(nDZx8aP^GLhCu2bADt86zh$F{7v+dXnN zu8jdnUiDwaFO#yNbIpx0NQko&?M0?U?A=~F0{-r;bZ=l>JfYgS0I5g5y;U^H;!=od-eyZS41oM;H<~7lKRfqFe&sKW%SqOn zOG@Q<7PG+(xlqKJ;O67|f&PewdvHrF1Agyl>J*XD*}o6n%Hevhsq25dMbn7cov*U0 zMfThX7?{e8R4~su2n3TcaBl7&;i8QGt-$|HZe_Iui57;d6(xH z(dpzn_h|V&U<<>6GV8l;@`sUzl`iX8lST(?HR|KVD@Q)KnG8TP3#{r@e0O%z!N;Z5 z&*^vqo#!k1ioW-u6t{|}8|<&52z+|8J5_aqnQefH&qf)3Tl#COKfR$2HB|t6C^;!9 zwWLexSp6JNu|299G-c2b9D+O*BxDtzwC^lFc*>^-4LQW-`eTpEP7&Zl;c)I$?^?#X~o9d5EWH#whshqwLdy-iE3*s0)$w4)A z2N*{o9;(o)XA}_;?n-iUx3f3Zc;fmUj*|`|RCuG$LzZZYs@l_o6g^`-gx*Epp3-oV*RSJff4R+f5+>+ z8DU#9Q{Z_tFm(P;4r?KS=X6G~=%HLnGezl&qQ&Et<92bN#N|z>F9V#M)A;?ht7P+D zO{}Y0gFe%MuTtyw2*2R$=;{joqYNlKdE92AtMUghH+n&p1~Ply{MSGa{M#)KECxlc zr_{suS>QF=q}Nl=>nfUBaTM1xu-T__fS<;KtR^TJJ&WbyytEowIh1M n%Htj1ck%s`06IEdjL6U`py#^;7?IjO{P@p^~e7LF^ZE> literal 0 HcmV?d00001 From f1e2e9e93a894561f5022a812c44ca8ea658dbee Mon Sep 17 00:00:00 2001 From: KC Cross Date: Thu, 11 Jun 2020 11:20:02 -0700 Subject: [PATCH 27/73] Acrolinx 2.0 GitHub API Identify guidance profiles per repo within the .edn file. --- .acrolinx-config.edn | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.acrolinx-config.edn b/.acrolinx-config.edn index 4a22e37c62..61cb120716 100644 --- a/.acrolinx-config.edn +++ b/.acrolinx-config.edn @@ -1,5 +1,8 @@ {:allowed-branchname-matches ["master"] :allowed-filename-matches ["windows/"] + + :guidance-profile "d2b6c2c8-00ee-47f1-8d10-b280cc3434c1" ;; Profile ID for "M365-specific" + :acrolinx-check-settings { "languageId" "en" @@ -33,6 +36,6 @@ Click the scorecard links for each article to review the Acrolinx feedback on gr " **More info about Acrolinx** -You are helping M365 test Acrolinx while we merge to the Microsoft instance. We have set the minimum score to 20 to test that the minimum score script works. This is effectively *not* setting a minimum score. If you need to bypass this score, please contact krowley or go directly to the marveldocs-admins. Thanks for your patience while we continue with roll out! +We have set the minimum score to 20. This is effectively *not* setting a minimum score. If you need to bypass this score, please contact MARVEL PubOps. " } From 9d882212fa75af5712d87115a99482e3c7196d7d Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Thu, 11 Jun 2020 14:39:01 -0700 Subject: [PATCH 28/73] Release notes for 2003-2 --- .../microsoft-defender-atp/mac-exclusions.md | 13 ++++++++++--- .../microsoft-defender-atp/mac-whatsnew.md | 6 ++++++ 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md index c5927c9a88..cdb95e6464 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md @@ -42,9 +42,16 @@ The follow table shows the exclusion types supported by Microsoft Defender ATP f Exclusion | Definition | Examples ---|---|--- File extension | All files with the extension, anywhere on the machine | `.test` -File | A specific file identified by the full path | `/var/log/test.log` -Folder | All files under the specified folder | `/var/log/` -Process | A specific process (specified either by the full path or file name) and all files opened by it | `/bin/cat`
    `cat` +File | A specific file identified by the full path | `/var/log/test.log`
    `/var/log/*.log`
    `/var/log/install.?.log` +Folder | All files under the specified folder | `/var/log/`
    `/var/*/` +Process | A specific process (specified either by the full path or file name) and all files opened by it | `/bin/cat`
    `cat`
    `c?t` + +File, folder, and process exclusions support the following wildcards: + +Wildcard | Description | Example | Matches +---|---|---|--- +\* | Matches any number of any characters including none | `/var/\*/\*.log` | `/var/log/system.log` +? | Matches any single character | `file?.log` | `file1.log`
    `file2.log` ## How to configure the list of exclusions diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md index 57fde3cc75..fbf351fb3e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md @@ -26,6 +26,12 @@ ms.topic: conceptual > > If you have previously whitelisted the kernel extension as part of your remote deployment, that warning should not be presented to the end user. If you have not previously deployed a policy to whitelist the kernel extension, your users will be presented with the warning. To proactively silence the warning, you can still deploy a configuration to whitelist the kernel extension. Refer to the instructions in the [JAMF-based deployment](mac-install-with-jamf.md#approved-kernel-extension) and [Microsoft Intune-based deployment](mac-install-with-intune.md#create-system-configuration-profiles) topics. +## 101.00.31 + +- Antivirus [exclusions now support wildcards](mac-exclusions.md#supported-exclusion-types) +- Added the ability to trigger antivirus scans from the macOS contextual menu. You can now right-click a file or a folder in Finder and select **Scan with Microsoft Defender ATP** +- Other performance improvements & bug fixes + ## 100.90.27 - You can now [set an update channel](mac-updates.md#set-the-channel-name) for Microsoft Defender ATP for Mac that is different from the system-wide update channel From 79ff52480775adde4812a72f18e6cbe7b9b0f2a7 Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Thu, 11 Jun 2020 16:25:58 -0700 Subject: [PATCH 29/73] Updates --- .../microsoft-defender-atp/linux-exclusions.md | 8 ++++---- .../microsoft-defender-atp/mac-exclusions.md | 8 ++++---- .../microsoft-defender-atp/mac-whatsnew.md | 2 ++ 3 files changed, 10 insertions(+), 8 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md index ef0797f456..b35f7ae596 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md @@ -48,10 +48,10 @@ Process | A specific process (specified either by the full path or file name) an File, folder, and process exclusions support the following wildcards: -Wildcard | Description | Example | Matches ----|---|---|--- -\* | Matches any number of any characters including none | `/var/\*/\*.log` | `/var/log/system.log` -? | Matches any single character | `file?.log` | `file1.log`
    `file2.log` +Wildcard | Description | Example | Matches | Does not match +---|---|---|---|--- +\* | Matches any number of any characters including none (note that when this is used inside a path it will substitute only one folder) | `/var/\*/\*.log` | `/var/log/system.log` | `/var/log/nested/system.log` +? | Matches any single character | `file?.log` | `file1.log`
    `file2.log` | `file123.log` ## How to configure the list of exclusions diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md index cdb95e6464..4e65c42654 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md @@ -48,10 +48,10 @@ Process | A specific process (specified either by the full path or file name) an File, folder, and process exclusions support the following wildcards: -Wildcard | Description | Example | Matches ----|---|---|--- -\* | Matches any number of any characters including none | `/var/\*/\*.log` | `/var/log/system.log` -? | Matches any single character | `file?.log` | `file1.log`
    `file2.log` +Wildcard | Description | Example | Matches | Does not match +---|---|---|---|--- +\* | Matches any number of any characters including none (note that when this is used inside a path it will substitute only one folder) | `/var/\*/\*.log` | `/var/log/system.log` | `/var/log/nested/system.log` +? | Matches any single character | `file?.log` | `file1.log`
    `file2.log` | `file123.log` ## How to configure the list of exclusions diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md index fbf351fb3e..40f7391213 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md @@ -28,8 +28,10 @@ ms.topic: conceptual ## 101.00.31 +- Improved [product onboarding experience for Intune users](https://docs.microsoft.com/en-us/mem/intune/apps/apps-advanced-threat-protection-macos) - Antivirus [exclusions now support wildcards](mac-exclusions.md#supported-exclusion-types) - Added the ability to trigger antivirus scans from the macOS contextual menu. You can now right-click a file or a folder in Finder and select **Scan with Microsoft Defender ATP** +- In-place product downgrades are now explictily disallowed by the installer. If you need to downgrade, first uninstall the existing version and reconfigure your device - Other performance improvements & bug fixes ## 100.90.27 From e2d132d8d1b8e998daa09b064f34b604a8e0b3df Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Thu, 11 Jun 2020 16:27:54 -0700 Subject: [PATCH 30/73] Updates --- .../microsoft-defender-atp/linux-exclusions.md | 2 +- .../threat-protection/microsoft-defender-atp/mac-exclusions.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md index b35f7ae596..5d04bf7089 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md @@ -50,7 +50,7 @@ File, folder, and process exclusions support the following wildcards: Wildcard | Description | Example | Matches | Does not match ---|---|---|---|--- -\* | Matches any number of any characters including none (note that when this is used inside a path it will substitute only one folder) | `/var/\*/\*.log` | `/var/log/system.log` | `/var/log/nested/system.log` +\* | Matches any number of any characters including none (note that when this wildcard is used inside a path it will substitute only one folder) | `/var/\*/\*.log` | `/var/log/system.log` | `/var/log/nested/system.log` ? | Matches any single character | `file?.log` | `file1.log`
    `file2.log` | `file123.log` ## How to configure the list of exclusions diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md index 4e65c42654..af6fa6157c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md @@ -50,7 +50,7 @@ File, folder, and process exclusions support the following wildcards: Wildcard | Description | Example | Matches | Does not match ---|---|---|---|--- -\* | Matches any number of any characters including none (note that when this is used inside a path it will substitute only one folder) | `/var/\*/\*.log` | `/var/log/system.log` | `/var/log/nested/system.log` +\* | Matches any number of any characters including none (note that when this wildcard is used inside a path it will substitute only one folder) | `/var/\*/\*.log` | `/var/log/system.log` | `/var/log/nested/system.log` ? | Matches any single character | `file?.log` | `file1.log`
    `file2.log` | `file123.log` ## How to configure the list of exclusions From 876846d571f557c1ad4e8f7a20d7c123d391431a Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Thu, 11 Jun 2020 16:28:55 -0700 Subject: [PATCH 31/73] Typo --- .../threat-protection/microsoft-defender-atp/mac-whatsnew.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md index 40f7391213..dba3915c9f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md @@ -31,7 +31,7 @@ ms.topic: conceptual - Improved [product onboarding experience for Intune users](https://docs.microsoft.com/en-us/mem/intune/apps/apps-advanced-threat-protection-macos) - Antivirus [exclusions now support wildcards](mac-exclusions.md#supported-exclusion-types) - Added the ability to trigger antivirus scans from the macOS contextual menu. You can now right-click a file or a folder in Finder and select **Scan with Microsoft Defender ATP** -- In-place product downgrades are now explictily disallowed by the installer. If you need to downgrade, first uninstall the existing version and reconfigure your device +- In-place product downgrades are now explicitly disallowed by the installer. If you need to downgrade, first uninstall the existing version and reconfigure your device - Other performance improvements & bug fixes ## 100.90.27 From aebf0bc809eafe738528da97fb3e8165ee39932b Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Thu, 11 Jun 2020 16:38:33 -0700 Subject: [PATCH 32/73] Remove locale from URL to Intune --- .../threat-protection/microsoft-defender-atp/mac-whatsnew.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md index dba3915c9f..b1deb73638 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md @@ -28,7 +28,7 @@ ms.topic: conceptual ## 101.00.31 -- Improved [product onboarding experience for Intune users](https://docs.microsoft.com/en-us/mem/intune/apps/apps-advanced-threat-protection-macos) +- Improved [product onboarding experience for Intune users](https://docs.microsoft.com/mem/intune/apps/apps-advanced-threat-protection-macos) - Antivirus [exclusions now support wildcards](mac-exclusions.md#supported-exclusion-types) - Added the ability to trigger antivirus scans from the macOS contextual menu. You can now right-click a file or a folder in Finder and select **Scan with Microsoft Defender ATP** - In-place product downgrades are now explicitly disallowed by the installer. If you need to downgrade, first uninstall the existing version and reconfigure your device From 2b163375f0406e481b307257bb16e2885254ee74 Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Fri, 12 Jun 2020 12:45:39 +0530 Subject: [PATCH 33/73] replaced error 404 link to new link as per the user report #6940 , so i replaced the invalid link to new link new link **https://support.microsoft.com/help/4098906/manage-surface-driver-updates-in-configuration-manager** --- devices/surface/manage-surface-driver-and-firmware-updates.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/surface/manage-surface-driver-and-firmware-updates.md b/devices/surface/manage-surface-driver-and-firmware-updates.md index a1eea22998..0d168ed57d 100644 --- a/devices/surface/manage-surface-driver-and-firmware-updates.md +++ b/devices/surface/manage-surface-driver-and-firmware-updates.md @@ -35,7 +35,7 @@ Microsoft Endpoint Configuration Manager allows you to synchronize and deploy Su For detailed steps, see the following resources: -- [How to manage Surface driver updates in Configuration Manager](https://docs.microsoft.com/surface/manage-surface-driver-updates-configuration-manager.md) +- [How to manage Surface driver updates in Configuration Manager](https://support.microsoft.com/help/4098906/manage-surface-driver-updates-in-configuration-manager) - [Deploy applications with Configuration Manager](https://docs.microsoft.com/configmgr/apps/deploy-use/deploy-applications) - [Endpoint Configuration Manager documentation](https://docs.microsoft.com/configmgr/) From ca5561088e4a3531383d071f4478e030c1dae6e1 Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Fri, 12 Jun 2020 21:21:59 +0530 Subject: [PATCH 34/73] Update devices/surface/manage-surface-driver-and-firmware-updates.md accepted Co-authored-by: Trond B. Krokli <38162891+illfated@users.noreply.github.com> --- devices/surface/manage-surface-driver-and-firmware-updates.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/surface/manage-surface-driver-and-firmware-updates.md b/devices/surface/manage-surface-driver-and-firmware-updates.md index 0d168ed57d..2bbe968461 100644 --- a/devices/surface/manage-surface-driver-and-firmware-updates.md +++ b/devices/surface/manage-surface-driver-and-firmware-updates.md @@ -35,7 +35,7 @@ Microsoft Endpoint Configuration Manager allows you to synchronize and deploy Su For detailed steps, see the following resources: -- [How to manage Surface driver updates in Configuration Manager](https://support.microsoft.com/help/4098906/manage-surface-driver-updates-in-configuration-manager) +- [How to manage Surface driver updates in Configuration Manager](https://docs.microsoft.com/surface/manage-surface-driver-updates-configuration-manager) - [Deploy applications with Configuration Manager](https://docs.microsoft.com/configmgr/apps/deploy-use/deploy-applications) - [Endpoint Configuration Manager documentation](https://docs.microsoft.com/configmgr/) From 435ae94ffd0fabb0fe688517a8eafc5d1e139807 Mon Sep 17 00:00:00 2001 From: Charles Inglis <32555877+cinglis-msft@users.noreply.github.com> Date: Fri, 12 Jun 2020 12:32:45 -0500 Subject: [PATCH 35/73] Updated Defender alternatives --- windows/deployment/update/update-compliance-monitor.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/update/update-compliance-monitor.md b/windows/deployment/update/update-compliance-monitor.md index 311272e93b..bf80658e30 100644 --- a/windows/deployment/update/update-compliance-monitor.md +++ b/windows/deployment/update/update-compliance-monitor.md @@ -19,7 +19,7 @@ ms.topic: article > [!IMPORTANT] > While [Windows Analytics was retired on January 31, 2020](https://docs.microsoft.com/windows/deployment/update/update-compliance-monitor), support for Update Compliance has continued through the Azure Portal. Two planned feature removals for Update Compliance – Microsoft Defender Antivirus reporting and Perspectives – are now scheduled to be removed beginning Monday, May 11, 2020. -> * The retirement of Microsoft Defender Antivirus reporting will begin Monday, May 11, 2020. You can continue to review malware definition status and manage and monitor malware attacks with Microsoft Endpoint Manager's [Endpoint Protection for Microsoft Intune](https://docs.microsoft.com/mem/intune/fundamentals/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune). Configuration Manager customers can monitor Endpoint Protection with [Endpoint Protection in Configuration Manager](https://docs.microsoft.com/configmgr/protect/deploy-use/monitor-endpoint-protection). +> * The retirement of Microsoft Defender Antivirus reporting will begin Monday, May 11, 2020. You can continue to for threats with [Microsoft Endpoint Manager](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager) and [Defender Advanced Threat Protection](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection). > * The Perspectives feature of Update Compliance will be retired Monday, May 11, 2020. The Perspectives feature is part of the Log Search portal of Log Analytics, which was deprecated on February 15, 2019 in favor of [Azure Monitor Logs](https://docs.microsoft.com/azure/azure-monitor/log-query/log-search-transition). Your Update Compliance solution will be automatically upgraded to Azure Monitor Logs, and the data available in Perspectives will be migrated to a set of queries in the [Needs Attention section](update-compliance-need-attention.md) of Update Compliance. ## Introduction From e5a42df8f32c7c1155dad95884249d1f966043c8 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Fri, 12 Jun 2020 12:43:54 -0700 Subject: [PATCH 36/73] New article Hub Teams app --- devices/surface-hub/TOC.md | 1 + devices/surface-hub/hub-teams-app.md | 28 ++++++++++++++++++++++++++++ 2 files changed, 29 insertions(+) create mode 100644 devices/surface-hub/hub-teams-app.md diff --git a/devices/surface-hub/TOC.md b/devices/surface-hub/TOC.md index 67516c9773..867063cc0c 100644 --- a/devices/surface-hub/TOC.md +++ b/devices/surface-hub/TOC.md @@ -32,6 +32,7 @@ ### [Create provisioning packages for Surface Hub 2S](surface-hub-2s-deploy.md) ### [Deploy apps to Surface Hub 2S using Intune](surface-hub-2s-deploy-apps-intune.md) ### [Create Surface Hub 2S on-premises accounts with PowerShell](surface-hub-2s-onprem-powershell.md) +### [Surface Hub Teams app](hub-teams-app.md) ## Manage ### [Manage Surface Hub 2S with Microsoft Intune](surface-hub-2s-manage-intune.md) diff --git a/devices/surface-hub/hub-teams-app.md b/devices/surface-hub/hub-teams-app.md new file mode 100644 index 0000000000..4083dc8515 --- /dev/null +++ b/devices/surface-hub/hub-teams-app.md @@ -0,0 +1,28 @@ +--- +title: "Microsoft Teams app for Surface Hub" +description: "This page shows a summary of updates to the Microsoft Teams app for Surface Hub" +keywords: separate values with commas +ms.prod: surface-hub +ms.sitesec: library +author: greg-lindsay +ms.author: greglin +manager: laurawi +audience: Admin +ms.topic: article +ms.date: 06/12/2020 +ms.localizationpriority: Medium + +# Microsoft Teams app for Surface Hub + +The Microsoft Teams app for Surface Hub is periodically updated and available via the [Microsoft Store](https://www.microsoft.com/store/apps/windows). If you manage Surface Hub with Automatic Updates enabled (default setting), the app will update automatically. + + +## Version history + +| **Store app version** | **Updates** | **Published to Microsoft Store** | +| --------------------- | --------------------------------------------------------------------------------------------------- | -------------------------------- | +| 0.2020.13201.0 | - 3x3 Gallery view on Surface Hub
    - Ability to search for External users | June 10, 2020
    | +| 0.2020.13201 | - Quality improvements and Bug fixes | June 1, 2020
    | +| 0.2020.4301.0 | - Accept incoming PSTN calls on Surface Hub
    - Added controls for Attendee/Presenter role changes | May 21, 2020 | + + From 65e0c5ec71b385837537e557f306f28f5e0a982a Mon Sep 17 00:00:00 2001 From: "Jeff Reeds (Aquent LLC)" Date: Fri, 12 Jun 2020 13:49:45 -0700 Subject: [PATCH 37/73] Cut images showing old brand name Per Deniseb, but images showing the old Windows Defender Antivirus and/or Windows Defender Offline name. See task 4116148. --- ...network-connections-microsoft-defender-antivirus.md | 8 ++------ ...eal-time-protection-microsoft-defender-antivirus.md | 5 +---- ...d-periodic-scanning-microsoft-defender-antivirus.md | 10 ++-------- ...rosoft-defender-antivirus-on-windows-server-2016.md | 4 +--- .../microsoft-defender-offline.md | 4 +--- ...nges-to-security-settings-with-tamper-protection.md | 4 ---- 6 files changed, 7 insertions(+), 28 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md index 2992128fc2..1b7bc129b9 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md @@ -87,9 +87,7 @@ Download the file by visiting the following link: >[!NOTE] >This file is not an actual piece of malware. It is a fake file that is designed to test if you are properly connected to the cloud. -If you are properly connected, you will see a warning Microsoft Defender Antivirus notification: - -![Microsoft Defender Antivirus notification informing the user that malware was found](images/defender/wdav-malware-detected.png) +If you are properly connected, you will see a warning Microsoft Defender Antivirus notification. If you are using Microsoft Edge, you'll also see a notification message: @@ -107,9 +105,7 @@ You will also see a detection under **Quarantined threats** in the **Scan histor ![Screenshot of the Scan history label in the Windows Security app](images/defender/wdav-history-wdsc.png) -3. Under the **Quarantined threats** section, click the **See full history** label to see the detected fake malware: - - ![Screenshot of quarantined items in the Windows Security app](images/defender/wdav-quarantined-history-wdsc.png) +3. Under the **Quarantined threats** section, click the **See full history** label to see the detected fake malware. >[!NOTE] >Versions of Windows 10 before version 1703 have a different user interface. See [Microsoft Defender Antivirus in the Windows Security app](microsoft-defender-security-center-antivirus.md). diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md index a456334e1f..fbcf3e9352 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md @@ -38,7 +38,6 @@ To enable and configure always-on protection: 2. Under **Best match**, click **Edit group policy** to launch **Local Group Policy Editor**. ![GPEdit taskbar search result](images/gpedit-search.png) 2. In the left pane of **Local Group Policy Editor**, expand the tree to **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus**. -![Microsoft Defender Antivirus](images/gpedit-windows-defender-antivirus.png) 3. Configure the Microsoft Defender Antivirus antimalware service policy settings. To do this: 1. In the **Microsoft Defender Antivirus** details pane on right, double-click the policy setting as specified in the following table: @@ -46,14 +45,12 @@ To enable and configure always-on protection: |-----------------------------|------------------------|-------------------------------| | Allow antimalware service to startup with normal priority | You can lower the priority of the Microsoft Defender Antivirus engine, which may be useful in lightweight deployments where you want to have as lean a startup process as possible. This may impact protection on the endpoint. | Enabled | Allow antimalware service to remain running always | If protection updates have been disabled, you can set Microsoft Defender Antivirus to still run. This lowers the protection on the endpoint. | Disabled | - 2. Configure the setting as appropriate, and click **OK**. 3. Repeat the previous steps for each setting in the table. 4. Configure the Microsoft Defender Antivirus real-time protection policy settings. To do this: 1. In the **Microsoft Defender Antivirus** details pane, double-click **Real-time Protection**. Or, from the **Microsoft Defender Antivirus** tree on left pane, click **Real-time Protection**. - ![Microsoft Defender Antivirus Real-time Protection options](images/gpedit-real-time-protection.png) - 2. In the **Real-time Protection** details pane on right, double-click the policy setting as specified in the following table: + 2. In the **Real-time Protection** details pane on right, double-click the policy setting as specified in the following table: | Setting | Description | Default setting | |-----------------------------|------------------------|-------------------------------| diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/limited-periodic-scanning-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/limited-periodic-scanning-microsoft-defender-antivirus.md index fdc1e748f8..545f77a114 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/limited-periodic-scanning-microsoft-defender-antivirus.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/limited-periodic-scanning-microsoft-defender-antivirus.md @@ -39,18 +39,12 @@ If Microsoft Defender Antivirus is enabled, the usual options will appear to con ![Windows Security app showing Microsoft Defender AV options, including scan options, settings, and update options](images/vtp-wdav.png) -If another antivirus product is installed and working correctly, Microsoft Defender Antivirus will disable itself. The Windows Security app will change the **Virus & threat protection** section to show status about the AV product, and provide a link to the product's configuration options: +If another antivirus product is installed and working correctly, Microsoft Defender Antivirus will disable itself. The Windows Security app will change the **Virus & threat protection** section to show status about the AV product, and provide a link to the product's configuration options. -![Windows Security app showing ContosoAV as the installed and running antivirus provider. There is a single link to open ContosoAV settings.](images/vtp-3ps.png) - -Underneath any third party AV products, a new link will appear as **Microsoft Defender Antivirus options**. Clicking this link will expand to show the toggle that enables limited periodic scanning. - -![The limited periodic option is a toggle to enable or disable **periodic scanning**](images/vtp-3ps-lps.png) +Underneath any third party AV products, a new link will appear as **Microsoft Defender Antivirus options**. Clicking this link will expand to show the toggle that enables limited periodic scanning. Note that the limited periodic option is a toggle to enable or disable periodic scanning. Sliding the switch to **On** will show the standard Microsoft Defender AV options underneath the third party AV product. The limited periodic scanning option will appear at the bottom of the page. -![When enabled, periodic scanning shows the normal Microsoft Defender Antivirus options](images/vtp-3ps-lps-on.png) - ## Related articles - [Configure behavioral, heuristic, and real-time protection](configure-protection-features-microsoft-defender-antivirus.md) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016.md b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016.md index 5018ae9f9d..5a5fefca87 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016.md @@ -61,9 +61,7 @@ In Windows Server 2016, the **Add Roles and Features Wizard** looks like this: ![Add roles and feature wizard showing the GUI for Windows Defender option](images/server-add-gui.png) -In Windows Server 2019, the **Add Roles and Feature Wizard** looks like this: - -![Add roles and features wizard Windows Server 2019](images/WDAV-WinSvr2019-turnfeatureson.jpg) +In Windows Server 2019, the **Add Roles and Feature Wizard** looks much the same. ### Turn on the GUI using PowerShell diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-offline.md b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-offline.md index 103ede404e..cb5f4ad90e 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-offline.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-offline.md @@ -62,9 +62,7 @@ The prompt can occur via a notification, similar to the following: ![Windows notification showing the requirement to run Microsoft Defender Offline](images/defender/notification.png) -The user will also be notified within the Windows Defender client: - -![Windows Defender showing the requirement to run Microsoft Defender Offline](images/defender/client.png) +The user will also be notified within the Windows Defender client. In Configuration Manager, you can identify the status of endpoints by navigating to **Monitoring > Overview > Security > Endpoint Protection Status > System Center Endpoint Protection Status**. diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index 971482d70d..4a2fe0777f 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -112,10 +112,6 @@ You must have appropriate [permissions](../microsoft-defender-atp/assign-portal- 5. Assign the profile to one or more groups. - Here's what you see in the Windows Security app: - - ![Turning tamper protection on in Windows 10 Enterprise](images/turnontamperprotect-enterprise.png) - ### Are you using Windows OS 1709, 1803, or 1809? If you are using Windows 10 OS [1709](https://docs.microsoft.com/windows/release-information/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-information/status-windows-10-1803), or [1809](https://docs.microsoft.com/windows/release-information/status-windows-10-1809-and-windows-server-2019), you won't see **Tamper Protection** in the Windows Security app. In this case, you can use PowerShell to determine whether tamper protection is enabled. From 4a4f9781df96d5318010680908d2619c590403ff Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Fri, 12 Jun 2020 14:12:40 -0700 Subject: [PATCH 38/73] Update hub-teams-app.md --- devices/surface-hub/hub-teams-app.md | 25 ++++++++++--------------- 1 file changed, 10 insertions(+), 15 deletions(-) diff --git a/devices/surface-hub/hub-teams-app.md b/devices/surface-hub/hub-teams-app.md index 4083dc8515..ecc0410e36 100644 --- a/devices/surface-hub/hub-teams-app.md +++ b/devices/surface-hub/hub-teams-app.md @@ -1,28 +1,23 @@ --- -title: "Microsoft Teams app for Surface Hub" -description: "This page shows a summary of updates to the Microsoft Teams app for Surface Hub" -keywords: separate values with commas +title: Microsoft Teams app for Surface Hub +description: Provides a version history of updates for the Microsoft Teams app for Surface Hub +keywords: surface, hub, ms.prod: surface-hub ms.sitesec: library -author: greg-lindsay +author: greglin ms.author: greglin -manager: laurawi -audience: Admin ms.topic: article -ms.date: 06/12/2020 -ms.localizationpriority: Medium +ms.localizationpriority: medium +--- -# Microsoft Teams app for Surface Hub +# Microsoft Teams app for Surface Hub The Microsoft Teams app for Surface Hub is periodically updated and available via the [Microsoft Store](https://www.microsoft.com/store/apps/windows). If you manage Surface Hub with Automatic Updates enabled (default setting), the app will update automatically. ## Version history - | **Store app version** | **Updates** | **Published to Microsoft Store** | | --------------------- | --------------------------------------------------------------------------------------------------- | -------------------------------- | -| 0.2020.13201.0 | - 3x3 Gallery view on Surface Hub
    - Ability to search for External users | June 10, 2020
    | -| 0.2020.13201 | - Quality improvements and Bug fixes | June 1, 2020
    | -| 0.2020.4301.0 | - Accept incoming PSTN calls on Surface Hub
    - Added controls for Attendee/Presenter role changes | May 21, 2020 | - - +| 0.2020.13201.0 | - 3x3 Gallery view on Surface Hub
    - Ability to search for External users | June 10, 2020
    **** | +| 0.2020.13201 | - Quality improvements and Bug fixes | June 1, 2020
    **** | +| 0.2020.4301.0 | - Accept incoming PSTN calls on Surface Hub
    - Added controls for Attendee/Presenter role changes | May 21, 2020 | \ No newline at end of file From 886ca1562c888b98d481198b9eb351e9b2797b95 Mon Sep 17 00:00:00 2001 From: DanPandre <54847950+DanPandre@users.noreply.github.com> Date: Fri, 12 Jun 2020 17:38:47 -0400 Subject: [PATCH 39/73] Fix Local settings descriptions to match user experience --- .../local-management-surface-hub-settings.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/devices/surface-hub/local-management-surface-hub-settings.md b/devices/surface-hub/local-management-surface-hub-settings.md index 810691dfe8..4ffa2a3cbe 100644 --- a/devices/surface-hub/local-management-surface-hub-settings.md +++ b/devices/surface-hub/local-management-surface-hub-settings.md @@ -40,12 +40,12 @@ Surface Hubs have many settings that are common to other Windows devices, but al | Wireless projection (Miracast) channel | Surface Hub > Projection | Set the channel for Miracast projection. | | Meeting info shown on the welcome screen | Surface Hub > Welcome screen | Choose whether meeting organizer, time, and subject show up on the welcome screen. | | Welcome screen background | Surface Hub > Welcome screen | Choose a background image for the welcome screen. | -| Idle timeout to Welcome screen | Surface Hub > Session & Power | Choose how long until the Surface Hub returns to the welcome screen after no motion is detected. | -| Resume session | Surface Hub > Session & Power | Choose to allow users to resume a session after no motion is detected or to automatically clean up a session. | -| Access to Office 365 meetings and files | Surface Hub > Session & Power | Choose whether a user can sign in to Office 365 to get access to their meetings and files. | -| Turn on screen with motion sensors | Surface Hub > Session & clean up | Choose whether the screen turns on when motion is detected. | -| Session time out | Surface Hub > Session & clean up | Choose how long the device needs to be inactive before returning to the welcome screen. | -| Sleep time out | Surface Hub > Session & clean up | Choose how long the device needs to be inactive before going to sleep mode. | +| Session timeout to Welcome screen | Surface Hub > Session & power | Choose how long until the Surface Hub returns to the welcome screen after no motion is detected. | +| Resume session | Surface Hub > Session & power | Choose to allow users to resume a session after no motion is detected or to automatically clean up a session. | +| Access to Office 365 meetings and files | Surface Hub > Session & power | Choose whether a user can sign in to Office 365 to get access to their meetings and files. | +| Turn on screen with motion sensors | Surface Hub > Session & power | Choose whether the screen turns on when motion is detected. | +| Screen time out | Surface Hub > Session & power | Choose how long the device needs to be inactive before turning off the screen. | +| Sleep time out | Surface Hub > Session & power | Choose how long the device needs to be inactive before going to sleep mode. | | Friendly name | Surface Hub > About | Set the Surface Hub name that people will see when connecting wirelessly. | | Maintenance hours | Update & security > Windows Update > Advanced options | Configure when updates can be installed. | | Configure Windows Server Update Services (WSUS) server | Update & security > Windows Update > Advanced options | Change whether Surface Hub receives updates from a WSUS server instead of Windows Update. | From 2b296e5d6b2df591a681fcd3d5fe4c8f8c4d715c Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Fri, 12 Jun 2020 15:16:55 -0700 Subject: [PATCH 40/73] Removed unnecessary bold from table headings --- devices/surface-hub/hub-teams-app.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/devices/surface-hub/hub-teams-app.md b/devices/surface-hub/hub-teams-app.md index ecc0410e36..a2e25a8458 100644 --- a/devices/surface-hub/hub-teams-app.md +++ b/devices/surface-hub/hub-teams-app.md @@ -16,8 +16,8 @@ The Microsoft Teams app for Surface Hub is periodically updated and available vi ## Version history -| **Store app version** | **Updates** | **Published to Microsoft Store** | +| Store app version | Updates | Published to Microsoft Store | | --------------------- | --------------------------------------------------------------------------------------------------- | -------------------------------- | | 0.2020.13201.0 | - 3x3 Gallery view on Surface Hub
    - Ability to search for External users | June 10, 2020
    **** | | 0.2020.13201 | - Quality improvements and Bug fixes | June 1, 2020
    **** | -| 0.2020.4301.0 | - Accept incoming PSTN calls on Surface Hub
    - Added controls for Attendee/Presenter role changes | May 21, 2020 | \ No newline at end of file +| 0.2020.4301.0 | - Accept incoming PSTN calls on Surface Hub
    - Added controls for Attendee/Presenter role changes | May 21, 2020 | From 85eee2b34ba7e8150065f4429949e16743dd95eb Mon Sep 17 00:00:00 2001 From: "Jeff Reeds (Aquent LLC)" Date: Fri, 12 Jun 2020 15:17:25 -0700 Subject: [PATCH 41/73] Updated meta descriptions for SEO --- .../appv-create-a-package-accelerator.md | 2 +- .../app-v/appv-for-windows.md | 2 +- .../app-v/appv-getting-started.md | 2 +- ...-publishing-server-on-a-remote-computer.md | 2 +- .../mdm/certificate-renewal-windows-mdm.md | 2 +- .../mdm/clientcertificateinstall-csp.md | 2 +- windows/client-management/mdm/defender-csp.md | 2 +- windows/client-management/mdm/defender-ddf.md | 2 +- .../mdm/enterpriseappvmanagement-csp.md | 2 +- .../mdm/enterpriseassignedaccess-xsd.md | 2 +- .../mdm/policy-csp-attachmentmanager.md | 2 +- .../mdm/policy-csp-education.md | 2 +- .../mdm/policy-csp-mssecurityguide.md | 2 +- .../mdm/policy-csp-system.md | 2 +- windows/configuration/kiosk-validate.md | 2 +- .../configuration/ue-v/uev-troubleshooting.md | 2 +- ...application-virtualization-applications.md | 2 +- windows/deployment/deploy.md | 2 +- .../update/windows-update-resources.md | 2 +- .../usmt/usmt-determine-what-to-migrate.md | 135 +++++++++--------- .../volume-activation/vamt-known-issues.md | 2 +- .../windows-autopilot-requirements.md | 2 +- ...ndows-7-and-windows-server-2008-r2-sp1.yml | 2 +- .../resolved-issues-windows-server-2012.yml | 2 +- ...windows-8.1-and-windows-server-2012-r2.yml | 2 +- .../status-windows-server-2008-sp2.yml | 2 +- windows/whats-new/get-started-with-1709.md | 2 +- 27 files changed, 94 insertions(+), 93 deletions(-) diff --git a/windows/application-management/app-v/appv-create-a-package-accelerator.md b/windows/application-management/app-v/appv-create-a-package-accelerator.md index 7f2ec6c3c5..db4fe23b68 100644 --- a/windows/application-management/app-v/appv-create-a-package-accelerator.md +++ b/windows/application-management/app-v/appv-create-a-package-accelerator.md @@ -1,6 +1,6 @@ --- title: How to create a package accelerator (Windows 10) -description: How to create a package accelerator. +description: Learn how to create App-V Package Accelerators to automatically generate new virtual application packages. author: lomayor ms.pagetype: mdop, appcompat, virtualization ms.mktglfcycl: deploy diff --git a/windows/application-management/app-v/appv-for-windows.md b/windows/application-management/app-v/appv-for-windows.md index 459032925c..bec88a55bf 100644 --- a/windows/application-management/app-v/appv-for-windows.md +++ b/windows/application-management/app-v/appv-for-windows.md @@ -1,6 +1,6 @@ --- title: Application Virtualization (App-V) (Windows 10) -description: Application Virtualization (App-V) +description: See various topics that can help you administer Application Virtualization (App-V) and its components. author: lomayor ms.pagetype: mdop, appcompat, virtualization ms.mktglfcycl: deploy diff --git a/windows/application-management/app-v/appv-getting-started.md b/windows/application-management/app-v/appv-getting-started.md index 1b1f6592d5..2e1556cb8a 100644 --- a/windows/application-management/app-v/appv-getting-started.md +++ b/windows/application-management/app-v/appv-getting-started.md @@ -1,6 +1,6 @@ --- title: Getting Started with App-V (Windows 10) -description: Getting Started with App-V for Windows 10 +description: Get started with Microsoft Application Virtualization (App-V) for Windows 10. author: lomayor ms.pagetype: mdop, appcompat, virtualization ms.mktglfcycl: deploy diff --git a/windows/application-management/app-v/appv-install-the-publishing-server-on-a-remote-computer.md b/windows/application-management/app-v/appv-install-the-publishing-server-on-a-remote-computer.md index 7209027bb8..8fce503469 100644 --- a/windows/application-management/app-v/appv-install-the-publishing-server-on-a-remote-computer.md +++ b/windows/application-management/app-v/appv-install-the-publishing-server-on-a-remote-computer.md @@ -1,6 +1,6 @@ --- title: Install the Publishing Server on a Remote Computer (Windows 10) -description: How to Install the App-V Publishing Server on a Remote Computer +description: Use the procedures in this article to install the Microsoft Application Virtualization (App-V) publishing server on a separate computer. author: lomayor ms.pagetype: mdop, appcompat, virtualization ms.mktglfcycl: deploy diff --git a/windows/client-management/mdm/certificate-renewal-windows-mdm.md b/windows/client-management/mdm/certificate-renewal-windows-mdm.md index 26580c5095..415aa6a9b9 100644 --- a/windows/client-management/mdm/certificate-renewal-windows-mdm.md +++ b/windows/client-management/mdm/certificate-renewal-windows-mdm.md @@ -1,6 +1,6 @@ --- title: Certificate Renewal -description: The enrolled client certificate expires after a period of use. +description: Find all the resources needed to provide continuous access to client certificates. MS-HAID: - 'p\_phdevicemgmt.certificate\_renewal' - 'p\_phDeviceMgmt.certificate\_renewal\_windows\_mdm' diff --git a/windows/client-management/mdm/clientcertificateinstall-csp.md b/windows/client-management/mdm/clientcertificateinstall-csp.md index 8837ad757e..0f2ec33a8f 100644 --- a/windows/client-management/mdm/clientcertificateinstall-csp.md +++ b/windows/client-management/mdm/clientcertificateinstall-csp.md @@ -1,6 +1,6 @@ --- title: ClientCertificateInstall CSP -description: ClientCertificateInstall CSP +description: The ClientCertificateInstall configuration service provider (CSP) enables the enterprise to install client certificates. ms.assetid: B624EB73-2972-47F2-9D7E-826D641BF8A7 ms.reviewer: manager: dansimp diff --git a/windows/client-management/mdm/defender-csp.md b/windows/client-management/mdm/defender-csp.md index 8c398e4992..0842fb0031 100644 --- a/windows/client-management/mdm/defender-csp.md +++ b/windows/client-management/mdm/defender-csp.md @@ -1,6 +1,6 @@ --- title: Defender CSP -description: Defender CSP +description: See how the Windows Defender configuration service provider is used to configure various Windows Defender actions across the enterprise. ms.assetid: 481AA74F-08B2-4A32-B95D-5A3FD05B335C ms.reviewer: manager: dansimp diff --git a/windows/client-management/mdm/defender-ddf.md b/windows/client-management/mdm/defender-ddf.md index 6ca8fc6f49..60c2372aed 100644 --- a/windows/client-management/mdm/defender-ddf.md +++ b/windows/client-management/mdm/defender-ddf.md @@ -1,6 +1,6 @@ --- title: Defender DDF file -description: Defender DDF file +description: See how the the OMA DM device description framework (DDF) for the **Defender** configuration service provider is used. ms.assetid: 39B9E6CF-4857-4199-B3C3-EC740A439F65 ms.reviewer: manager: dansimp diff --git a/windows/client-management/mdm/enterpriseappvmanagement-csp.md b/windows/client-management/mdm/enterpriseappvmanagement-csp.md index ab13935f66..22445122ec 100644 --- a/windows/client-management/mdm/enterpriseappvmanagement-csp.md +++ b/windows/client-management/mdm/enterpriseappvmanagement-csp.md @@ -1,6 +1,6 @@ --- title: EnterpriseAppVManagement CSP -description: EnterpriseAppVManagement CSP +description: Examine the tree format for EnterpriseAppVManagement configuration service provider (CSP) to manage virtual applications in Windows 10 PCs.(Enterprise and Education editions). ms.author: dansimp ms.topic: article ms.prod: w10 diff --git a/windows/client-management/mdm/enterpriseassignedaccess-xsd.md b/windows/client-management/mdm/enterpriseassignedaccess-xsd.md index f73c18d744..3ee96832c7 100644 --- a/windows/client-management/mdm/enterpriseassignedaccess-xsd.md +++ b/windows/client-management/mdm/enterpriseassignedaccess-xsd.md @@ -1,6 +1,6 @@ --- title: EnterpriseAssignedAccess XSD -description: EnterpriseAssignedAccess XSD +description: This XSD can be used to validate that the lockdown XML in the \ block of the AssignedAccessXML node. ms.assetid: BB3B633E-E361-4B95-9D4A-CE6E08D67ADA ms.reviewer: manager: dansimp diff --git a/windows/client-management/mdm/policy-csp-attachmentmanager.md b/windows/client-management/mdm/policy-csp-attachmentmanager.md index b09a07d3b2..bc3456d80d 100644 --- a/windows/client-management/mdm/policy-csp-attachmentmanager.md +++ b/windows/client-management/mdm/policy-csp-attachmentmanager.md @@ -1,6 +1,6 @@ --- title: Policy CSP - AttachmentManager -description: Policy CSP - AttachmentManager +description: Manage Windows marks file attachments with information about their zone of origin (such as restricted, Internet, intranet, local). ms.author: dansimp ms.topic: article ms.prod: w10 diff --git a/windows/client-management/mdm/policy-csp-education.md b/windows/client-management/mdm/policy-csp-education.md index e316fbdb3f..df04232bea 100644 --- a/windows/client-management/mdm/policy-csp-education.md +++ b/windows/client-management/mdm/policy-csp-education.md @@ -1,6 +1,6 @@ --- title: Policy CSP - Education -description: Policy CSP - Education +description: Control graphing functionality in the Windows Calculator app. ms.author: dansimp ms.topic: article ms.prod: w10 diff --git a/windows/client-management/mdm/policy-csp-mssecurityguide.md b/windows/client-management/mdm/policy-csp-mssecurityguide.md index 598cad17d2..f896724225 100644 --- a/windows/client-management/mdm/policy-csp-mssecurityguide.md +++ b/windows/client-management/mdm/policy-csp-mssecurityguide.md @@ -1,6 +1,6 @@ --- title: Policy CSP - MSSecurityGuide -description: Policy CSP - MSSecurityGuide +description: See how this ADMX-backed policy requires a special SyncML format to enable or disable. ms.author: dansimp ms.topic: article ms.prod: w10 diff --git a/windows/client-management/mdm/policy-csp-system.md b/windows/client-management/mdm/policy-csp-system.md index 7cb986c7fd..a221c321b1 100644 --- a/windows/client-management/mdm/policy-csp-system.md +++ b/windows/client-management/mdm/policy-csp-system.md @@ -1,6 +1,6 @@ --- title: Policy CSP - System -description: Policy CSP - System +description: Learn policy settings that determines whether users can access the Insider build controls in the advanced options for Windows Update. ms.author: dansimp ms.topic: article ms.prod: w10 diff --git a/windows/configuration/kiosk-validate.md b/windows/configuration/kiosk-validate.md index ea34adf834..34b8124fa2 100644 --- a/windows/configuration/kiosk-validate.md +++ b/windows/configuration/kiosk-validate.md @@ -1,6 +1,6 @@ --- title: Validate kiosk configuration (Windows 10) -description: This topic explains what to expect on a multi-app kiosk. +description: Learn what to expect on a multi-app kiosk in Windows 10 Pro, Enterprise, and Education. ms.assetid: 428680AE-A05F-43ED-BD59-088024D1BFCC ms.reviewer: manager: dansimp diff --git a/windows/configuration/ue-v/uev-troubleshooting.md b/windows/configuration/ue-v/uev-troubleshooting.md index 1ffb99a964..9683bd771d 100644 --- a/windows/configuration/ue-v/uev-troubleshooting.md +++ b/windows/configuration/ue-v/uev-troubleshooting.md @@ -1,6 +1,6 @@ --- title: Troubleshooting UE-V -description: Troubleshooting UE-V +description: Find resources for troubleshooting UE-V for Windows 10. author: dansimp ms.pagetype: mdop, virtualization ms.mktglfcycl: deploy diff --git a/windows/configuration/ue-v/uev-using-uev-with-application-virtualization-applications.md b/windows/configuration/ue-v/uev-using-uev-with-application-virtualization-applications.md index d2e019723d..8b68977b69 100644 --- a/windows/configuration/ue-v/uev-using-uev-with-application-virtualization-applications.md +++ b/windows/configuration/ue-v/uev-using-uev-with-application-virtualization-applications.md @@ -1,6 +1,6 @@ --- title: Using UE-V with Application Virtualization applications -description: Using UE-V with Application Virtualization applications +description: Learn how to use User Experience Virtualization (UE-V) with Microsoft Application Virtualization (App-V). author: dansimp ms.pagetype: mdop, virtualization ms.mktglfcycl: deploy diff --git a/windows/deployment/deploy.md b/windows/deployment/deploy.md index 4680e56b08..d86cb2f2a8 100644 --- a/windows/deployment/deploy.md +++ b/windows/deployment/deploy.md @@ -1,6 +1,6 @@ --- title: Deploy Windows 10 (Windows 10) -description: Deploying Windows 10 for IT professionals. +description: Learn Windows 10 upgrade options for planning, testing, and managing your production deployment. ms.assetid: E9E2DED5-DBA7-4300-B411-BA0FD39BE18C ms.reviewer: manager: laurawi diff --git a/windows/deployment/update/windows-update-resources.md b/windows/deployment/update/windows-update-resources.md index 16e2488d65..d7c9b71e67 100644 --- a/windows/deployment/update/windows-update-resources.md +++ b/windows/deployment/update/windows-update-resources.md @@ -1,6 +1,6 @@ --- title: Windows Update - Additional resources -description: Additional resources for Windows Update +description: Use these resource to troubleshoot and reset Windows Update. ms.prod: w10 ms.mktglfcycl: diff --git a/windows/deployment/usmt/usmt-determine-what-to-migrate.md b/windows/deployment/usmt/usmt-determine-what-to-migrate.md index cb04fac7e3..3b16df17e6 100644 --- a/windows/deployment/usmt/usmt-determine-what-to-migrate.md +++ b/windows/deployment/usmt/usmt-determine-what-to-migrate.md @@ -1,67 +1,68 @@ ---- -title: Determine What to Migrate (Windows 10) -description: Determine What to Migrate -ms.assetid: 01ae1d13-c3eb-4618-b39d-ee5d18d55761 -ms.reviewer: -manager: laurawi -ms.author: greglin -ms.prod: w10 -ms.mktglfcycl: deploy -ms.sitesec: library -audience: itpro author: greg-lindsay -ms.date: 04/19/2017 -ms.topic: article ---- - -# Determine What to Migrate - - -By default, User State Migration Tool (USMT) 10.0 migrates the items listed in [What Does USMT Migrate?](usmt-what-does-usmt-migrate.md), depending on the migration .xml files you specify. These default settings are often enough for a basic migration. - -However, when considering what settings to migrate, you should also consider what settings you would like the user to be able to configure, if any, and what settings you would like to standardize. Many organizations use their migration as an opportunity to create and begin enforcing a better-managed environment. Some of the settings that users can configure on unmanaged computers prior to the migration can be locked on the new, managed computers. For example, standard wallpaper, Internet Explorer security settings, and desktop configuration are some of the items you can choose to standardize. - -To reduce complexity and increase standardization, your organization should consider creating a *standard operating environment (SOE)*. An SOE is a combination of hardware and software that you distribute to all users. This means selecting a baseline for all computers, including standard hardware drivers; core operating system features; core productivity applications, especially if they are under volume licensing; and core utilities. This environment should also include a standard set of security features, as outlined in the organization’s corporate policy. Using a standard operating environment can vastly simplify the migration and reduce overall deployment challenges. - -## In This Section - - -
    ---- - - - - - - - - - - - - - - - - - - -

    Identify Users

    Use command-line options to specify which users to migrate and how they should be migrated.

    Identify Applications Settings

    Determine which applications you want to migrate and prepare a list of application settings to be migrated.

    Identify Operating System Settings

    Use migration to create a new standard environment on each of the destination computers.

    Identify File Types, Files, and Folders

    Determine and locate the standard, company-specified, and non-standard locations of the file types, files, folders, and settings that you want to migrate.

    - - - -## Related topics - - -[What Does USMT Migrate?](usmt-what-does-usmt-migrate.md) - - - - - - - - - +--- +title: Determine What to Migrate (Windows 10) +description: Determine migration settings for standard or customized for the User State Migration Tool (USMT) 10.0. +ms.assetid: 01ae1d13-c3eb-4618-b39d-ee5d18d55761 +ms.reviewer: +manager: laurawi +ms.author: greglin +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +audience: itpro +author: greg-lindsay +ms.date: 04/19/2017 +ms.topic: article +--- + +# Determine What to Migrate + + +By default, User State Migration Tool (USMT) 10.0 migrates the items listed in [What Does USMT Migrate?](usmt-what-does-usmt-migrate.md), depending on the migration .xml files you specify. These default settings are often enough for a basic migration. + +However, when considering what settings to migrate, you should also consider what settings you would like the user to be able to configure, if any, and what settings you would like to standardize. Many organizations use their migration as an opportunity to create and begin enforcing a better-managed environment. Some of the settings that users can configure on unmanaged computers prior to the migration can be locked on the new, managed computers. For example, standard wallpaper, Internet Explorer security settings, and desktop configuration are some of the items you can choose to standardize. + +To reduce complexity and increase standardization, your organization should consider creating a *standard operating environment (SOE)*. An SOE is a combination of hardware and software that you distribute to all users. This means selecting a baseline for all computers, including standard hardware drivers; core operating system features; core productivity applications, especially if they are under volume licensing; and core utilities. This environment should also include a standard set of security features, as outlined in the organization’s corporate policy. Using a standard operating environment can vastly simplify the migration and reduce overall deployment challenges. + +## In This Section + + + ++++ + + + + + + + + + + + + + + + + + + +

    Identify Users

    Use command-line options to specify which users to migrate and how they should be migrated.

    Identify Applications Settings

    Determine which applications you want to migrate and prepare a list of application settings to be migrated.

    Identify Operating System Settings

    Use migration to create a new standard environment on each of the destination computers.

    Identify File Types, Files, and Folders

    Determine and locate the standard, company-specified, and non-standard locations of the file types, files, folders, and settings that you want to migrate.

    + + + +## Related topics + + +[What Does USMT Migrate?](usmt-what-does-usmt-migrate.md) + + + + + + + + + diff --git a/windows/deployment/volume-activation/vamt-known-issues.md b/windows/deployment/volume-activation/vamt-known-issues.md index 2259c02d2f..b4173bb737 100644 --- a/windows/deployment/volume-activation/vamt-known-issues.md +++ b/windows/deployment/volume-activation/vamt-known-issues.md @@ -1,6 +1,6 @@ --- title: VAMT known issues (Windows 10) -description: Volume Activation Management Tool (VAMT) known issues +description: Find out the current known issues with the Volume Activation Management Tool (VAMT), versions 3.0. and 3.1. ms.assetid: 8992f1f3-830a-4ce7-a248-f3a6377ab77f ms.reviewer: manager: laurawi diff --git a/windows/deployment/windows-autopilot/windows-autopilot-requirements.md b/windows/deployment/windows-autopilot/windows-autopilot-requirements.md index 25fee702e2..eca7e2bf95 100644 --- a/windows/deployment/windows-autopilot/windows-autopilot-requirements.md +++ b/windows/deployment/windows-autopilot/windows-autopilot-requirements.md @@ -2,7 +2,7 @@ title: Windows Autopilot requirements ms.reviewer: manager: laurawi -description: Inform yourself about software, networking, licensing, and configuration requirements for Windows Autopilot deployment. +description: See the requirements you need to run Windows Autopilot in Windows 10, Azure Active Directory, and MDM services such as Microsoft Intune. keywords: mdm, setup, windows, windows 10, oobe, manage, deploy, autopilot, ztd, zero-touch, partner, msfb, intune ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml index d559457fca..0e9d00f112 100644 --- a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml @@ -1,7 +1,7 @@ ### YamlMime:YamlDocument documentType: LandingData -title: Resolved issues in Windows 7 and Windows Server 2008 R2 SP1 +title: See a list of known issues that have been resolved for Windows 7 and Windows Server 2008 R2 SP1 over the last six months. metadata: document_id: title: Resolved issues in Windows 7 and Windows Server 2008 R2 SP1 diff --git a/windows/release-information/resolved-issues-windows-server-2012.yml b/windows/release-information/resolved-issues-windows-server-2012.yml index 87c57cef75..d9f4e51351 100644 --- a/windows/release-information/resolved-issues-windows-server-2012.yml +++ b/windows/release-information/resolved-issues-windows-server-2012.yml @@ -1,7 +1,7 @@ ### YamlMime:YamlDocument documentType: LandingData -title: Resolved issues in Windows Server 2012 +title: See a list of known issues that have been resolved for Windows Server 2012 over the last six months. metadata: document_id: title: Resolved issues in Windows Server 2012 diff --git a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml index 1d522d681a..01f8a8436e 100644 --- a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml +++ b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml @@ -5,7 +5,7 @@ title: Windows 8.1 and Windows Server 2012 R2 metadata: document_id: title: Windows 8.1 and Windows Server 2012 R2 - description: View announcements and review known issues and fixes for Windows 8.1 and Windows Server 2012 R2 + description: View announcements and review known issues and fixes for Windows 8.1 and Windows Server 2012 R2. keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories ms.localizationpriority: high author: greg-lindsay diff --git a/windows/release-information/status-windows-server-2008-sp2.yml b/windows/release-information/status-windows-server-2008-sp2.yml index cf035b38eb..386d5d16ad 100644 --- a/windows/release-information/status-windows-server-2008-sp2.yml +++ b/windows/release-information/status-windows-server-2008-sp2.yml @@ -5,7 +5,7 @@ title: Windows Server 2008 SP2 metadata: document_id: title: Windows Server 2008 SP2 - description: View announcements and review known issues and fixes for Windows Server 2008 SP2 + description: View announcements and review known issues and fixes for Windows Server 2008 SP2. keywords: Windows, Windows 10, issues, fixes, announcements, Windows Server, advisories ms.localizationpriority: high author: greg-lindsay diff --git a/windows/whats-new/get-started-with-1709.md b/windows/whats-new/get-started-with-1709.md index b7879030be..2b22a606de 100644 --- a/windows/whats-new/get-started-with-1709.md +++ b/windows/whats-new/get-started-with-1709.md @@ -1,6 +1,6 @@ --- title: Get started with Windows 10, version 1709 -description: All the information to get you started with Windows 10, version 1709. +description: Learn the dos and don'ts for getting started with Windows 10, version 1709. keywords: ["get started", "windows 10", "fall creators update", "1709"] ms.prod: w10 ms.mktglfcycl: deploy From ef4ecf6cf21dbbdb04769cbc57e4c81e26883cfe Mon Sep 17 00:00:00 2001 From: "Jeff Reeds (Aquent LLC)" Date: Fri, 12 Jun 2020 15:27:58 -0700 Subject: [PATCH 42/73] Minor chages made to update docs --- mdop/appv-v5/app-v-51-supported-configurations.md | 2 ++ .../app-v/appv-supported-configurations.md | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/mdop/appv-v5/app-v-51-supported-configurations.md b/mdop/appv-v5/app-v-51-supported-configurations.md index 1883e4284b..5d7e251bfa 100644 --- a/mdop/appv-v5/app-v-51-supported-configurations.md +++ b/mdop/appv-v5/app-v-51-supported-configurations.md @@ -16,6 +16,8 @@ ms.date: 04/02/2020 # App-V 5.1 Supported Configurations +>Applies to: Windows 10, version 1607; Window Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 (Extended Security Update) + This topic specifies the requirements to install and run Microsoft Application Virtualization (App-V) 5.1 in your environment. ## App-V Server system requirements diff --git a/windows/application-management/app-v/appv-supported-configurations.md b/windows/application-management/app-v/appv-supported-configurations.md index dcf1e72905..a1b4f90845 100644 --- a/windows/application-management/app-v/appv-supported-configurations.md +++ b/windows/application-management/app-v/appv-supported-configurations.md @@ -14,7 +14,7 @@ ms.topic: article --- # App-V Supported Configurations ->Applies to: Windows 10, version 1607; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 +>Applies to: Windows 10, version 1607; Window Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 (Extended Security Update) This topic specifies the requirements to install and run App-V in your Windows 10 environment. For information about prerequisite software such as the .NET Framework, see [App-V prerequisites](appv-prerequisites.md). @@ -34,7 +34,7 @@ The App-V server does not support the following scenarios: ### Management server operating system requirements -You can install the App-V Management server on a server running Windows Server 2008 R2 with SP1 or later. +You can install the App-V Management server on a server running Windows Server 2008 R2 with SP1 (Extended Security Update) or later. >[!IMPORTANT] >Deploying a Management server role to a computer with Remote Desktop Services enabled is not supported. From 1bb7409be8356431b6ec0d910636705c5299a947 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Fri, 12 Jun 2020 16:40:41 -0700 Subject: [PATCH 43/73] Corrected code block type and indentation --- ...re-network-connections-microsoft-defender-antivirus.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md index 1b7bc129b9..db0d9fed09 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md @@ -68,7 +68,7 @@ After whitelisting the URLs listed above, you can test if you are connected to t Use the following argument with the Microsoft Defender Antivirus command-line utility (`mpcmdrun.exe`) to verify that your network can communicate with the Microsoft Defender Antivirus cloud service: -```DOS +```console "%ProgramFiles%\Windows Defender\MpCmdRun.exe" -ValidateMapsConnection ``` @@ -107,10 +107,10 @@ You will also see a detection under **Quarantined threats** in the **Scan histor 3. Under the **Quarantined threats** section, click the **See full history** label to see the detected fake malware. ->[!NOTE] ->Versions of Windows 10 before version 1703 have a different user interface. See [Microsoft Defender Antivirus in the Windows Security app](microsoft-defender-security-center-antivirus.md). + > [!NOTE] + > Versions of Windows 10 before version 1703 have a different user interface. See [Microsoft Defender Antivirus in the Windows Security app](microsoft-defender-security-center-antivirus.md). -The Windows event log will also show [Windows Defender client event ID 2050](troubleshoot-microsoft-defender-antivirus.md). + The Windows event log will also show [Windows Defender client event ID 2050](troubleshoot-microsoft-defender-antivirus.md). >[!IMPORTANT] >You will not be able to use a proxy auto-config (.pac) file to test network connections to these URLs. You will need to verify your proxy servers and any network filtering tools manually to ensure connectivity. From c1686f459e91285d36be5f91dfe0661f064ba9dd Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Fri, 12 Jun 2020 16:49:34 -0700 Subject: [PATCH 44/73] Attempting to fix layout and numbering --- ...protection-microsoft-defender-antivirus.md | 96 ++++++++++++------- 1 file changed, 59 insertions(+), 37 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md index fbcf3e9352..727463b3d6 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md @@ -34,75 +34,97 @@ You can use **Local Group Policy Editor** to enable and configure Microsoft Defe To enable and configure always-on protection: 1. Open **Local Group Policy Editor**. To do this: + 1. In your Windows 10 taskbar search box, type **gpedit**. - 2. Under **Best match**, click **Edit group policy** to launch **Local Group Policy Editor**. -![GPEdit taskbar search result](images/gpedit-search.png) + + 1. Under **Best match**, click **Edit group policy** to launch **Local Group Policy Editor**. + + ![GPEdit taskbar search result](images/gpedit-search.png) + 2. In the left pane of **Local Group Policy Editor**, expand the tree to **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus**. + 3. Configure the Microsoft Defender Antivirus antimalware service policy settings. To do this: + 1. In the **Microsoft Defender Antivirus** details pane on right, double-click the policy setting as specified in the following table: - | Setting | Description | Default setting | - |-----------------------------|------------------------|-------------------------------| - | Allow antimalware service to startup with normal priority | You can lower the priority of the Microsoft Defender Antivirus engine, which may be useful in lightweight deployments where you want to have as lean a startup process as possible. This may impact protection on the endpoint. | Enabled - | Allow antimalware service to remain running always | If protection updates have been disabled, you can set Microsoft Defender Antivirus to still run. This lowers the protection on the endpoint. | Disabled | - 2. Configure the setting as appropriate, and click **OK**. - 3. Repeat the previous steps for each setting in the table. + | Setting | Description | Default setting | + |-----------------------------|------------------------|-------------------------------| + | Allow antimalware service to startup with normal priority | You can lower the priority of the Microsoft Defender Antivirus engine, which may be useful in lightweight deployments where you want to have as lean a startup process as possible. This may impact protection on the endpoint. | Enabled + | Allow antimalware service to remain running always | If protection updates have been disabled, you can set Microsoft Defender Antivirus to still run. This lowers the protection on the endpoint. | Disabled | + + 1. Configure the setting as appropriate, and click **OK**. + + 1. Repeat the previous steps for each setting in the table. + +4. Configure the Microsoft Defender Antivirus real-time protection policy settings. To do this: -4. Configure the Microsoft Defender Antivirus real-time protection policy settings. To do this: 1. In the **Microsoft Defender Antivirus** details pane, double-click **Real-time Protection**. Or, from the **Microsoft Defender Antivirus** tree on left pane, click **Real-time Protection**. - 2. In the **Real-time Protection** details pane on right, double-click the policy setting as specified in the following table: + + 1. In the **Real-time Protection** details pane on right, double-click the policy setting as specified in the following table: - | Setting | Description | Default setting | - |-----------------------------|------------------------|-------------------------------| - | Turn on behavior monitoring | The AV engine will monitor file processes, file and registry changes, and other events on your endpoints for suspicious and known malicious activity. | Enabled | - | Scan all downloaded files and attachments | Downloaded files and attachments are automatically scanned. This operates in addition to the Windows Defender SmartScreen filter, which scans files before and during downloading. | Enabled | - | Monitor file and program activity on your computer | The Microsoft Defender Antivirus engine makes note of any file changes (file writes, such as moves, copies, or modifications) and general program activity (programs that are opened or running and that cause other programs to run). | Enabled | - | Turn on raw volume write notifications | Information about raw volume writes will be analyzed by behavior monitoring. | Enabled | - | Turn on process scanning whenever real-time protection is enabled | You can independently enable the Microsoft Defender Antivirus engine to scan running processes for suspicious modifications or behaviors. This is useful if you have temporarily disabled real-time protection and want to automatically scan processes that started while it was disabled. | Enabled | - | Define the maximum size of downloaded files and attachments to be scanned | You can define the size in kilobytes. | Enabled | - | Configure local setting override for turn on behavior monitoring | Configure a local override for the configuration of behavior monitoring. This setting can only be set by Group Policy. If you enable this setting, the local preference setting will take priority over Group Policy. If you disable or do not configure this setting, Group Policy will take priority over the local preference setting.| Enabled | - | Configure local setting override for scanning all downloaded files and attachments | Configure a local override for the configuration of scanning for all downloaded files and attachments. This setting can only be set by Group Policy. If you enable this setting, the local preference setting will take priority over Group Policy. If you disable or do not configure this setting, Group Policy will take priority over the local preference setting.| Enabled | - | Configure local setting override for monitoring file and program activity on your computer | Configure a local override for the configuration of monitoring for file and program activity on your computer. This setting can only be set by Group Policy. If you enable this setting, the local preference setting will take priority over Group Policy. If you disable or do not configure this setting, Group Policy will take priority over the local preference setting.| Enabled | - | Configure local setting override to turn on real-time protection | Configure a local override for the configuration to turn on real-time protection. This setting can only be set by Group Policy. If you enable this setting, the local preference setting will take priority over Group Policy. If you disable or do not configure this setting, Group Policy will take priority over the local preference setting.| Enabled | - | Configure local setting override for monitoring for incoming and outgoing file activity | Configure a local override for the configuration of monitoring for incoming and outgoing file activity. This setting can only be set by Group Policy. If you enable this setting, the local preference setting will take priority over Group Policy. If you disable or do not configure this setting, Group Policy will take priority over the local preference setting. | Enabled | - | Configure monitoring for incoming and outgoing file and program activity | Specify whether monitoring should occur on incoming, outgoing, both, or neither direction. This is relevant for Windows Server installations where you have defined specific servers or Server Roles that see large amounts of file changes in only one direction and you want to improve network performance. Fully updated endpoints (and servers) on a network will see little performance impact irrespective of the number or direction of file changes. | Enabled (both directions) | + | Setting | Description | Default setting | + |-----------------------------|------------------------|-------------------------------| + | Turn on behavior monitoring | The AV engine will monitor file processes, file and registry changes, and other events on your endpoints for suspicious and known malicious activity. | Enabled | + | Scan all downloaded files and attachments | Downloaded files and attachments are automatically scanned. This operates in addition to the Windows Defender SmartScreen filter, which scans files before and during downloading. | Enabled | + | Monitor file and program activity on your computer | The Microsoft Defender Antivirus engine makes note of any file changes (file writes, such as moves, copies, or modifications) and general program activity (programs that are opened or running and that cause other programs to run). | Enabled | + | Turn on raw volume write notifications | Information about raw volume writes will be analyzed by behavior monitoring. | Enabled | + | Turn on process scanning whenever real-time protection is enabled | You can independently enable the Microsoft Defender Antivirus engine to scan running processes for suspicious modifications or behaviors. This is useful if you have temporarily disabled real-time protection and want to automatically scan processes that started while it was disabled. | Enabled | + | Define the maximum size of downloaded files and attachments to be scanned | You can define the size in kilobytes. | Enabled | + | Configure local setting override for turn on behavior monitoring | Configure a local override for the configuration of behavior monitoring. This setting can only be set by Group Policy. If you enable this setting, the local preference setting will take priority over Group Policy. If you disable or do not configure this setting, Group Policy will take priority over the local preference setting.| Enabled | + | Configure local setting override for scanning all downloaded files and attachments | Configure a local override for the configuration of scanning for all downloaded files and attachments. This setting can only be set by Group Policy. If you enable this setting, the local preference setting will take priority over Group Policy. If you disable or do not configure this setting, Group Policy will take priority over the local preference setting.| Enabled | + | Configure local setting override for monitoring file and program activity on your computer | Configure a local override for the configuration of monitoring for file and program activity on your computer. This setting can only be set by Group Policy. If you enable this setting, the local preference setting will take priority over Group Policy. If you disable or do not configure this setting, Group Policy will take priority over the local preference setting.| Enabled | + | Configure local setting override to turn on real-time protection | Configure a local override for the configuration to turn on real-time protection. This setting can only be set by Group Policy. If you enable this setting, the local preference setting will take priority over Group Policy. If you disable or do not configure this setting, Group Policy will take priority over the local preference setting.| Enabled | + | Configure local setting override for monitoring for incoming and outgoing file activity | Configure a local override for the configuration of monitoring for incoming and outgoing file activity. This setting can only be set by Group Policy. If you enable this setting, the local preference setting will take priority over Group Policy. If you disable or do not configure this setting, Group Policy will take priority over the local preference setting. | Enabled | + | Configure monitoring for incoming and outgoing file and program activity | Specify whether monitoring should occur on incoming, outgoing, both, or neither direction. This is relevant for Windows Server installations where you have defined specific servers or Server Roles that see large amounts of file changes in only one direction and you want to improve network performance. Fully updated endpoints (and servers) on a network will see little performance impact irrespective of the number or direction of file changes. | Enabled (both directions) | - 3. Configure the setting as appropriate, and click **OK**. - 4. Repeat the previous steps for each setting in the table. + 1. Configure the setting as appropriate, and click **OK**. + + 1. Repeat the previous steps for each setting in the table. 5. Configure the Microsoft Defender Antivirus scanning policy setting. To do this: + 1. From the **Microsoft Defender Antivirus** tree on left pane, click **Scan**. - ![Microsoft Defender Antivirus Scan options](images/gpedit-windows-defender-antivirus-scan.png) + + ![Microsoft Defender Antivirus Scan options](images/gpedit-windows-defender-antivirus-scan.png) - 2. In the **Scan** details pane on right, double-click the policy setting as specified in the following table: + 1. In the **Scan** details pane on right, double-click the policy setting as specified in the following table: - | Setting | Description | Default setting | - |-----------------------------|------------------------|-------------------------------| - | Turn on heuristics | Heuristic protection will disable or block suspicious activity immediately before the Microsoft Defender Antivirus engine is asked to detect the activity. | Enabled | + | Setting | Description | Default setting | + |-----------------------------|------------------------|-------------------------------| + | Turn on heuristics | Heuristic protection will disable or block suspicious activity immediately before the Microsoft Defender Antivirus engine is asked to detect the activity. | Enabled | - 3. Configure the setting as appropriate, and click **OK**. + 1. Configure the setting as appropriate, and click **OK**. + 6. Close **Local Group Policy Editor**. ## Disable real-time protection in Group Policy + > [!WARNING] > Disabling real-time protection drastically reduces the protection on your endpoints and is not recommended. The main real-time protection capability is enabled by default, but you can disable it by using **Local Group Policy Editor**. -To disable real-time protection in Group policy: +To disable real-time protection in Group policy: + 1. Open **Local Group Policy Editor**. - 1. In your Windows 10 taskbar search box, type **gpedit**. - 2. Under **Best match**, click **Edit group policy** to launch **Local Group Policy Editor**. + + 1. In your Windows 10 taskbar search box, type **gpedit**. + + 1. Under **Best match**, click **Edit group policy** to launch **Local Group Policy Editor**. 2. In the left pane of **Local Group Policy Editor**, expand the tree to **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus** > **Real-time Protection**. 3. In the **Real-time Protection** details pane on right, double-click **Turn off real-time protection**. -![Turn off real-time protection](images/gpedit-turn-off-real-time-protection.png) + + ![Turn off real-time protection](images/gpedit-turn-off-real-time-protection.png) 4. In the **Turn off real-time protection** setting window, set the option to **Enabled**. -![Turn off real-time protection enabled](images/gpedit-turn-off-real-time-protection-enabled.png) + + ![Turn off real-time protection enabled](images/gpedit-turn-off-real-time-protection-enabled.png) + 5. Click **OK**. + 6. Close **Local Group Policy Editor**. ## Related articles From 5e741c12f1adf735d3a1231ad33ca2e2db5183e8 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Fri, 12 Jun 2020 16:54:27 -0700 Subject: [PATCH 45/73] Corrected type on code block to a valid type We need to use one of the types on this list: https://docsmetadatatool.azurewebsites.net/allowlists# --- .../microsoft-defender-offline.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-offline.md b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-offline.md index cb5f4ad90e..0a396c5667 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-offline.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-offline.md @@ -106,7 +106,7 @@ Use the [**MSFT_MpWDOScan**](https://msdn.microsoft.com/library/dn455323(v=vs.85 The following WMI script snippet will immediately run a Microsoft Defender Offline scan, which will cause the endpoint to restart, run the offline scan, and then restart and boot into Windows. -```WMI +```console wmic /namespace:\\root\Microsoft\Windows\Defender path MSFT_MpWDOScan call Start ``` @@ -119,11 +119,9 @@ See the following for more information: 1. Open the Windows Security app by clicking the shield icon in the task bar or searching the start menu for **Defender**. 2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then the **Advanced scan** label: - 3. Select **Microsoft Defender Offline scan** and click **Scan now**. - > [!NOTE] > In Windows 10, version 1607, the offline scan could be run from under **Windows Settings** > **Update & security** > **Windows Defender** or from the Windows Defender client. From 943d2bf8965a8a1a2ffd8c69f86b20ad97f66f41 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Fri, 12 Jun 2020 16:56:10 -0700 Subject: [PATCH 46/73] Indented content in a list item --- ...ent-changes-to-security-settings-with-tamper-protection.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index 4a2fe0777f..3d058b3d8f 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -73,9 +73,9 @@ If you are a home user, or you are not subject to settings managed by a security 3. Set **Tamper Protection** to **On** or **Off**. -Here's what you see in the Windows Security app: + Here's what you see in the Windows Security app: -![Tamper protection turned on in Windows 10 Home](images/tamperprotectionturnedon.png) + ![Tamper protection turned on in Windows 10 Home](images/tamperprotectionturnedon.png) ## Turn tamper protection on (or off) for your organization using Intune From fc555d881cfa8eed71dcceacb1387a8a9e7a7d0b Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Fri, 12 Jun 2020 17:30:59 -0700 Subject: [PATCH 47/73] Applied a valid type to a code block Code blocks should have a type in this list: https://docsmetadatatool.azurewebsites.net/allowlists# --- .../microsoft-defender-antivirus-on-windows-server-2016.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016.md b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016.md index 5a5fefca87..2108fffbab 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016.md @@ -108,7 +108,7 @@ Get-Service -Name mpssvc As an alternative to PowerShell, you can use Command Prompt to verify that Microsoft Defender Antivirus is running. To do that, run the following command from a command prompt: -```DOS +```console sc query Windefend ``` From a4534aa49956f9a5d72b8e948a4a36a0f6124358 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Fri, 12 Jun 2020 18:38:37 -0700 Subject: [PATCH 48/73] Corrected the type on the code block --- .../appv-install-the-publishing-server-on-a-remote-computer.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/application-management/app-v/appv-install-the-publishing-server-on-a-remote-computer.md b/windows/application-management/app-v/appv-install-the-publishing-server-on-a-remote-computer.md index 8fce503469..f08f5dfe4d 100644 --- a/windows/application-management/app-v/appv-install-the-publishing-server-on-a-remote-computer.md +++ b/windows/application-management/app-v/appv-install-the-publishing-server-on-a-remote-computer.md @@ -38,7 +38,7 @@ Use the following procedure to install the publishing server on a separate compu 3. Enter the server name and a description (if required), then select **Add**. 9. To verify that the publishing server is running correctly, you should import a package to the management server, entitle that package to an AD group, then publish it. Using an internet browser, open the following URL: https://publishingserver:pubport. If the server is running correctly, information like the following example should appear. - ```SQL + ```xml From d98285e53da90a9fbf4b17d8bfcf75707b85c5ec Mon Sep 17 00:00:00 2001 From: illfated Date: Sun, 14 Jun 2020 01:59:42 +0200 Subject: [PATCH 49/73] MDATP/Onboarding issues: Localization adaptations Description: As discussed in issue ticket #6741 (ID de evento incorrecto o reemplazado por palabras) and #4775 (Error Event ID is invalid), automatic Machine Translation translates some table digits to words or replaces digits with others. Thanks to AmadorM for commenting about this in ticket #4775. Changes proposed: - Encapsulate table digits with MarkDown back ticks - Use MarkDown table center alignment for the value column - Update 2 MSDN URLs permanently redirected to docs.microsoft.com - Replace some freetext HTML codes with MarkDown code - Whitespace, codestyle, and grammar corrections: - Remove redundant end-of-line blanks - Add MarkDown indent marker compatibility spacing - Reduce single line triple back tick pairs to single pairs - Reduce some indents to 4 spaces (back from 5 spaces) - Normalize numbered list number/text spacing to 1 space - Standardize H2/H3/H4 headings to be followed by 1 blank line - Normalize headings to be preceded by 2 blank spaces - Move the word "key" out of one of the the HKEY code blocks - Add missing colon after "The status is then displayed" - Standardize line spacing in the 28-step illustrated procedure - Move 1 colon inside the MarkDown **bold** formatting - Replace tabs (redundant) inside table cells with 1 space - Correct the casing in Syncml -> SyncML - Remove *is* from "Currently is supported platforms:" Ticket closure or reference: Closes #6741 Ref. #4775 --- .../troubleshoot-onboarding.md | 181 +++++++++++------- 1 file changed, 109 insertions(+), 72 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md index c8c682d83f..04a9d022a7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md +++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md @@ -20,11 +20,11 @@ ms.topic: troubleshooting # Troubleshoot Microsoft Defender Advanced Threat Protection onboarding issues **Applies to:** + - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) - Windows Server 2012 R2 - Windows Server 2016 - You might need to troubleshoot the Microsoft Defender ATP onboarding process if you encounter issues. This page provides detailed steps to troubleshoot onboarding issues that might occur when deploying with one of the deployment tools and common errors that might occur on the machines. @@ -33,29 +33,34 @@ This page provides detailed steps to troubleshoot onboarding issues that might o If you have completed the onboarding process and don't see machines in the [Machines list](investigate-machines.md) after an hour, it might indicate an onboarding or connectivity problem. + ### Troubleshoot onboarding when deploying with Group Policy -Deployment with Group Policy is done by running the onboarding script on the machines. The Group Policy console does not indicate if the deployment has succeeded or not. + +Deployment with Group Policy is done by running the onboarding script on the machines. The Group Policy console does not indicate if the deployment has succeeded or not. If you have completed the onboarding process and don't see machines in the [Machines list](investigate-machines.md) after an hour, you can check the output of the script on the machines. For more information, see [Troubleshoot onboarding when deploying with a script](#troubleshoot-onboarding-when-deploying-with-a-script). If the script completes successfully, see [Troubleshoot onboarding issues on the machines](#troubleshoot-onboarding-issues-on-the-machine) for additional errors that might occur. + ### Troubleshoot onboarding issues when deploying with Microsoft Endpoint Configuration Manager + When onboarding machines using the following versions of Configuration Manager: -- Microsoft Endpoint Configuration Manager + +- Microsoft Endpoint Configuration Manager - System Center 2012 Configuration Manager - System Center 2012 R2 Configuration Manager - Deployment with the above-mentioned versions of Configuration Manager is done by running the onboarding script on the machines. You can track the deployment in the Configuration Manager Console. If the deployment fails, you can check the output of the script on the machines. If the onboarding completed successfully but the machines are not showing up in the **Machines list** after an hour, see [Troubleshoot onboarding issues on the machine](#troubleshoot-onboarding-issues-on-the-machine) for additional errors that might occur. + ### Troubleshoot onboarding when deploying with a script -**Check the result of the script on the machine**: +**Check the result of the script on the machine:** 1. Click **Start**, type **Event Viewer**, and press **Enter**. 2. Go to **Windows Logs** > **Application**. @@ -67,17 +72,19 @@ If the script fails and the event is an error, you can check the event ID in the > The following event IDs are specific to the onboarding script only. Event ID | Error Type | Resolution steps -:---|:---|:--- -5 | Offboarding data was found but couldn't be deleted | Check the permissions on the registry, specifically ```HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection```. -10 | Onboarding data couldn't be written to registry | Check the permissions on the registry, specifically
    ```HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection```.
    Verify that the script has been run as an administrator. -15 | Failed to start SENSE service |Check the service health (```sc query sense``` command). Make sure it's not in an intermediate state (*'Pending_Stopped'*, *'Pending_Running'*) and try to run the script again (with administrator rights).

    If the machine is running Windows 10, version 1607 and running the command `sc query sense` returns `START_PENDING`, reboot the machine. If rebooting the machine doesn't address the issue, upgrade to KB4015217 and try onboarding again. -15 | Failed to start SENSE service | If the message of the error is: System error 577 or error 1058 has occurred. You need to enable the Microsoft Defender Antivirus ELAM driver, see [Ensure that Microsoft Defender Antivirus is not disabled by a policy](#ensure-that-microsoft-defender-antivirus-is-not-disabled-by-a-policy) for instructions. -30 | The script failed to wait for the service to start running | The service could have taken more time to start or has encountered errors while trying to start. For more information on events and errors related to SENSE, see [Review events and errors using Event viewer](event-error-codes.md). -35 | The script failed to find needed onboarding status registry value | When the SENSE service starts for the first time, it writes onboarding status to the registry location
    ```HKLM\SOFTWARE\Microsoft\Windows Advanced Threat Protection\Status```.
    The script failed to find it after several seconds. You can manually test it and check if it's there. For more information on events and errors related to SENSE, see [Review events and errors using Event viewer](event-error-codes.md). -40 | SENSE service onboarding status is not set to **1** | The SENSE service has failed to onboard properly. For more information on events and errors related to SENSE, see [Review events and errors using Event viewer](event-error-codes.md). -65 | Insufficient privileges| Run the script again with administrator privileges. +:---:|:---|:--- + `5` | Offboarding data was found but couldn't be deleted | Check the permissions on the registry, specifically
    `HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection`. +`10` | Onboarding data couldn't be written to registry | Check the permissions on the registry, specifically
    `HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection`.
    Verify that the script has been run as an administrator. +`15` | Failed to start SENSE service |Check the service health (`sc query sense` command). Make sure it's not in an intermediate state (*'Pending_Stopped'*, *'Pending_Running'*) and try to run the script again (with administrator rights).

    If the machine is running Windows 10, version 1607 and running the command `sc query sense` returns `START_PENDING`, reboot the machine. If rebooting the machine doesn't address the issue, upgrade to KB4015217 and try onboarding again. +`15` | Failed to start SENSE service | If the message of the error is: System error 577 or error 1058 has occurred, you need to enable the Microsoft Defender Antivirus ELAM driver, see [Ensure that Microsoft Defender Antivirus is not disabled by a policy](#ensure-that-microsoft-defender-antivirus-is-not-disabled-by-a-policy) for instructions. +`30` | The script failed to wait for the service to start running | The service could have taken more time to start or has encountered errors while trying to start. For more information on events and errors related to SENSE, see [Review events and errors using Event viewer](event-error-codes.md). +`35` | The script failed to find needed onboarding status registry value | When the SENSE service starts for the first time, it writes onboarding status to the registry location
    `HKLM\SOFTWARE\Microsoft\Windows Advanced Threat Protection\Status`.
    The script failed to find it after several seconds. You can manually test it and check if it's there. For more information on events and errors related to SENSE, see [Review events and errors using Event viewer](event-error-codes.md). +`40` | SENSE service onboarding status is not set to **1** | The SENSE service has failed to onboard properly. For more information on events and errors related to SENSE, see [Review events and errors using Event viewer](event-error-codes.md). +`65` | Insufficient privileges| Run the script again with administrator privileges. + ### Troubleshoot onboarding issues using Microsoft Intune + You can use Microsoft Intune to check error codes and attempt to troubleshoot the cause of the issue. If you have configured policies in Intune and they are not propagated on machines, you might need to configure automatic MDM enrollment. @@ -92,28 +99,27 @@ If none of the event logs and troubleshooting steps work, download the Local scr **Microsoft Intune error codes and OMA-URIs**: - Error Code Hex | Error Code Dec | Error Description | OMA-URI | Possible cause and troubleshooting steps -:---|:---|:---|:---|:--- -0x87D1FDE8 | -2016281112 | Remediation failed | Onboarding
    Offboarding | **Possible cause:** Onboarding or offboarding failed on a wrong blob: wrong signature or missing PreviousOrgIds fields.

    **Troubleshooting steps:**
    Check the event IDs in the [View agent onboarding errors in the machine event log](#view-agent-onboarding-errors-in-the-machine-event-log) section.

    Check the MDM event logs in the following table or follow the instructions in [Diagnose MDM failures in Windows 10](https://msdn.microsoft.com/library/windows/hardware/mt632120%28v=vs.85%29.aspx). - | | | | Onboarding
    Offboarding
    SampleSharing | **Possible cause:** Microsoft Defender ATP Policy registry key does not exist or the OMA DM client doesn't have permissions to write to it.

    **Troubleshooting steps:** Ensure that the following registry key exists: ```HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection```

    If it doesn't exist, open an elevated command and add the key. - | | | | SenseIsRunning
    OnboardingState
    OrgId | **Possible cause:** An attempt to remediate by read-only property. Onboarding has failed.

    **Troubleshooting steps:** Check the troubleshooting steps in [Troubleshoot onboarding issues on the machine](#troubleshoot-onboarding-issues-on-the-machine).

    Check the MDM event logs in the following table or follow the instructions in [Diagnose MDM failures in Windows 10](https://msdn.microsoft.com/library/windows/hardware/mt632120%28v=vs.85%29.aspx). - || | | All | **Possible cause:** Attempt to deploy Microsoft Defender ATP on non-supported SKU/Platform, particularly Holographic SKU.

    Currently is supported platforms: Enterprise, Education, and Professional.
    Server is not supported. - 0x87D101A9 | -2016345687 |Syncml(425): The requested command failed because the sender does not have adequate access control permissions (ACL) on the recipient. | All | **Possible cause:** Attempt to deploy Microsoft Defender ATP on non-supported SKU/Platform, particularly Holographic SKU.

    Currently is supported platforms: Enterprise, Education, and Professional. +:---:|:---|:---|:---|:--- +0x87D1FDE8 | -2016281112 | Remediation failed | Onboarding
    Offboarding | **Possible cause:** Onboarding or offboarding failed on a wrong blob: wrong signature or missing PreviousOrgIds fields.

    **Troubleshooting steps:**
    Check the event IDs in the [View agent onboarding errors in the machine event log](#view-agent-onboarding-errors-in-the-machine-event-log) section.

    Check the MDM event logs in the following table or follow the instructions in [Diagnose MDM failures in Windows 10](https://docs.microsoft.com/windows/client-management/mdm/diagnose-mdm-failures-in-windows-10). + | | | | Onboarding
    Offboarding
    SampleSharing | **Possible cause:** Microsoft Defender ATP Policy registry key does not exist or the OMA DM client doesn't have permissions to write to it.

    **Troubleshooting steps:** Ensure that the following registry key exists: `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection`

    If it doesn't exist, open an elevated command and add the key. + | | | | SenseIsRunning
    OnboardingState
    OrgId | **Possible cause:** An attempt to remediate by read-only property. Onboarding has failed.

    **Troubleshooting steps:** Check the troubleshooting steps in [Troubleshoot onboarding issues on the machine](#troubleshoot-onboarding-issues-on-the-machine).

    Check the MDM event logs in the following table or follow the instructions in [Diagnose MDM failures in Windows 10](https://docs.microsoft.com/windows/client-management/mdm/diagnose-mdm-failures-in-windows-10). + | | | | All | **Possible cause:** Attempt to deploy Microsoft Defender ATP on non-supported SKU/Platform, particularly Holographic SKU.

    Currently supported platforms:
    Enterprise, Education, and Professional.
    Server is not supported. + 0x87D101A9 | -2016345687 |SyncML(425): The requested command failed because the sender does not have adequate access control permissions (ACL) on the recipient. | All | **Possible cause:** Attempt to deploy Microsoft Defender ATP on non-supported SKU/Platform, particularly Holographic SKU.

    Currently supported platforms:
    Enterprise, Education, and Professional. -
    -Known issues with non-compliance + +**Known issues with non-compliance** The following table provides information on issues with non-compliance and how you can address the issues. Case | Symptoms | Possible cause and troubleshooting steps -:---|:---|:--- -1 | Machine is compliant by SenseIsRunning OMA-URI. But is non-compliant by OrgId, Onboarding and OnboardingState OMA-URIs. | **Possible cause:** Check that user passed OOBE after Windows installation or upgrade. During OOBE onboarding couldn't be completed but SENSE is running already.

    **Troubleshooting steps:** Wait for OOBE to complete. -2 | Machine is compliant by OrgId, Onboarding, and OnboardingState OMA-URIs, but is non-compliant by SenseIsRunning OMA-URI. | **Possible cause:** Sense service's startup type is set as "Delayed Start". Sometimes this causes the Microsoft Intune server to report the machine as non-compliant by SenseIsRunning when DM session occurs on system start.

    **Troubleshooting steps:** The issue should automatically be fixed within 24 hours. -3 | Machine is non-compliant | **Troubleshooting steps:** Ensure that Onboarding and Offboarding policies are not deployed on the same machine at same time. +:---:|:---|:--- + `1` | Machine is compliant by SenseIsRunning OMA-URI. But is non-compliant by OrgId, Onboarding and OnboardingState OMA-URIs. | **Possible cause:** Check that user passed OOBE after Windows installation or upgrade. During OOBE onboarding couldn't be completed but SENSE is running already.

    **Troubleshooting steps:** Wait for OOBE to complete. + `2` | Machine is compliant by OrgId, Onboarding, and OnboardingState OMA-URIs, but is non-compliant by SenseIsRunning OMA-URI. | **Possible cause:** Sense service's startup type is set as "Delayed Start". Sometimes this causes the Microsoft Intune server to report the machine as non-compliant by SenseIsRunning when DM session occurs on system start.

    **Troubleshooting steps:** The issue should automatically be fixed within 24 hours. + `3` | Machine is non-compliant | **Troubleshooting steps:** Ensure that Onboarding and Offboarding policies are not deployed on the same machine at same time. -
    -Mobile Device Management (MDM) event logs + +**Mobile Device Management (MDM) event logs** View the MDM event logs to troubleshoot issues that might arise during onboarding: @@ -125,7 +131,9 @@ ID | Severity | Event description | Troubleshooting steps :---|:---|:---|:--- 1819 | Error | Microsoft Defender Advanced Threat Protection CSP: Failed to Set Node's Value. NodeId: (%1), TokenName: (%2), Result: (%3). | Download the [Cumulative Update for Windows 10, 1607](https://go.microsoft.com/fwlink/?linkid=829760). + ## Troubleshoot onboarding issues on the machine + If the deployment tools used does not indicate an error in the onboarding process, but machines are still not appearing in the machines list in an hour, go through the following verification topics to check if an error occurred with the Microsoft Defender ATP agent: - [View agent onboarding errors in the machine event log](#view-agent-onboarding-errors-in-the-machine-event-log) - [Ensure the diagnostic data service is enabled](#ensure-the-diagnostics-service-is-enabled) @@ -154,44 +162,47 @@ If the deployment tools used does not indicate an error in the onboarding proces 6. Events which can indicate issues will appear in the **Operational** pane. You can attempt to troubleshoot them based on the solutions in the following table: Event ID | Message | Resolution steps -:---|:---|:--- -5 | Microsoft Defender Advanced Threat Protection service failed to connect to the server at _variable_ | [Ensure the machine has Internet access](#ensure-the-machine-has-an-internet-connection). -6 | Microsoft Defender Advanced Threat Protection service is not onboarded and no onboarding parameters were found. Failure code: _variable_ | [Run the onboarding script again](configure-endpoints-script.md). -7 | Microsoft Defender Advanced Threat Protection service failed to read the onboarding parameters. Failure code: _variable_ | [Ensure the machine has Internet access](#ensure-the-machine-has-an-internet-connection), then run the entire onboarding process again. -9 | Microsoft Defender Advanced Threat Protection service failed to change its start type. Failure code: variable | If the event happened during onboarding, reboot and re-attempt running the onboarding script. For more information, see [Run the onboarding script again](configure-endpoints-script.md).

    If the event happened during offboarding, contact support. -10 | Microsoft Defender Advanced Threat Protection service failed to persist the onboarding information. Failure code: variable | If the event happened during onboarding, re-attempt running the onboarding script. For more information, see [Run the onboarding script again](configure-endpoints-script.md).

    If the problem persists, contact support. -15 | Microsoft Defender Advanced Threat Protection cannot start command channel with URL: _variable_ | [Ensure the machine has Internet access](#ensure-the-machine-has-an-internet-connection). -17 | Microsoft Defender Advanced Threat Protection service failed to change the Connected User Experiences and Telemetry service location. Failure code: variable | [Run the onboarding script again](configure-endpoints-script.md). If the problem persists, contact support. -25 | Microsoft Defender Advanced Threat Protection service failed to reset health status in the registry. Failure code: _variable_ | Contact support. -27 | Failed to enable Microsoft Defender Advanced Threat Protection mode in Windows Defender. Onboarding process failed. Failure code: variable | Contact support. -29 | Failed to read the offboarding parameters. Error type: %1, Error code: %2, Description: %3 | Ensure the machine has Internet access, then run the entire offboarding process again. -30 | Failed to disable $(build.sense.productDisplayName) mode in Microsoft Defender Advanced Threat Protection. Failure code: %1 | Contact support. -32 | $(build.sense.productDisplayName) service failed to request to stop itself after offboarding process. Failure code: %1 | Verify that the service start type is manual and reboot the machine. -55 | Failed to create the Secure ETW autologger. Failure code: %1 | Reboot the machine. -63 | Updating the start type of external service. Name: %1, actual start type: %2, expected start type: %3, exit code: %4 | Identify what is causing changes in start type of mentioned service. If the exit code is not 0, fix the start type manually to expected start type. -64 | Starting stopped external service. Name: %1, exit code: %2 | Contact support if the event keeps re-appearing. -68 | The start type of the service is unexpected. Service name: %1, actual start type: %2, expected start type: %3 | Identify what is causing changes in start type. Fix mentioned service start type. -69 | The service is stopped. Service name: %1 | Start the mentioned service. Contact support if persists. +:---:|:---|:--- + `5` | Microsoft Defender Advanced Threat Protection service failed to connect to the server at _variable_ | [Ensure the machine has Internet access](#ensure-the-machine-has-an-internet-connection). + `6` | Microsoft Defender Advanced Threat Protection service is not onboarded and no onboarding parameters were found. Failure code: _variable_ | [Run the onboarding script again](configure-endpoints-script.md). + `7` | Microsoft Defender Advanced Threat Protection service failed to read the onboarding parameters. Failure code: _variable_ | [Ensure the machine has Internet access](#ensure-the-machine-has-an-internet-connection), then run the entire onboarding process again. + `9` | Microsoft Defender Advanced Threat Protection service failed to change its start type. Failure code: variable | If the event happened during onboarding, reboot and re-attempt running the onboarding script. For more information, see [Run the onboarding script again](configure-endpoints-script.md).

    If the event happened during offboarding, contact support. +`10` | Microsoft Defender Advanced Threat Protection service failed to persist the onboarding information. Failure code: variable | If the event happened during onboarding, re-attempt running the onboarding script. For more information, see [Run the onboarding script again](configure-endpoints-script.md).

    If the problem persists, contact support. +`15` | Microsoft Defender Advanced Threat Protection cannot start command channel with URL: _variable_ | [Ensure the machine has Internet access](#ensure-the-machine-has-an-internet-connection). +`17` | Microsoft Defender Advanced Threat Protection service failed to change the Connected User Experiences and Telemetry service location. Failure code: variable | [Run the onboarding script again](configure-endpoints-script.md). If the problem persists, contact support. +`25` | Microsoft Defender Advanced Threat Protection service failed to reset health status in the registry. Failure code: _variable_ | Contact support. +`27` | Failed to enable Microsoft Defender Advanced Threat Protection mode in Windows Defender. Onboarding process failed. Failure code: variable | Contact support. +`29` | Failed to read the offboarding parameters. Error type: %1, Error code: %2, Description: %3 | Ensure the machine has Internet access, then run the entire offboarding process again. +`30` | Failed to disable $(build.sense.productDisplayName) mode in Microsoft Defender Advanced Threat Protection. Failure code: %1 | Contact support. +`32` | $(build.sense.productDisplayName) service failed to request to stop itself after offboarding process. Failure code: %1 | Verify that the service start type is manual and reboot the machine. +`55` | Failed to create the Secure ETW autologger. Failure code: %1 | Reboot the machine. +`63` | Updating the start type of external service. Name: %1, actual start type: %2, expected start type: %3, exit code: %4 | Identify what is causing changes in start type of mentioned service. If the exit code is not 0, fix the start type manually to expected start type. +`64` | Starting stopped external service. Name: %1, exit code: %2 | Contact support if the event keeps re-appearing. +`68` | The start type of the service is unexpected. Service name: %1, actual start type: %2, expected start type: %3 | Identify what is causing changes in start type. Fix mentioned service start type. +`69` | The service is stopped. Service name: %1 | Start the mentioned service. Contact support if persists.
    There are additional components on the machine that the Microsoft Defender ATP agent depends on to function properly. If there are no onboarding related errors in the Microsoft Defender ATP agent event log, proceed with the following steps to ensure that the additional components are configured correctly. + ### Ensure the diagnostic data service is enabled + If the machines aren't reporting correctly, you might need to check that the Windows 10 diagnostic data service is set to automatically start and is running on the machine. The service might have been disabled by other programs or user configuration changes. First, you should check that the service is set to start automatically when Windows starts, then you should check that the service is currently running (and start it if it isn't). + ### Ensure the service is set to start **Use the command line to check the Windows 10 diagnostic data service startup type**: 1. Open an elevated command-line prompt on the machine: - a. Click **Start**, type **cmd**, and press **Enter**. + a. Click **Start**, type **cmd**, and press **Enter**. - b. Right-click **Command prompt** and select **Run as administrator**. + b. Right-click **Command prompt** and select **Run as administrator**. 2. Enter the following command, and press **Enter**: @@ -210,9 +221,9 @@ First, you should check that the service is set to start automatically when Wind 1. Open an elevated command-line prompt on the machine: - a. Click **Start**, type **cmd**, and press **Enter**. + a. Click **Start**, type **cmd**, and press **Enter**. - b. Right-click **Command prompt** and select **Run as administrator**. + b. Right-click **Command prompt** and select **Run as administrator**. 2. Enter the following command, and press **Enter**: @@ -244,7 +255,9 @@ To ensure that sensor has service connectivity, follow the steps described in th If the verification fails and your environment is using a proxy to connect to the Internet, then follow the steps described in [Configure proxy and Internet connectivity settings](configure-proxy-internet.md) topic. + ### Ensure that Microsoft Defender Antivirus is not disabled by a policy + **Problem**: The Microsoft Defender ATP service does not start after onboarding. **Symptom**: Onboarding successfully completes, but you see error 577 or error 1058 when trying to start the service. @@ -258,19 +271,20 @@ If the verification fails and your environment is using a proxy to connect to th For example, in Group Policy there should be no entries such as the following values: - - `````` - - `````` + - `` + - `` - After clearing the policy, run the onboarding steps again. - You can also check the following registry key values to verify that the policy is disabled: - 1. Open the registry ```key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender```. - 2. Ensure that the value ```DisableAntiSpyware``` is not present. + 1. Open the registry key `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender`. + 2. Ensure that the value `DisableAntiSpyware` is not present. - ![Image of registry key for Microsoft Defender Antivirus](images/atp-disableantispyware-regkey.png) + ![Image of registry key for Microsoft Defender Antivirus](images/atp-disableantispyware-regkey.png) ## Troubleshoot onboarding issues on a server + If you encounter issues while onboarding a server, go through the following verification steps to address possible issues. - [Ensure Microsoft Monitoring Agent (MMA) is installed and configured to report sensor data to the service](configure-server-endpoints.md#server-mma) @@ -293,8 +307,10 @@ You might also need to check the following: - Check to see that machines are reflected in the **Machines list** in the portal. -## Confirming onboarding of newly built machines -There may be instances when onboarding is deployed on a newly built machine but not completed. + +## Confirming onboarding of newly built machines + +There may be instances when onboarding is deployed on a newly built machine but not completed. The steps below provide guidance for the following scenario: - Onboarding package is deployed to newly built machines @@ -302,106 +318,127 @@ The steps below provide guidance for the following scenario: - Machine is turned off or restarted before the end user performs a first logon - In this scenario, the SENSE service will not start automatically even though onboarding package was deployed ->[!NOTE] ->The following steps are only relevant when using Microsoft Endpoint Configuration Manager +> [!NOTE] +> The following steps are only relevant when using Microsoft Endpoint Configuration Manager -1. Create an application in Microsoft Endpoint Configuration Manager. +1. Create an application in Microsoft Endpoint Configuration Manager. ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-1.png) 2. Select **Manually specify the application information**. + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-2.png) 3. Specify information about the application, then select **Next**. + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-3.png) -4. Specify information about the software center, then select **Next**. +4. Specify information about the software center, then select **Next**. + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-4.png) 5. In **Deployment types** select **Add**. + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-5.png) 6. Select **Manually specify the deployment type information**, then select **Next**. + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-6.png) 7. Specify information about the deployment type, then select **Next**. + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-7.png) 8. In **Content** > **Installation program** specify the command: `net start sense`. + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-8.png) -9. In **Detection method**, select **Configure rules to detect the presence of this deployment type**, then select **Add Clause**. +9. In **Detection method**, select **Configure rules to detect the presence of this deployment type**, then select **Add Clause**. ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-9.png) 10. Specify the following detection rule details, then select **OK**: + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-10.png) 11. In **Detection method** select **Next**. + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-11.png) 12. In **User Experience**, specify the following information, then select **Next**: + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-12.png) 13. In **Requirements**, select **Next**. + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-13.png) 14. In **Dependencies**, select **Next**. + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-14.png) 15. In **Summary**, select **Next**. + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-15.png) 16. In **Completion**, select **Close**. - - ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-16.png) + + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-16.png) 17. In **Deployment types**, select **Next**. - + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-17.png) 18. In **Summary**, select **Next**. + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-18.png) - - The status is then displayed + + The status is then displayed: ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-19.png) 19. In **Completion**, select **Close**. - + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-20.png) 20. You can now deploy the application by right-clicking the app and selecting **Deploy**. - + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-21.png) 21. In **General** select **Automatically distribute content for dependencies** and **Browse**. + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-22.png) 22. In **Content** select **Next**. + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-23.png) 23. In **Deployment settings**, select **Next**. + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-24.png) 24. In **Scheduling** select **As soon as possible after the available time**, then select **Next**. + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-25.png) 25. In **User experience**, select **Commit changes at deadline or during a maintenance window (requires restarts)**, then select **Next**. + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-26.png) 26. In **Alerts** select **Next**. + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-27.png) -27. In **Summary**, select **Next**. +27. In **Summary**, select **Next**. + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-28.png) The status is then displayed ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-29.png) 28. In **Completion**, select **Close**. - ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-30.png) + ![Image of Microsoft Endpoint Configuration Manager configuration](images/mecm-30.png) ## Related topics From 1a9a8cec2df8170e41b36ea726b55366710d144f Mon Sep 17 00:00:00 2001 From: illfated Date: Sun, 14 Jun 2020 03:18:09 +0200 Subject: [PATCH 50/73] Windows Update: code blocks vs. translation errors Description: As reported in issue ticket #6953 (Translations errors caused by missing code block), there are several remaining lines of text directly referencing file paths and/or OS commands where the commands and their parameters get translated due to a lack of MarkDown code blocks. Thanks to sebbu2 for reporting this issue. Changes proposed: - Encapsulate (enclose) CLi commands and folder paths in MD back ticks - Remove MD bullet point indicators from the encapsulated lines - Whitespace & grammar corrections: - Normalize indentation, for the code blocks in particular - Add missing MarkDown indent marker compatibility spacing - Add blank line after H2 heading (MD codestyle standard) - Grammar improvement: "allow reset" -> 'allows you to reset' - Add readability comma to the same sentence - Remove redundant blank line in the metadata section Ticket closure or reference: Closes #6953 --- .../update/windows-update-resources.md | 31 +++++++++++-------- 1 file changed, 18 insertions(+), 13 deletions(-) diff --git a/windows/deployment/update/windows-update-resources.md b/windows/deployment/update/windows-update-resources.md index 16e2488d65..c3631a707c 100644 --- a/windows/deployment/update/windows-update-resources.md +++ b/windows/deployment/update/windows-update-resources.md @@ -3,7 +3,6 @@ title: Windows Update - Additional resources description: Additional resources for Windows Update ms.prod: w10 ms.mktglfcycl: - audience: itpro author: jaimeo ms.localizationpriority: medium @@ -17,7 +16,7 @@ ms.topic: article # Windows Update - additional resources ->Applies to: Windows 10 +> Applies to: Windows 10 The following resources provide additional information about using Windows Update. @@ -37,10 +36,11 @@ The following resources provide additional information about using Windows Updat [This script](https://gallery.technet.microsoft.com/scriptcenter/Reset-WindowsUpdateps1-e0c5eb78) will completely reset the Windows Update client settings. It has been tested on Windows 7, 8, 10, and Windows Server 2012 R2. It will configure the services and registry keys related to Windows Update for default settings. It will also clean up files related to Windows Update, in addition to BITS related data. -[This script](https://gallery.technet.microsoft.com/scriptcenter/Reset-Windows-Update-Agent-d824badc) allow reset the Windows Update Agent resolving issues with Windows Update. +[This script](https://gallery.technet.microsoft.com/scriptcenter/Reset-Windows-Update-Agent-d824badc) allows you to reset the Windows Update Agent, resolving issues with Windows Update. ## Reset Windows Update components manually + 1. Open a Windows command prompt. To open a command prompt, click **Start > Run**. Copy and paste (or type) the following command and then press ENTER: ``` cmd @@ -56,17 +56,22 @@ The following resources provide additional information about using Windows Updat ``` 4. If this is your first attempt at resolving your Windows Update issues by using the steps in this article, go to step 5 without carrying out the steps in step 4. The steps in step 4 should only be performed at this point in the troubleshooting if you cannot resolve your Windows Update issues after following all steps but step 4. The steps in step 4 are also performed by the "Aggressive" mode of the Fix it Solution above. 1. Rename the following folders to *.BAK: - - %systemroot%\SoftwareDistribution\DataStore - - %systemroot%\SoftwareDistribution\Download - - %systemroot%\system32\catroot2 - - To do this, type the following commands at a command prompt. Press ENTER after you type each command. - - Ren %systemroot%\SoftwareDistribution\DataStore *.bak - - Ren %systemroot%\SoftwareDistribution\Download *.bak - - Ren %systemroot%\system32\catroot2 *.bak + ``` + %systemroot%\SoftwareDistribution\DataStore + %systemroot%\SoftwareDistribution\Download + %systemroot%\system32\catroot2 + ``` + To do this, type the following commands at a command prompt. Press ENTER after you type each command. + ``` + Ren %systemroot%\SoftwareDistribution\DataStore *.bak + Ren %systemroot%\SoftwareDistribution\Download *.bak + Ren %systemroot%\system32\catroot2 *.bak + ``` 2. Reset the BITS service and the Windows Update service to the default security descriptor. To do this, type the following commands at a command prompt. Press ENTER after you type each command. - - sc.exe sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU) - - sc.exe sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU) + ``` + sc.exe sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU) + sc.exe sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU) + ``` 5. Type the following command at a command prompt, and then press ENTER: ``` cd /d %windir%\system32 From 8ef88ecb990c089cd271ed630d1216786fbc81f1 Mon Sep 17 00:00:00 2001 From: EfiKliger <45028856+EfiKliger@users.noreply.github.com> Date: Mon, 15 Jun 2020 07:58:34 +0300 Subject: [PATCH 51/73] Update manage-indicators.md --- .../microsoft-defender-atp/manage-indicators.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md b/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md index c2f2dd8964..e1f2ac58da 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md @@ -95,7 +95,7 @@ It's important to understand the following prerequisites prior to creating indic 4. Specify the following details: - Indicator - Specify the entity details and define the expiration of the indicator. - Action - Specify the action to be taken and provide a description. - - Scope - Define the scope of the machine group. + - Scope - Define the scope of the machine group according to your [user permissions](machine-groups.md). 5. Review the details in the Summary tab, then click **Save**. From 729cef0ad81b4712a206d173435d20d8043a46e7 Mon Sep 17 00:00:00 2001 From: amirsc3 <42802974+amirsc3@users.noreply.github.com> Date: Mon, 15 Jun 2020 15:28:30 +0300 Subject: [PATCH 52/73] Update configure-endpoints-vdi.md Adding line to remove senseGuid to prevent re-onboarding via PS1 issue --- .../microsoft-defender-atp/configure-endpoints-vdi.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md index b640c52453..bc65d8301d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md @@ -136,6 +136,7 @@ If offline servicing is not a viable option for your non-persistent VDI environm PsExec.exe -s cmd.exe cd "C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Cyber" del *.* /f /s /q + REG DELETE “HKLM\SOFTWARE\Microsoft\Windows Advanced Threat Protection" /v senseGuid /f exit ``` From b192690b4bf683fe18aac55f4b4e7a1f11e27360 Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Mon, 15 Jun 2020 08:51:22 -0700 Subject: [PATCH 53/73] updating blacklist/whitelist to allow/block --- devices/hololens/hololens-faq-security.md | 12 +- devices/hololens/hololens-offline.md | 2 +- devices/hololens/hololens-requirements.md | 2 +- ...olicies-for-surface-hub-device-accounts.md | 4 +- ...e-and-test-a-device-account-surface-hub.md | 2 +- .../surface-hub/troubleshoot-surface-hub.md | 2 +- .../mdm/applicationcontrol-csp.md | 2 +- .../client-management/mdm/applocker-csp.md | 2 +- .../mdm/healthattestation-csp.md | 16 +- ...ew-in-windows-mdm-enrollment-management.md | 6 +- .../windows-10-mobile-and-mdm.md | 4 +- windows/configuration/wcd/wcd-cellcore.md | 2 +- .../update/windows-update-troubleshooting.md | 2 +- .../upgrade-windows-phone-8-1-to-10.md | 227 +++++++++--------- .../windows-10-enterprise-e3-overview.md | 2 +- .../windows-autopilot-requirements.md | 2 +- ...g-recommendations-for-many-audit-events.md | 2 +- .../audit-security-system-extension.md | 6 +- .../threat-protection/auditing/event-4611.md | 2 +- .../threat-protection/auditing/event-4614.md | 2 +- .../threat-protection/auditing/event-4622.md | 2 +- .../threat-protection/auditing/event-4624.md | 2 +- .../threat-protection/auditing/event-4648.md | 2 +- .../threat-protection/auditing/event-4688.md | 2 +- .../threat-protection/auditing/event-4696.md | 2 +- .../threat-protection/auditing/event-4703.md | 2 +- .../threat-protection/auditing/event-4704.md | 2 +- .../threat-protection/auditing/event-4705.md | 2 +- .../threat-protection/auditing/event-4717.md | 2 +- .../threat-protection/auditing/event-4718.md | 2 +- .../threat-protection/auditing/event-4732.md | 2 +- .../threat-protection/auditing/event-4733.md | 2 +- .../threat-protection/auditing/event-4751.md | 2 +- .../threat-protection/auditing/event-4752.md | 2 +- .../threat-protection/auditing/event-4768.md | 4 +- .../threat-protection/auditing/event-4769.md | 4 +- .../threat-protection/auditing/event-4771.md | 4 +- .../threat-protection/auditing/event-4776.md | 2 +- .../threat-protection/auditing/event-4778.md | 2 +- .../threat-protection/auditing/event-4779.md | 2 +- .../threat-protection/auditing/event-5152.md | 2 +- .../threat-protection/auditing/event-5156.md | 2 +- .../threat-protection/auditing/event-5157.md | 2 +- ...onnections-microsoft-defender-antivirus.md | 2 +- .../configure-mssp-support.md | 8 +- .../controlled-folders.md | 2 +- .../customize-controlled-folders.md | 4 +- .../mac-install-with-intune.md | 2 +- .../mac-install-with-other-mdm.md | 2 +- .../microsoft-defender-atp/mac-whatsnew.md | 2 +- .../manage-automation-folder-exclusions.md | 2 +- .../manage-indicators.md | 2 +- .../production-deployment.md | 4 +- .../troubleshoot-mdatp.md | 4 +- .../microsoft-defender-atp/troubleshoot-np.md | 2 +- .../troubleshoot-onboarding-error-messages.md | 4 +- ...iew-of-threat-mitigations-in-windows-10.md | 2 +- ...arding-to-assist-in-intrusion-detection.md | 2 +- .../LOB-win32-apps-on-s.md | 2 +- ...ows-defender-application-control-policy.md | 2 +- ...s-defender-application-control-policies.md | 2 +- ...or-windows-defender-application-control.md | 2 +- .../create-initial-default-policy.md | 4 +- ...e-wdac-policy-for-fully-managed-devices.md | 2 +- ...wdac-policy-for-lightly-managed-devices.md | 2 +- ...rt-windows-defender-application-control.md | 2 +- ...s-defender-application-control-policies.md | 2 +- ...ion-control-policies-using-group-policy.md | 2 +- ...plication-control-policies-using-intune.md | 2 +- ...s-defender-application-control-policies.md | 2 +- ...s-defender-application-control-policies.md | 2 +- .../event-id-explanations.md | 2 +- .../example-wdac-base-policies.md | 2 +- .../feature-availability.md | 2 +- ...th-windows-defender-application-control.md | 2 +- ...s-defender-application-control-policies.md | 2 +- .../microsoft-recommended-block-rules.md | 6 +- ...defender-application-control-management.md | 2 +- ...events-centrally-using-advanced-hunting.md | 2 +- .../select-types-of-rules-to-create.md | 2 +- .../types-of-devices.md | 2 +- ...ication-control-policy-design-decisions.md | 2 +- ...ontrol-for-classic-windows-applications.md | 2 +- ...-portal-in-microsoft-store-for-business.md | 2 +- ...r-application-control-against-tampering.md | 2 +- ...l-specific-plug-ins-add-ins-and-modules.md | 2 +- ...tion-control-with-dynamic-code-security.md | 2 +- ...control-with-intelligent-security-graph.md | 2 +- ...lication-control-with-managed-installer.md | 4 +- .../wdac-and-applocker-overview.md | 2 +- ...er-application-control-deployment-guide.md | 4 +- ...fender-application-control-design-guide.md | 2 +- ...r-application-control-operational-guide.md | 2 +- .../windows-defender-application-control.md | 2 +- ...sed-root-of-trust-helps-protect-windows.md | 2 +- ...sed-root-of-trust-helps-protect-windows.md | 2 +- 96 files changed, 242 insertions(+), 241 deletions(-) diff --git a/devices/hololens/hololens-faq-security.md b/devices/hololens/hololens-faq-security.md index 85f66c8318..770410499f 100644 --- a/devices/hololens/hololens-faq-security.md +++ b/devices/hololens/hololens-faq-security.md @@ -34,7 +34,7 @@ appliesto: 1. **What frequency range and channels does the device operate on and is it configurable?** 1. Wi-Fi: The frequency range is not user configurable and depends on the country of use. In the US Wi-Fi uses both 2.4 GHz (1-11) channels and 5 GHz (36-64, 100-165) channels. 1. Bluetooth: Bluetooth uses the standard 2.4-2.48 GHz range. -1. **Can the device blacklist or white list specific frequencies?** +1. **Can the device allow or block specific frequencies?** 1. This is not controllable by the user/device 1. **What is the power level for both transmit and receive? Is it adjustable? What is the range of operation?** 1. Our emissions testing standards can be found [here](https://fccid.io/C3K1688). Range of operation is highly dependent on the access point and environment - but is roughly equivalent to other high-quality phones, tablets, or PCs. @@ -63,9 +63,9 @@ appliesto: 1. Yes 1. **Is there an ability to control or disable the use of ports on the device?** 1. The HoloLens only contains 2 ports (one for headphones and one for charging or connecting to PCs). There is not ability to disable the port due to functionality and recovery reasons. -1. **Antivirus, end point detection, IPS, app control whitelist – Any ability to run antivirus, end point detection, IPS, app control whitelist, etc.** +1. **Antivirus, end point detection, IPS, app control allow list – Any ability to run antivirus, end point detection, IPS, app control allow list, etc.** 1. Windows Holographic for Business (commercial suite) does support Windows Defender Smart Screen. If an antivirus company were to create and publish their app to the Universal Windows Platform, it could be downloaded on HoloLens. At present, no companies have done this for HoloLens. - 1. Whitelisting apps is possible by using the Microsoft Enterprise Store, where you can choose only what specific apps can be downloaded. Also, through MDM you can lock what specific apps can be run or even seen on the device. + 1. Allowing apps is possible by using the Microsoft Enterprise Store, where you can choose only what specific apps can be downloaded. Also, through MDM you can lock what specific apps can be run or even seen on the device. 1. **Can we quarantine the device from prod network until we update the device if it has been offline for an extended period of time? Ex. Device has been sitting in a drawer not powered up for a period (6 months) and has not received any updates, patches, etc. When it tries to come on the network can we flag it and say you must update on another network prior to being complaint to join the network.** 1. This is something that can be managed on the infrastructure level by either an MDM or an on-prem server. The device can be flagged as not compliant if it does not meet a specified Update version. 1. **Does Microsoft include any back doors or access to services that allows Microsoft to connect to the device for screen sharing or remote support at will?** @@ -85,7 +85,7 @@ appliesto: 1. C3K1855 1. **What frequency range and channels does the device operate on and is it configurable?** 1. Wi-Fi: The frequency range is not user configurable and depends on the country of use. In the US Wi-Fi uses both 2.4 GHz (1-11) channels and 5 GHz (36-64, 100-165) channels. -1. **Can the device blacklist or white list specific frequencies?** +1. **Can the device allow or block specific frequencies?** 1. This is not controllable by the user/device 1. **What is the power level for both transmit and receive? Is it adjustable? What is the range of operation?** 1. Wireless power levels depend on the channel of operation. Devices are calibrated to perform at the highest power levels allowed based on the region's regulatory rules. @@ -113,9 +113,9 @@ appliesto: 1. Yes 1. **Is there an ability to control or disable the use of ports on the device?** 1. The HoloLens only contains 2 ports (one for headphones and one for charging or connecting to PCs). There is not ability to disable the port due to functionality and recovery reasons. -1. **Antivirus, end point detection, IPS, app control whitelist – Any ability to run antivirus, end point detection, IPS, app control whitelist, etc.** +1. **Antivirus, end point detection, IPS, app control allow – Any ability to run antivirus, end point detection, IPS, app control allow, etc.** 1. HoloLens 2nd Gen supports Windows Defender Smart Screen. If an antivirus company were to create and publish their app to the Universal Windows Platform, it could be downloaded on HoloLens. At present, no companies have done this for HoloLens. - 1. Whitelisting apps is possible by using the Microsoft Enterprise Store, where you can choose only what specific apps can be downloaded. Also, through MDM you can lock what specific apps can be run or even seen on the device. + 1. Allowing apps is possible by using the Microsoft Enterprise Store, where you can choose only what specific apps can be downloaded. Also, through MDM you can lock what specific apps can be run or even seen on the device. 1. **Can we quarantine the device from prod network until we update the device if it has been offline for an extended period of time? Ex. Device has been sitting in a drawer not powered up for a period (6 months) and has not received any updates, patches, etc. When it tries to come on the network can we flag it and say you must update on another network prior to being complaint to join the network.** 1. This is something that can be managed on the infrastructure level by either an MDM or an on-prem server. The device can be flagged as not compliant if it does not meet a specified Update version. 1. **Does Microsoft include any back doors or access to services that allows Microsoft to connect to the device for screen sharing or remote support at will?** diff --git a/devices/hololens/hololens-offline.md b/devices/hololens/hololens-offline.md index b9ee084421..e16ee7df6f 100644 --- a/devices/hololens/hololens-offline.md +++ b/devices/hololens/hololens-offline.md @@ -22,7 +22,7 @@ appliesto: # Manage connection endpoints for HoloLens -Some HoloLens components, apps, and related services transfer data to Microsoft network endpoints. This article lists different endpoints and URLs that need to be whitelisted in your network configuration (e.g. proxy or firewall) for those components to be functional. +Some HoloLens components, apps, and related services transfer data to Microsoft network endpoints. This article lists different endpoints and URLs that need to be allowed in your network configuration (e.g. proxy or firewall) for those components to be functional. ## Near-offline setup diff --git a/devices/hololens/hololens-requirements.md b/devices/hololens/hololens-requirements.md index c8be6947ae..a175ddd5eb 100644 --- a/devices/hololens/hololens-requirements.md +++ b/devices/hololens/hololens-requirements.md @@ -23,7 +23,7 @@ This document also assumes that the HoloLens has been evaluated by security team 1. [Determine what features you need](hololens-requirements.md#step-1-determine-what-you-need) 1. [Determine what licenses you need](hololens-licenses-requirements.md) 1. [Configure your network for HoloLens](hololens-commercial-infrastructure.md). - 1. This section includes bandwidth requirements, URL, and ports that need to be whitelisted on your firewall; Azure AD guidance; Mobile Device Management (MDM) Guidance; app deployment/management guidance; and certificate guidance. + 1. This section includes bandwidth requirements, URL, and ports that need to be allowed on your firewall; Azure AD guidance; Mobile Device Management (MDM) Guidance; app deployment/management guidance; and certificate guidance. 1. (Optional) [Configure HoloLens using a provisioning package](hololens-provisioning.md) 1. [Enroll Device](hololens-enroll-mdm.md) 1. [Set up ring based updates for HoloLens](hololens-updates.md) diff --git a/devices/surface-hub/apply-activesync-policies-for-surface-hub-device-accounts.md b/devices/surface-hub/apply-activesync-policies-for-surface-hub-device-accounts.md index 66dd43f75c..8c94fbb5fe 100644 --- a/devices/surface-hub/apply-activesync-policies-for-surface-hub-device-accounts.md +++ b/devices/surface-hub/apply-activesync-policies-for-surface-hub-device-accounts.md @@ -21,10 +21,10 @@ The Microsoft Surface Hub's device account uses ActiveSync to sync mail and cale For these features to work, the ActiveSync policies for your organization must be configured as follows: -- There can't be any global policies that block synchronization of the resource mailbox that's being used by the Surface Hub’s device account. If there is such a blocking policy, you need to whitelist the Surface Hub as an allowed device. +- There can't be any global policies that block synchronization of the resource mailbox that's being used by the Surface Hub’s device account. If there is such a blocking policy, you need to add the Surface Hub as an allowed device. - You must set a mobile device mailbox policy where the **PasswordEnabled** setting is set to False. Other mobile device mailbox policy settings are not compatible with the Surface Hub. -## Whitelisting the DeviceID +## Allowing the DeviceID Your organization may have a global policy that prevents syncing of device accounts provisioned on Surface Hubs. To configure this property, see [Allowing device IDs for ActiveSync](appendix-a-powershell-scripts-for-surface-hub.md#whitelisting-device-ids-cmdlet). diff --git a/devices/surface-hub/create-and-test-a-device-account-surface-hub.md b/devices/surface-hub/create-and-test-a-device-account-surface-hub.md index 8985f70c9d..b5ce94c19a 100644 --- a/devices/surface-hub/create-and-test-a-device-account-surface-hub.md +++ b/devices/surface-hub/create-and-test-a-device-account-surface-hub.md @@ -38,7 +38,7 @@ This table explains the main steps and configuration decisions when you create a | 2 | Configure mailbox properties | The mailbox must be configured with the correct properties to enable the best meeting experience on Surface Hub. For more information on mailbox properties, see [Mailbox properties](exchange-properties-for-surface-hub-device-accounts.md). | | 3 | Apply a compatible mobile device mailbox policy to the mailbox | Surface Hub is managed using mobile device management (MDM) rather than through mobile device mailbox policies. For compatibility, the device account must have a mobile device mailbox policy where the **PasswordEnabled** setting is set to False. Otherwise, Surface Hub can't sync mail and calendar info. | | 4 | Enable mailbox with Skype for Business (Lync Server 2013 or later, or Skype for Business Online) | Skype for Business must be enabled to use conferencing features like video calls, IM, and screen sharing. | -| 5 | (Optional) Whitelist ActiveSync Device ID | Your organization may have a global policy that prevents device accounts from syncing mail and calendar info. If so, you need to whitelist the ActiveSync Device ID of your Surface Hub. | +| 5 | (Optional) Whitelist ActiveSync Device ID | Your organization may have a global policy that prevents device accounts from syncing mail and calendar info. If so, you need to allow the ActiveSync Device ID of your Surface Hub. | | 6 | (Optional) Disable password expiration | To simplify management, you can turn off password expiration for the device account and allow Surface Hub to automatically rotate the device account password. For more information about password management, see [Password management](password-management-for-surface-hub-device-accounts.md). | ## Detailed configuration steps diff --git a/devices/surface-hub/troubleshoot-surface-hub.md b/devices/surface-hub/troubleshoot-surface-hub.md index 4a30281eff..06b493c24d 100644 --- a/devices/surface-hub/troubleshoot-surface-hub.md +++ b/devices/surface-hub/troubleshoot-surface-hub.md @@ -415,7 +415,7 @@ Possible fixes for issues with Surface Hub first-run program.

    Can't sync mail/calendar.

    The account has not allowed the Surface Hub as an allowed device.

    0x86000C1C

    -

    Add the Surface Hub device ID to the whitelist by setting the ActiveSyncAllowedDeviceIds property for the mailbox.

    +

    Add the Surface Hub device ID to the allowed list by setting the ActiveSyncAllowedDeviceIds property for the mailbox.

    diff --git a/windows/client-management/mdm/applicationcontrol-csp.md b/windows/client-management/mdm/applicationcontrol-csp.md index 4293995ef5..9cb53ea100 100644 --- a/windows/client-management/mdm/applicationcontrol-csp.md +++ b/windows/client-management/mdm/applicationcontrol-csp.md @@ -1,7 +1,7 @@ --- title: ApplicationControl CSP description: The ApplicationControl CSP allows you to manage multiple Windows Defender Application Control (WDAC) policies from a MDM server. -keywords: whitelisting, security, malware +keywords: security, malware ms.author: dansimp ms.topic: article ms.prod: w10 diff --git a/windows/client-management/mdm/applocker-csp.md b/windows/client-management/mdm/applocker-csp.md index 3a1f4b6002..ea7d1567cb 100644 --- a/windows/client-management/mdm/applocker-csp.md +++ b/windows/client-management/mdm/applocker-csp.md @@ -869,7 +869,7 @@ The following list shows the apps that may be included in the inbox. -## Whitelist examples +## Allow list examples The following example disables the calendar application. diff --git a/windows/client-management/mdm/healthattestation-csp.md b/windows/client-management/mdm/healthattestation-csp.md index 3870f7d385..e24210c9e0 100644 --- a/windows/client-management/mdm/healthattestation-csp.md +++ b/windows/client-management/mdm/healthattestation-csp.md @@ -748,13 +748,13 @@ Each of these are described in further detail in the following sections, along w **PCR0**

    The measurement that is captured in PCR[0] typically represents a consistent view of the Host Platform between boot cycles. It contains a measurement of components that are provided by the host platform manufacturer.

    -

    Enterprise managers can create a whitelist of trusted PCR[0] values, compare the PCR[0] value of the managed devices (the value that is verified and reported by HAS) with the whitelist, and then make a trust decision based on the result of the comparison.

    +

    Enterprise managers can create a allow list of trusted PCR[0] values, compare the PCR[0] value of the managed devices (the value that is verified and reported by HAS) with the allow list, and then make a trust decision based on the result of the comparison.

    -

    If your enterprise does not have a whitelist of accepted PCR[0] values, then take no action.

    +

    If your enterprise does not have a allow list of accepted PCR[0] values, then take no action.

    -

    If PCR[0] equals an accepted whitelisted value, then allow access.

    +

    If PCR[0] equals an accepted allow list value, then allow access.

    -

    If PCR[0] does not equal any accepted whitelisted value, then take one of the following actions that align with your enterprise policies:

    +

    If PCR[0] does not equal any accepted listed value, then take one of the following actions that align with your enterprise policies:

    - Disallow all access - Direct the device to an enterprise honeypot, to further monitor the device's activities. @@ -762,9 +762,9 @@ Each of these are described in further detail in the following sections, along w **SBCPHash**

    SBCPHash is the finger print of the Custom Secure Boot Configuration Policy (SBCP) that was loaded during boot in Windows devices, except PCs.

    -

    If SBCPHash is not present, or is an accepted (whitelisted) value, then allow access. +

    If SBCPHash is not present, or is an accepted allow-listed value, then allow access. -

    If SBCPHash is present in DHA-Report, and is not a whitelisted value, then take one of the following actions that align with your enterprise policies:

    +

    If SBCPHash is present in DHA-Report, and is not a allow-listed value, then take one of the following actions that align with your enterprise policies:

    - Disallow all access - Place the device in a watch list to monitor the device more closely for potential risks. @@ -772,9 +772,9 @@ Each of these are described in further detail in the following sections, along w **CIPolicy**

    This attribute indicates the Code Integrity policy that is controlling the security of the boot environment.

    -

    If CIPolicy is not present, or is an accepted (whitelisted) value, then allow access.

    +

    If CIPolicy is not present, or is an accepted allow-listed value, then allow access.

    -

    If CIPolicy is present and is not a whitelisted value, then take one of the following actions that align with your enterprise policies:

    +

    If CIPolicy is present and is not a allow-listed value, then take one of the following actions that align with your enterprise policies:

    - Disallow all access - Place the device in a watch list to monitor the device more closely for potential risks. diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md index 430601798d..c2b889cfe1 100644 --- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md +++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md @@ -44,7 +44,7 @@ For details about Microsoft mobile device management protocols for Windows 10 s - [Server-initiated unenrollment failure](#server-initiated-unenrollment-failure) - [Certificates causing issues with Wi-Fi and VPN](#certificates-causing-issues-with-wi-fi-and-vpn) - [Version information for mobile devices](#version-information-for-mobile-devices) - - [Upgrading Windows Phone 8.1 devices with app whitelisting using ApplicationRestriction policy has issues](#upgrading-windows-phone-81-devices-with-app-whitelisting-using-applicationrestriction-policy-has-issues) + - [Upgrading Windows Phone 8.1 devices with app allow list using ApplicationRestriction policy has issues](#upgrading-windows-phone-81-devices-with-app-whitelisting-using-applicationrestriction-policy-has-issues) - [Apps dependent on Microsoft Frameworks may get blocked in phones prior to build 10586.218](#apps-dependent-on-microsoft-frameworks-may-get-blocked-in-phones-prior-to-build-10586218) - [Multiple certificates might cause Wi-Fi connection instabilities in Windows 10 Mobile](#multiple-certificates-might-cause-wi-fi-connection-instabilities-in-windows-10-mobile) - [Remote PIN reset not supported in Azure Active Directory joined mobile devices](#remote-pin-reset-not-supported-in-azure-active-directory-joined-mobile-devices) @@ -1747,7 +1747,7 @@ Currently in Windows 10, version 1511, when using the ClientCertificateInstall The software version information from **DevDetail/SwV** does not match the version in **Settings** under **System/About**. -### Upgrading Windows Phone 8.1 devices with app whitelisting using ApplicationRestriction policy has issues +### Upgrading Windows Phone 8.1 devices with app allow-listing using ApplicationRestriction policy has issues - When you upgrade Windows Phone 8.1 devices to Windows 10 Mobile using ApplicationRestrictions with a list of allowed apps, some Windows inbox apps get blocked causing unexpected behavior. To work around this issue, you must include the [inbox apps](applocker-csp.md#inboxappsandcomponents) that you need to your list of allowed apps. @@ -2946,7 +2946,7 @@ How do I turn if off? | The service can be stopped from the "Services" console o AppLocker CSP -

    Added two new SyncML examples (to disable the calendar app and to block usage of the map app) in Whitelist examples.

    +

    Added two new SyncML examples (to disable the calendar app and to block usage of the map app) in Allow list examples.

    DeviceManageability CSP diff --git a/windows/client-management/windows-10-mobile-and-mdm.md b/windows/client-management/windows-10-mobile-and-mdm.md index afb9c4241f..7017e40876 100644 --- a/windows/client-management/windows-10-mobile-and-mdm.md +++ b/windows/client-management/windows-10-mobile-and-mdm.md @@ -533,7 +533,7 @@ Learn more about the [Microsoft Store for Business](/microsoft-store/index). IT administrators can control which apps are allowed to be installed on Windows 10 Mobile devices and how they should be kept up-to-date. -Windows 10 Mobile includes AppLocker, which enables administrators to create allow or disallow (sometimes also called whitelist/blacklist) lists of apps from the Microsoft Store. This capability extends to built-in apps, as well, such as Xbox, Groove, text messaging, email, and calendar, etc. The ability to allow or deny apps helps to ensure that people use their mobile devices for their intended purposes. However, it is not always an easy approach to find a balance between what employees need or request and security concerns. Creating allow or disallow lists also requires keeping up with the changing app landscape in the Microsoft Store. +Windows 10 Mobile includes AppLocker, which enables administrators to create allow or disallow lists of apps from the Microsoft Store. This capability extends to built-in apps, as well, such as Xbox, Groove, text messaging, email, and calendar, etc. The ability to allow or deny apps helps to ensure that people use their mobile devices for their intended purposes. However, it is not always an easy approach to find a balance between what employees need or request and security concerns. Creating allow or disallow lists also requires keeping up with the changing app landscape in the Microsoft Store. For more details, see [AppLocker CSP](https://msdn.microsoft.com/library/windows/hardware/dn920019(v=vs.85).aspx). @@ -970,7 +970,7 @@ This is a list of attributes that are supported by DHA and can trigger the corre - **Boot Manager Version** The version of the Boot Manager running on the device. The HAS can check this version to determine whether the most current Boot Manager is running, which is more secure (trusted). - **Code integrity version** Specifies the version of code that is performing integrity checks during the boot sequence. The HAS can check this version to determine whether the most current version of code is running, which is more secure (trusted). - **Secure Boot Configuration Policy (SBCP) present** Whether the hash of the custom SBCP is present. A device with an SBCP hash present is more trustworthy than a device without an SBCP hash. -- **Boot cycle whitelist** The view of the host platform between boot cycles as defined by the manufacturer compared to a published whitelist. A device that complies with the whitelist is more trustworthy (secure) than a device that is noncompliant. +- **Boot cycle whitelist** The view of the host platform between boot cycles as defined by the manufacturer compared to a published allow list. A device that complies with the allow list is more trustworthy (secure) than a device that is noncompliant. **Example scenario** diff --git a/windows/configuration/wcd/wcd-cellcore.md b/windows/configuration/wcd/wcd-cellcore.md index b9b724b0b7..5e739a99ce 100644 --- a/windows/configuration/wcd/wcd-cellcore.md +++ b/windows/configuration/wcd/wcd-cellcore.md @@ -139,7 +139,7 @@ Select from the following: ### eSim -Configure **FwUpdate** > **AllowedAppIdList** to whitelist apps that are allowed to update the firmware. Obtain the app IDs from the card vendor. +Configure **FwUpdate** > **AllowedAppIdList** to list apps that are allowed to update the firmware. Obtain the app IDs from the card vendor. ### External diff --git a/windows/deployment/update/windows-update-troubleshooting.md b/windows/deployment/update/windows-update-troubleshooting.md index 90805fd151..ed26f9246b 100644 --- a/windows/deployment/update/windows-update-troubleshooting.md +++ b/windows/deployment/update/windows-update-troubleshooting.md @@ -162,7 +162,7 @@ Check that your device can access these Windows Update endpoints: - `http://wustat.windows.com` - `http://ntservicepack.microsoft.com` - Whitelist these endpoints for future use. + White these endpoints for future use. ## Updates aren't downloading from the intranet endpoint (WSUS or Configuration Manager) Windows 10 devices can receive updates from a variety of sources, including Windows Update online, a Windows Server Update Services server, and others. To determine the source of Windows Updates currently being used on a device, follow these steps: diff --git a/windows/deployment/upgrade/upgrade-windows-phone-8-1-to-10.md b/windows/deployment/upgrade/upgrade-windows-phone-8-1-to-10.md index 78d70d0d25..6de193cccb 100644 --- a/windows/deployment/upgrade/upgrade-windows-phone-8-1-to-10.md +++ b/windows/deployment/upgrade/upgrade-windows-phone-8-1-to-10.md @@ -1,113 +1,114 @@ ---- -title: Upgrade Windows Phone 8.1 to Windows 10 Mobile in an MDM environment (Windows 10) -ms.reviewer: -manager: laurawi -ms.author: greglin -description: This article describes how to upgrade eligible Windows Phone 8.1 devices to Windows 10 Mobile using MDM. -keywords: upgrade, update, windows, phone, windows 10, mdm, mobile -ms.prod: w10 -ms.mktglfcycl: deploy -ms.localizationpriority: medium -ms.sitesec: library -ms.pagetype: mdm -audience: itpro author: greg-lindsay -ms.topic: article ---- - -# Upgrade a Windows Phone 8.1 to Windows 10 Mobile with Mobile Device Management (MDM) - -**Applies to** - -- Windows 10 Mobile - -## Summary - -This article describes how system administrators can upgrade eligible Windows Phone 8.1 devices to Windows 10 Mobile using [Mobile Device Management](https://docs.microsoft.com/windows/client-management/mdm/) (MDM). - ->[!IMPORTANT] ->If you are not a system administrator, see the [Windows 10 Mobile Upgrade & Updates](https://www.microsoft.com/windows/windows-10-mobile-upgrade) page for details about updating your Windows 8.1 Mobile device to Windows 10 Mobile using the [Upgrade Advisor](https://www.microsoft.com/store/p/upgrade-advisor/9nblggh0f5g4). - -## Upgrading with MDM - -The Windows Phone 8.1 to Windows 10 Mobile upgrade uses an "opt-in" or "seeker" model. To determine if the device is eligible for an upgrade with MDM, see the [How to determine whether an upgrade is available for a device](#howto-upgrade-available) topic in this article. An eligible device must opt-in to be offered the upgrade. For consumers, the Windows 10 Mobile Upgrade Advisor app is available from the Windows Store to perform the opt-in. For Enterprises, Microsoft is offering a centralized management solution through MDM that can push a management policy to each eligible device to perform the opt-in. - -If you use a list of allowed applications (app whitelisting) with MDM, verify that system applications are whitelisted before you upgrade to Windows 10 Mobile. Also, be aware that there are [known issues](https://msdn.microsoft.com/library/windows/hardware/mt299056.aspx#whitelist) with app whitelisting that could adversely affect the device after you upgrade. - -Some enterprises might want to control the availability of the Windows 10 Mobile upgrade to their users. With the opt-in model, the enterprise can blacklist the Upgrade Advisor app to prevent their users from upgrading prematurely. For more information about how to blacklist the Upgrade Advisor app, see the [How to blacklist the Upgrade Advisor app](#howto-blacklist) section in this article. Enterprises that have blacklisted the Upgrade Advisor app can use the solution described in this article to select the upgrade timing on a per-device basis. - -## More information - -To provide enterprises with a solution that's independent of the Upgrade Advisor, a new registry key in the registry configuration service provider (CSP) is available. A special GUID key value is defined. When Microsoft Update (MU) detects the presence of the registry key value on a device, any available upgrade will be made available to the device. - -### Prerequisites - -- Windows Phone 8.1 device with an available upgrade to Windows 10 Mobile. -- Device connected to Wi-Fi or cellular network to perform scan for upgrade. -- Device is already enrolled with an MDM session. -- Device is able to receive the management policy. -- MDM is capable of pushing the management policy to devices. Minimum version numbers for some popular MDM providers that support this solution are: InTune: 5.0.5565, AirWatch: 8.2, Mobile Iron: 9.0. - -### Instructions for the MDM server - -The registry CSP is used to push the GUID value to the following registry key for which the Open Mobile Alliance (OMA) Device Management (DM) client has Read/Write access and for which the Device Update service has Read access. - -``` -[HKLM\Software\Microsoft\Provisioning\OMADM] -"EnterpriseUpgrade"="d369c9b6-2379-466d-9162-afc53361e3c2” -``` - - -The complete SyncML command for the solution is as follows. Note: The SyncML may vary, depending on your MDM solution. - -``` -SyncML xmlns="SYNCML:SYNCML1.1"> - - - 250 - - - ./Vendor/MSFT/Registry/HKLM/SOFTWARE/Microsoft/Provisioning/OMADM/EnterpriseUpgrade - - - chr - - d369c9b6-2379-466d-9162-afc53361e3c2 - - - - - -``` - -The OMA DM server policy description is provided in the following table: - -|Item |Setting | -|------|------------| -| OMA-URI |./Vendor/MSFT/Registry/HKLM/SOFTWARE/Microsoft/Provisioning/OMADM/EnterpriseUpgrade | -| Data Type |String | -| Value |d369c9b6-2379-466d-9162-afc53361e3c2 | - - -After the device consumes the policy, it will be able to receive an available upgrade. - -To disable the policy, delete the **OMADM** registry key or set the **EnterpriseUpgrade** string value to anything other than the GUID. - -### How to determine whether an upgrade is available for a device - -The Windows 10 Mobile Upgrade Advisor app is not designed or intended for Enterprise customers who want to automate the upgrade process. However, the Windows 10 Mobile Upgrade Advisor app is the best mechanism to determine when an upgrade is available. The app dynamically queries whether the upgrade is released for this device model and associated mobile operator (MO). - -We recommend that enterprises use a pilot device with the Windows 10 Mobile Upgrade Advisor app installed. The pilot device provides the device model and MO used by the enterprise. When you run the app on the pilot device, it will tell you that either an upgrade is available, that the device is eligible for upgrade, or that an upgrade is not available for this device. - -Note: The availability of Windows 10 Mobile as an update for existing Windows Phone 8.1 devices varies by device manufacturer, device model, country or region, mobile operator or service provider, hardware limitations, and other factors. To check for compatibility and other important installation information, see the [Windows 10 Mobile FAQ](https://support.microsoft.com/help/10599/windows-10-mobile-how-to-get) page. - -### How to blacklist the Upgrade Advisor app - -Some enterprises may want to block their users from installing the Windows 10 Mobile Upgrade Advisor app. With Windows Phone 8.1, you can allow or deny individual apps by adding specific app publishers or the app globally unique identifier (GUID) from the Window Phone Store to an allow or deny XML list. The GUID for a particular application can be found in the URL for the app in the phone store. For example, the GUID to the Windows 10 Mobile Upgrade Adviser (fbe47e4f-7769-4103-910e-dca8c43e0b07) is displayed in the following URL: - -http://windowsphone.com/s?appid=fbe47e4f-7769-4103-910e-dca8c43e0b07 - -For more information about how to do this, see [Try it out: restrict Windows Phone 8.1 apps](https://technet.microsoft.com/windows/dn771706.aspx). - -## Related topics - -[Windows 10 Mobile and mobile device management](/windows/client-management/windows-10-mobile-and-mdm) +--- +title: Upgrade Windows Phone 8.1 to Windows 10 Mobile in an MDM environment (Windows 10) +ms.reviewer: +manager: laurawi +ms.author: greglin +description: This article describes how to upgrade eligible Windows Phone 8.1 devices to Windows 10 Mobile using MDM. +keywords: upgrade, update, windows, phone, windows 10, mdm, mobile +ms.prod: w10 +ms.mktglfcycl: deploy +ms.localizationpriority: medium +ms.sitesec: library +ms.pagetype: mdm +audience: itpro +author: greg-lindsay +ms.topic: article +--- + +# Upgrade a Windows Phone 8.1 to Windows 10 Mobile with Mobile Device Management (MDM) + +**Applies to** + +- Windows 10 Mobile + +## Summary + +This article describes how system administrators can upgrade eligible Windows Phone 8.1 devices to Windows 10 Mobile using [Mobile Device Management](https://docs.microsoft.com/windows/client-management/mdm/) (MDM). + +>[!IMPORTANT] +>If you are not a system administrator, see the [Windows 10 Mobile Upgrade & Updates](https://www.microsoft.com/windows/windows-10-mobile-upgrade) page for details about updating your Windows 8.1 Mobile device to Windows 10 Mobile using the [Upgrade Advisor](https://www.microsoft.com/store/p/upgrade-advisor/9nblggh0f5g4). + +## Upgrading with MDM + +The Windows Phone 8.1 to Windows 10 Mobile upgrade uses an "opt-in" or "seeker" model. To determine if the device is eligible for an upgrade with MDM, see the [How to determine whether an upgrade is available for a device](#howto-upgrade-available) topic in this article. An eligible device must opt-in to be offered the upgrade. For consumers, the Windows 10 Mobile Upgrade Advisor app is available from the Windows Store to perform the opt-in. For Enterprises, Microsoft is offering a centralized management solution through MDM that can push a management policy to each eligible device to perform the opt-in. + +If you use a list of allowed applications (app allow listing) with MDM, verify that system applications are allow-listed before you upgrade to Windows 10 Mobile. Also, be aware that there are [known issues](https://msdn.microsoft.com/library/windows/hardware/mt299056.aspx#whitelist) with app allow-lists that could adversely affect the device after you upgrade. + +Some enterprises might want to control the availability of the Windows 10 Mobile upgrade to their users. With the opt-in model, the enterprise can block the Upgrade Advisor app to prevent their users from upgrading prematurely. For more information about how to restrict the Upgrade Advisor app, see the [How to restrict the Upgrade Advisor app](#howto-restrict) section in this article. Enterprises that have restricted the Upgrade Advisor app can use the solution described in this article to select the upgrade timing on a per-device basis. + +## More information + +To provide enterprises with a solution that's independent of the Upgrade Advisor, a new registry key in the registry configuration service provider (CSP) is available. A special GUID key value is defined. When Microsoft Update (MU) detects the presence of the registry key value on a device, any available upgrade will be made available to the device. + +### Prerequisites + +- Windows Phone 8.1 device with an available upgrade to Windows 10 Mobile. +- Device connected to Wi-Fi or cellular network to perform scan for upgrade. +- Device is already enrolled with an MDM session. +- Device is able to receive the management policy. +- MDM is capable of pushing the management policy to devices. Minimum version numbers for some popular MDM providers that support this solution are: InTune: 5.0.5565, AirWatch: 8.2, Mobile Iron: 9.0. + +### Instructions for the MDM server + +The registry CSP is used to push the GUID value to the following registry key for which the Open Mobile Alliance (OMA) Device Management (DM) client has Read/Write access and for which the Device Update service has Read access. + +``` +[HKLM\Software\Microsoft\Provisioning\OMADM] +"EnterpriseUpgrade"="d369c9b6-2379-466d-9162-afc53361e3c2” +``` + + +The complete SyncML command for the solution is as follows. Note: The SyncML may vary, depending on your MDM solution. + +``` +SyncML xmlns="SYNCML:SYNCML1.1"> + + + 250 + + + ./Vendor/MSFT/Registry/HKLM/SOFTWARE/Microsoft/Provisioning/OMADM/EnterpriseUpgrade + + + chr + + d369c9b6-2379-466d-9162-afc53361e3c2 + + + + + +``` + +The OMA DM server policy description is provided in the following table: + +|Item |Setting | +|------|------------| +| OMA-URI |./Vendor/MSFT/Registry/HKLM/SOFTWARE/Microsoft/Provisioning/OMADM/EnterpriseUpgrade | +| Data Type |String | +| Value |d369c9b6-2379-466d-9162-afc53361e3c2 | + + +After the device consumes the policy, it will be able to receive an available upgrade. + +To disable the policy, delete the **OMADM** registry key or set the **EnterpriseUpgrade** string value to anything other than the GUID. + +### How to determine whether an upgrade is available for a device + +The Windows 10 Mobile Upgrade Advisor app is not designed or intended for Enterprise customers who want to automate the upgrade process. However, the Windows 10 Mobile Upgrade Advisor app is the best mechanism to determine when an upgrade is available. The app dynamically queries whether the upgrade is released for this device model and associated mobile operator (MO). + +We recommend that enterprises use a pilot device with the Windows 10 Mobile Upgrade Advisor app installed. The pilot device provides the device model and MO used by the enterprise. When you run the app on the pilot device, it will tell you that either an upgrade is available, that the device is eligible for upgrade, or that an upgrade is not available for this device. + +Note: The availability of Windows 10 Mobile as an update for existing Windows Phone 8.1 devices varies by device manufacturer, device model, country or region, mobile operator or service provider, hardware limitations, and other factors. To check for compatibility and other important installation information, see the [Windows 10 Mobile FAQ](https://support.microsoft.com/help/10599/windows-10-mobile-how-to-get) page. + +### How to restrict the Upgrade Advisor app + +Some enterprises may want to block their users from installing the Windows 10 Mobile Upgrade Advisor app. With Windows Phone 8.1, you can allow or deny individual apps by adding specific app publishers or the app globally unique identifier (GUID) from the Window Phone Store to an allow or deny XML list. The GUID for a particular application can be found in the URL for the app in the phone store. For example, the GUID to the Windows 10 Mobile Upgrade Adviser (fbe47e4f-7769-4103-910e-dca8c43e0b07) is displayed in the following URL: + +http://windowsphone.com/s?appid=fbe47e4f-7769-4103-910e-dca8c43e0b07 + +For more information about how to do this, see [Try it out: restrict Windows Phone 8.1 apps](https://technet.microsoft.com/windows/dn771706.aspx). + +## Related topics + +[Windows 10 Mobile and mobile device management](/windows/client-management/windows-10-mobile-and-mdm) diff --git a/windows/deployment/windows-10-enterprise-e3-overview.md b/windows/deployment/windows-10-enterprise-e3-overview.md index e4cadbe165..c36f0c2cdc 100644 --- a/windows/deployment/windows-10-enterprise-e3-overview.md +++ b/windows/deployment/windows-10-enterprise-e3-overview.md @@ -105,7 +105,7 @@ Windows 10 Enterprise edition has a number of features that are unavailable in

    AppLocker management

    -

    This feature helps IT pros determine which applications and files users can run on a device (also known as “whitelisting”). The applications and files that can be managed include executable files, scripts, Windows Installer files, dynamic-link libraries (DLLs), packaged apps, and packaged app installers.

    +

    This feature helps IT pros determine which applications and files users can run on a device. The applications and files that can be managed include executable files, scripts, Windows Installer files, dynamic-link libraries (DLLs), packaged apps, and packaged app installers.

    For more information, see AppLocker.

    diff --git a/windows/deployment/windows-autopilot/windows-autopilot-requirements.md b/windows/deployment/windows-autopilot/windows-autopilot-requirements.md index eca7e2bf95..1cf373f277 100644 --- a/windows/deployment/windows-autopilot/windows-autopilot-requirements.md +++ b/windows/deployment/windows-autopilot/windows-autopilot-requirements.md @@ -49,7 +49,7 @@ Windows Autopilot depends on a variety of internet-based services. Access to the - Ensure DNS name resolution for internet DNS names - Allow access to all hosts via port 80 (HTTP), 443 (HTTPS), and 123 (UDP/NTP) -In environments that have more restrictive Internet access, or for those that require authentication before internet access can be obtained, additional configuration may be required to whitelist access to the required services. For additional details about each of these services and their specific requirements, review the following details: +In environments that have more restrictive Internet access, or for those that require authentication before internet access can be obtained, additional configuration may be required to allow access to the required services. For additional details about each of these services and their specific requirements, review the following details: - From ea4c2f59707baf4abc765495e8800c8a1812230f Mon Sep 17 00:00:00 2001 From: Tina Burden Date: Mon, 15 Jun 2020 09:41:16 -0700 Subject: [PATCH 56/73] pencil edit --- .../deployment/update/update-compliance-configuration-manual.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/update/update-compliance-configuration-manual.md b/windows/deployment/update/update-compliance-configuration-manual.md index 1387e22018..de0fe72583 100644 --- a/windows/deployment/update/update-compliance-configuration-manual.md +++ b/windows/deployment/update/update-compliance-configuration-manual.md @@ -55,7 +55,7 @@ All Group Policies that need to be configured for Update Compliance are under ** |---------------------------|-|-----------------------------------------------------------| |**Configure the Commercial ID** |[Your CommercialID](update-compliance-get-started.md#get-your-commercialid) | Identifies the device as belonging to your organization. | |**Allow Telemetry** | 1 - Basic |Configures the maximum allowed diagnostic data to be sent to Microsoft. Individual users can still set this lower than what the policy defines. See the following policy for more information. | -|**Configure telemetry opt-in setting user interface** | 1 - Disable telemetry opt-in Settings |(in Windows 10, version 1803 and later) Determines whether end-users of the device can adjust diagnostic data to levels lower than the level defined by AllowTelemetry. We recommend that you disable this polic, otherwise the effective diagnostic data level on devices might not be sufficient. | +|**Configure telemetry opt-in setting user interface** | 1 - Disable telemetry opt-in Settings |(in Windows 10, version 1803 and later) Determines whether end-users of the device can adjust diagnostic data to levels lower than the level defined by AllowTelemetry. We recommend that you disable this policy, otherwise the effective diagnostic data level on devices might not be sufficient. | |**Allow device name to be sent in Windows diagnostic data** | 1 - Enabled | Allows device name to be sent for Windows Diagnostic Data. If this policy is Not Configured or Disabled, Device Name will not be sent and will not be visible in Update Compliance, showing `#` instead. | ## Required endpoints From 9fe5b1d944155b8fc6bc4511fd97787bc5c49134 Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Mon, 15 Jun 2020 09:41:18 -0700 Subject: [PATCH 57/73] fixing anchor link --- windows/client-management/mdm/applocker-csp.md | 2 +- .../mdm/new-in-windows-mdm-enrollment-management.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/client-management/mdm/applocker-csp.md b/windows/client-management/mdm/applocker-csp.md index 973ba78922..4fe03939a0 100644 --- a/windows/client-management/mdm/applocker-csp.md +++ b/windows/client-management/mdm/applocker-csp.md @@ -868,7 +868,7 @@ The following list shows the apps that may be included in the inbox. -## Allow list examples +## Allow list examples The following example disables the calendar application. diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md index aa8a5bcf89..2927d154d3 100644 --- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md +++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md @@ -2945,7 +2945,7 @@ How do I turn if off? | The service can be stopped from the "Services" console o - From 618f27b95fc12be3abfc3e2d71c45da19d611a74 Mon Sep 17 00:00:00 2001 From: Tina Burden Date: Mon, 15 Jun 2020 09:57:21 -0700 Subject: [PATCH 58/73] pencil edits --- windows/deployment/update/windows-update-resources.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/deployment/update/windows-update-resources.md b/windows/deployment/update/windows-update-resources.md index c3631a707c..1100e81433 100644 --- a/windows/deployment/update/windows-update-resources.md +++ b/windows/deployment/update/windows-update-resources.md @@ -56,19 +56,19 @@ The following resources provide additional information about using Windows Updat ``` 4. If this is your first attempt at resolving your Windows Update issues by using the steps in this article, go to step 5 without carrying out the steps in step 4. The steps in step 4 should only be performed at this point in the troubleshooting if you cannot resolve your Windows Update issues after following all steps but step 4. The steps in step 4 are also performed by the "Aggressive" mode of the Fix it Solution above. 1. Rename the following folders to *.BAK: - ``` + ```console %systemroot%\SoftwareDistribution\DataStore %systemroot%\SoftwareDistribution\Download %systemroot%\system32\catroot2 ``` To do this, type the following commands at a command prompt. Press ENTER after you type each command. - ``` + ```console Ren %systemroot%\SoftwareDistribution\DataStore *.bak Ren %systemroot%\SoftwareDistribution\Download *.bak Ren %systemroot%\system32\catroot2 *.bak ``` 2. Reset the BITS service and the Windows Update service to the default security descriptor. To do this, type the following commands at a command prompt. Press ENTER after you type each command. - ``` + ```console sc.exe sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU) sc.exe sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU) ``` From 55d3990b163826de1853c373d381b0f79e524686 Mon Sep 17 00:00:00 2001 From: Dani Halfin Date: Mon, 15 Jun 2020 09:59:00 -0700 Subject: [PATCH 59/73] updating toc --- windows/security/threat-protection/TOC.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index 41e116ecca..25821bd270 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -264,6 +264,7 @@ #### [Alerts queue]() ##### [View and organize the Alerts queue](microsoft-defender-atp/alerts-queue.md) +##### [Review alerts](windows/security/threat-protection/microsoft-defender-atp/review-alerts.md) ##### [Manage alerts](microsoft-defender-atp/manage-alerts.md) ##### [Investigate alerts](microsoft-defender-atp/investigate-alerts.md) ##### [Investigate files](microsoft-defender-atp/investigate-files.md) From c1c122c82606dbd4f2f9c4f12f311d22621f73eb Mon Sep 17 00:00:00 2001 From: Tina Burden Date: Mon, 15 Jun 2020 10:12:12 -0700 Subject: [PATCH 60/73] pencil edits --- .../update/windows-update-resources.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/windows/deployment/update/windows-update-resources.md b/windows/deployment/update/windows-update-resources.md index 1100e81433..60c38e2f82 100644 --- a/windows/deployment/update/windows-update-resources.md +++ b/windows/deployment/update/windows-update-resources.md @@ -42,16 +42,16 @@ The following resources provide additional information about using Windows Updat ## Reset Windows Update components manually 1. Open a Windows command prompt. To open a command prompt, click **Start > Run**. Copy and paste (or type) the following command and then press ENTER: - ``` + ```console cmd ``` 2. Stop the BITS service and the Windows Update service. To do this, type the following commands at a command prompt. Press ENTER after you type each command. - ``` + ```console net stop bits net stop wuauserv ``` 3. Delete the qmgr\*.dat files. To do this, type the following command at a command prompt, and then press ENTER: - ``` + ```console Del "%ALLUSERSPROFILE%\Application Data\Microsoft\Network\Downloader\qmgr*.dat" ``` 4. If this is your first attempt at resolving your Windows Update issues by using the steps in this article, go to step 5 without carrying out the steps in step 4. The steps in step 4 should only be performed at this point in the troubleshooting if you cannot resolve your Windows Update issues after following all steps but step 4. The steps in step 4 are also performed by the "Aggressive" mode of the Fix it Solution above. @@ -73,12 +73,12 @@ The following resources provide additional information about using Windows Updat sc.exe sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU) ``` 5. Type the following command at a command prompt, and then press ENTER: - ``` + ```console cd /d %windir%\system32 ``` 6. Reregister the BITS files and the Windows Update files. To do this, type the following commands at a command prompt. Press ENTER after you type each command. - ``` + ```console regsvr32.exe atl.dll regsvr32.exe urlmon.dll regsvr32.exe mshtml.dll @@ -118,20 +118,20 @@ The following resources provide additional information about using Windows Updat ``` 7. Reset Winsock. To do this, type the following command at a command prompt, and then press ENTER: - ``` + ```console netsh winsock reset ``` 8. If you are running Windows XP or Windows Server 2003, you have to set the proxy settings. To do this, type the following command at a command prompt, and then press ENTER: - ``` + ```console proxycfg.exe -d ``` 9. Restart the BITS service and the Windows Update service. To do this, type the following commands at a command prompt. Press ENTER after you type each command. - ``` + ```console net start bits net start wuauserv ``` 10. If you are running Windows Vista or Windows Server 2008, clear the BITS queue. To do this, type the following command at a command prompt, and then press ENTER: - ``` + ```console bitsadmin.exe /reset /allusers ``` From f1a628d11b63501087ade8ba914e10b699b0ba39 Mon Sep 17 00:00:00 2001 From: Dani Halfin Date: Mon, 15 Jun 2020 10:21:23 -0700 Subject: [PATCH 61/73] fixing links --- .../threat-protection/microsoft-defender-atp/review-alerts.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md index b466653ed7..77259f849c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md @@ -93,7 +93,6 @@ When making the move to the new alert page you will notice that we have centrali ## Related topics -- [Incidents overview](incidents-overview.md) +- [View and organize the incidents queue](view-incidents-queue.md) - [Investigate incidents](investigate-incidents.md) -- [Prioritize incidents](incident-queue.md) - [Manage incidents](manage-incidents.md) \ No newline at end of file From 3894a42ea3f6646edb2ed8e05fc0415087e6cdc2 Mon Sep 17 00:00:00 2001 From: Dani Halfin Date: Mon, 15 Jun 2020 10:24:28 -0700 Subject: [PATCH 62/73] adding video --- .../threat-protection/microsoft-defender-atp/review-alerts.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md index 77259f849c..068d302539 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md @@ -91,6 +91,10 @@ If you are experiencing a false alert with a line-of-business application, creat When making the move to the new alert page you will notice that we have centralized information from the alert process tree, the incident graph, and the artifact timeline into the [alert story](#investigate-using-the-alert-story), with some information available through the [affected assets](#review-affected-assets) section. Any additional information has been consolidated into the details pane for the relevant entities. +## Video overview of the new alert page + +[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4yiO5] + ## Related topics - [View and organize the incidents queue](view-incidents-queue.md) From e300ab6f5604e2d20d104aa8fa0753068bb4bb97 Mon Sep 17 00:00:00 2001 From: Tina Burden Date: Mon, 15 Jun 2020 10:44:05 -0700 Subject: [PATCH 63/73] pencil edit --- windows/deployment/update/windows-update-troubleshooting.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/update/windows-update-troubleshooting.md b/windows/deployment/update/windows-update-troubleshooting.md index ed26f9246b..967245b7d0 100644 --- a/windows/deployment/update/windows-update-troubleshooting.md +++ b/windows/deployment/update/windows-update-troubleshooting.md @@ -162,7 +162,7 @@ Check that your device can access these Windows Update endpoints: - `http://wustat.windows.com` - `http://ntservicepack.microsoft.com` - White these endpoints for future use. + Allow these endpoints for future use. ## Updates aren't downloading from the intranet endpoint (WSUS or Configuration Manager) Windows 10 devices can receive updates from a variety of sources, including Windows Update online, a Windows Server Update Services server, and others. To determine the source of Windows Updates currently being used on a device, follow these steps: From ef4d801f4ae366e6f137ba848d49abde91884b89 Mon Sep 17 00:00:00 2001 From: Dani Halfin Date: Mon, 15 Jun 2020 10:53:44 -0700 Subject: [PATCH 64/73] pushing out a toc fix --- windows/security/threat-protection/TOC.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index 76ee1d85a4..b8f3f6b5be 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -60,7 +60,6 @@ ##### [System integrity](windows-defender-system-guard/system-guard-how-hardware-based-root-of-trust-helps-protect-windows.md) - #### [Device control]() ##### [Code integrity](device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md) ##### [Control USB devices](device-control/control-usb-devices-using-intune.md) @@ -264,7 +263,7 @@ #### [Alerts queue]() ##### [View and organize the Alerts queue](microsoft-defender-atp/alerts-queue.md) -##### [Review alerts](windows/security/threat-protection/microsoft-defender-atp/review-alerts.md) +##### [Review alerts](microsoft-defender-atp/review-alerts.md) ##### [Manage alerts](microsoft-defender-atp/manage-alerts.md) ##### [Investigate alerts](microsoft-defender-atp/investigate-alerts.md) ##### [Investigate files](microsoft-defender-atp/investigate-files.md) From 624d465c86a81147813c79d68e7a1bbd4fe5bc98 Mon Sep 17 00:00:00 2001 From: Dani Halfin Date: Mon, 15 Jun 2020 10:56:23 -0700 Subject: [PATCH 65/73] fixing video --- .../threat-protection/microsoft-defender-atp/review-alerts.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md index 068d302539..4499b07fc0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md @@ -93,7 +93,7 @@ When making the move to the new alert page you will notice that we have centrali ## Video overview of the new alert page -[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4yiO5] +> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4yiO5] ## Related topics From cd23319dfeb3cbaf989b117cbdd9789fdaa43a91 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Mon, 15 Jun 2020 15:00:08 -0700 Subject: [PATCH 66/73] Update hub-teams-app.md --- devices/surface-hub/hub-teams-app.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/devices/surface-hub/hub-teams-app.md b/devices/surface-hub/hub-teams-app.md index ecc0410e36..d3350b4c38 100644 --- a/devices/surface-hub/hub-teams-app.md +++ b/devices/surface-hub/hub-teams-app.md @@ -7,6 +7,7 @@ ms.sitesec: library author: greglin ms.author: greglin ms.topic: article +ms.date: 06/15/2020 ms.localizationpriority: medium --- @@ -18,6 +19,6 @@ The Microsoft Teams app for Surface Hub is periodically updated and available vi ## Version history | **Store app version** | **Updates** | **Published to Microsoft Store** | | --------------------- | --------------------------------------------------------------------------------------------------- | -------------------------------- | -| 0.2020.13201.0 | - 3x3 Gallery view on Surface Hub
    - Ability to search for External users | June 10, 2020
    **** | -| 0.2020.13201 | - Quality improvements and Bug fixes | June 1, 2020
    **** | +| 0.2020.13201.0 | - 3x3 Gallery view on Surface Hub
    - Ability to search for External users | June 10, 2020
    | +| 0.2020.13201 | - Quality improvements and Bug fixes | June 1, 2020
    | | 0.2020.4301.0 | - Accept incoming PSTN calls on Surface Hub
    - Added controls for Attendee/Presenter role changes | May 21, 2020 | \ No newline at end of file From 05b1d7a1ede9d1785e54e532aaf9d1e004d76d17 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Mon, 15 Jun 2020 16:50:08 -0700 Subject: [PATCH 67/73] Trying to fix build warning, added other fixes --- ...erated-authentication-device-enrollment.md | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/windows/client-management/mdm/federated-authentication-device-enrollment.md b/windows/client-management/mdm/federated-authentication-device-enrollment.md index 69cdc60a1c..01d4daf010 100644 --- a/windows/client-management/mdm/federated-authentication-device-enrollment.md +++ b/windows/client-management/mdm/federated-authentication-device-enrollment.md @@ -18,7 +18,7 @@ This section provides an example of the mobile device enrollment protocol using The <AuthenticationServiceURL> element the discovery response message specifies web authentication broker page start URL. -For details about the Microsoft mobile device enrollment protocol for Windows 10, see [\[MS-MDE2\]: Mobile Device Enrollment Protocol Version 2]( https://go.microsoft.com/fwlink/p/?LinkId=619347). +For details about the Microsoft mobile device enrollment protocol for Windows 10, see [\[MS-MDE2\]: Mobile Device Enrollment Protocol Version 2](https://go.microsoft.com/fwlink/p/?LinkId=619347). ## In this topic @@ -32,7 +32,7 @@ For the list of enrollment scenarios not supported in Windows 10, see [Enrollme The discovery web service provides the configuration information necessary for a user to enroll a phone with a management service. The service is a restful web service over HTTPS (server authentication only). -> [!Note] +> [!NOTE] > The administrator of the discovery service must create a host with the address enterpriseenrollment.*domain\_name*.com. The automatic discovery flow of the device uses the domain name of the email address that was submitted to the Workplace settings screen during sign in. The automatic discovery system constructs a URI that uses this hostname by appending the subdomain “enterpriseenrollment” to the domain of the email address, and by appending the path “/EnrollmentServer/Discovery.svc”. For example, if the email address is “sample@contoso.com”, the resulting URI for first Get request would be: http://enterpriseenrollment.contoso.com/EnrollmentServer/Discovery.svc @@ -41,28 +41,28 @@ The first request is a standard HTTP GET request. The following example shows a request via HTTP GET to the discovery server given user@contoso.com as the email address. -``` +```http Request Full Url: http://EnterpriseEnrollment.contoso.com/EnrollmentServer/Discovery.svc Content Type: unknown Header Byte Count: 153 Body Byte Count: 0 ``` -``` +```http GET /EnrollmentServer/Discovery.svc HTTP/1.1 User-Agent: Windows Phone 8 Enrollment Client Host: EnterpriseEnrollment.contoso.com Pragma: no-cache ``` -``` +```http Request Full Url: http://EnterpriseEnrollment.contoso.com/EnrollmentServer/Discovery.svc Content Type: text/html Header Byte Count: 248 Body Byte Count: 0 ``` -``` +```http HTTP/1.1 200 OK Connection: Keep-Alive Pragma: no-cache @@ -82,7 +82,7 @@ The following logic is applied: The following example shows a request via an HTTP POST command to the discovery web service given user@contoso.com as the email address -``` +```http https://EnterpriseEnrollment.Contoso.com/EnrollmentServer/Discovery.svc ``` @@ -127,7 +127,7 @@ The discovery response is in the XML format and includes the following fields: - Authentication policy (AuthPolicy) – Indicates what type of authentication is required. For the MDM server, OnPremise is the supported value, which means that the user will be authenticated when calling the management service URL. This field is mandatory. - In Windows, Federated is added as another supported value. This allows the server to leverage the Web Authentication Broker to perform customized user authentication, and term of usage acceptance. -> [!Note]   +> [!Note] > The HTTP server response must not set Transfer-Encoding to Chunked; it must be sent as one message. When authentication policy is set to be Federated, Web Authentication Broker (WAB) will be leveraged by the enrollment client to get a security token. The WAB start page URL is provided by the discovery service in the response message. The enrollment client will call the WAB API within the response message to start the WAB process. WAB pages are server hosted web pages. The server should build those pages to fit the device screen nicely and be as consistent as possible to other builds in the MDM enrollment UI. The opaque security token that is returned from WAB as an endpage will be used by the enrollment client as the device security secret during the client certificate enrollment request call. @@ -163,7 +163,7 @@ After authentication is complete, the auth server should return an HTML form doc > [!NOTE] > To make an application compatible with strict Content Security Policy, it is usually necessary to make some changes to HTML templates and client-side code, add the policy header, and test that everything works properly once the policy is deployed. -``` +```html HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Vary: Accept-Encoding @@ -294,7 +294,7 @@ After the user is authenticated, the web service retrieves the certificate templ MS-XCEP supports very flexible enrollment policies using various Complex Types and Attributes. For Windows device, we will first support the minimalKeyLength, the hashAlgorithmOIDReference policies, and the CryptoProviders. The hashAlgorithmOIDReference has related OID and OIDReferenceID and policySchema in the GetPolicesResponse. The policySchema refers to the certificate template version. Version 3 of MS-XCEP supports hashing algorithms. -> [!Note]   +> [!NOTE] > The HTTP server response must not set Transfer-Encoding to Chunked; it must be sent as one message. The following snippet shows the policy web service response. @@ -541,7 +541,7 @@ The following example shows the enrollment web service response. The following code shows sample provisioning XML (presented in the preceding package as a security token): -``` +```xml From af4e70d5caa0f81bab2802d8d6ab315e0ad65c8c Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Mon, 15 Jun 2020 16:53:29 -0700 Subject: [PATCH 68/73] Trying to fix a build warning Suspected issue: Spaces immediately following [!NOTE] on the same line --- windows/client-management/mdm/mobile-device-enrollment.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/mobile-device-enrollment.md b/windows/client-management/mdm/mobile-device-enrollment.md index bb09b8f063..061a5abdb2 100644 --- a/windows/client-management/mdm/mobile-device-enrollment.md +++ b/windows/client-management/mdm/mobile-device-enrollment.md @@ -54,7 +54,7 @@ The following topics describe the end-to-end enrollment process using various au - [Certificate authentication device enrollment](certificate-authentication-device-enrollment.md) - [On-premise authentication device enrollment](on-premise-authentication-device-enrollment.md) -> [!Note]   +> [!Note] > As a best practice, do not use hardcoded server-side checks on values such as: > - User agent string > - Any fixed URIs that are passed during enrollment From c1ec6af8a1495b40cf73596b947d788f332cf5f9 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Mon, 15 Jun 2020 17:39:45 -0700 Subject: [PATCH 69/73] Update index.yml Uses landing page yml template for consistency with Surface devices --- devices/surface-hub/index.yml | 206 +++++++++++++++------------------- 1 file changed, 92 insertions(+), 114 deletions(-) diff --git a/devices/surface-hub/index.yml b/devices/surface-hub/index.yml index 249deba5a0..f91c453b06 100644 --- a/devices/surface-hub/index.yml +++ b/devices/surface-hub/index.yml @@ -1,127 +1,105 @@ -### YamlMime:Hub +### YamlMime:Landing title: Surface Hub documentation # < 60 chars summary: Surface Hub 2S is an all-in-one digital interactive whiteboard, meetings platform, and collaborative computing device. # < 160 chars -# brand: aspnet | azure | dotnet | dynamics | m365 | ms-graph | office | power-bi | power-platform | sql | sql-server | vs | visual-studio | windows | xamarin -brand: windows metadata: title: Surface Hub documentation # Required; page title displayed in search results. Include the brand. < 60 chars. - description: Get started with Microsoft Surface Hub. # Required; article description that is displayed in search results. < 160 chars. - services: product-insights + description: Get started with Microsoft Surface Hub # Required; article description that is displayed in search results. < 160 chars. ms.service: product-insights #Required; service per approved list. service slug assigned to your service by ACOM. - ms.topic: hub-page # Required - ms.prod: surface-hub - ms.technology: windows - audience: ITPro - ms.localizationpriority: medium + ms.topic: landing-page # Required + manager: laurawi author: greg-lindsay #Required; your GitHub user alias, with correct capitalization. ms.author: greglin #Required; microsoft alias of author; optional team alias. - manager: laurawi + audience: itpro + ms.localizationpriority: High -# highlightedContent section (optional) -# Maximum of 8 items -highlightedContent: -# itemType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | sample | tutorial | video | whats-new - items: - # Card - - title: What's new in Surface Hub 2S? - itemType: whats-new - url: surface-hub-2s-whats-new.md - # Card - - title: Surface Hub security overview - itemType: learn - url: surface-hub-security.md - # Card - - title: Manage Surface Hub 2S with Intune - itemType: how-to-guide - url: surface-hub-2s-manage-intune.md - # Card - - title: Operating system essentials - itemType: learn - url: differences-between-surface-hub-and-windows-10-enterprise.md - # Card - - title: Surface Hub 2S Site Readiness Guide - itemType: learn - url: surface-hub-2s-site-readiness-guide.md - # Card - - title: Customize Surface Hub 2S installation - itemType: how-to-guide - url: surface-hub-2s-custom-install.md +# linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | sample | tutorial | video | whats-new -# productDirectory section (optional) -productDirectory: - title: Deploy, manage, and support your Surface Hub devices # < 60 chars (optional) - summary: Find related links to deploy, manage and support your Surface Hub devices. # < 160 chars (optional) - items: +landingContent: +# Cards and links should be based on top customer tasks or top subjects +# Start card title with a verb + # Card (optional) + - title: Surface devices + linkLists: + - linkListType: overview + links: + - text: What's new in Surface Hub 2S? + url: surface-hub-2s-whats-new.md + - text: Surface Hub 2S tech specs + url: surface-hub/surface-hub-2s-techspecs.md + - text: Operating system essentials + url: differences-between-surface-hub-and-windows-10-enterprise.md + + # Card (optional) + - title: Get started + linkLists: + - linkListType: get-started + links: + - text: Surface Hub 2S Site Readiness Guide + url: surface-hub-2s-site-readiness-guide.md + - text: Customize Surface Hub 2S installation + url: surface-hub-2s-custom-install.md + - text: Prepare your environment for Surface Hub 2S + url: surface-hub-2s-prepare-environment.md + + # Card + - title: Deploy Surface Hub + linkLists: + - linkListType: deploy + links: + - text: Surface Hub 2S adoption and training + url: surface-hub-2s-adoption-kit.md + - text: Surface Hub 2S deployment checklist + url: surface-hub-2s-deploy-checklist.md + - text: Create device account + url: surface-hub-2s-account.md + # Card - - title: Deploy - # imageSrc should be square in ratio with no whitespace - imageSrc: https://docs.microsoft.com/office/media/icons/deploy-blue.svg - links: - - url: surface-hub-2s-adoption-kit.md - text: Surface Hub 2S adoption and training - - url: surface-hub-2s-deploy-checklist.md - text: Surface Hub 2S deployment checklist - - url: surface-hub-2s-account.md - text: Create device account - # Card - - title: Manage - imageSrc: https://docs.microsoft.com/office/media/icons/process-flow-blue.svg - links: - - url: surface-hub-2s-manage-intune.md - text: Manage with Intune - - url: local-management-surface-hub-settings.md - text: Manage local settings - # Card - - title: Secure - imageSrc: https://docs.microsoft.com/office/media/icons/security-blue.svg - links: - - url: surface-hub-2s-secure-with-uefi-semm.md - text: Secure with UEFI and SEMM - - url: surface-hub-wifi-direct.md - text: Wi-Fi security considerations - # Card - - title: Troubleshoot - imageSrc: https://docs.microsoft.com/office/media/icons/connector-blue.svg - links: - - url: https://support.microsoft.com/help/4493926 - text: Service and warranty - - url: surface-hub-2s-recover-reset.md - text: Recover & reset Surface Hub 2S - - url: support-solutions-surface-hub.md - text: Surface Hub support solutions - - url: https://support.office.com/article/Enable-Microsoft-Whiteboard-on-Surface-Hub-b5df4539-f735-42ff-b22a-0f5e21be7627 - text: Enable Microsoft Whiteboard on Surface Hub + - title: Manage Surface devices + linkLists: + - linkListType: how-to-guide + links: + - text: Manage Surface Hub 2S with Intune + url: surface-hub-2s-manage-intune.md + - text: Manage local settings + url: local-management-surface-hub-settings.md + - text: Manage Windows updates on Surface Hub + url: manage-windows-updates-for-surface-hub.md -# additionalContent section (optional) -# Card with links style -additionalContent: - # Supports up to 3 sections - sections: - - title: Other content # < 60 chars (optional) - summary: Find related links for videos, community and support. # < 160 chars (optional) - items: - # Card - - title: Get ready for Surface Hub 2S - links: - - text: Ordering Surface Hub 2S - url: https://www.microsoft.com/p/surface-hub-2S/8P62MW6BN9G4?activetab=pivot:overviewtab - - text: Prepare your environment for Surface Hub 2S - url: surface-hub-2s-prepare-environment.md - # Card - - title: Surface Hub 2S Videos - links: - - text: Adoption and training videos - url: surface-hub-2s-adoption-videos.md - - text: Surface Hub 2S with Teams - url: https://www.youtube.com/watch?v=CH2seLS5Wb0 - - text: Surface Hub 2S with Microsoft 365 - url: https://www.youtube.com/watch?v=I4N2lQX4WyI&list=PLXtHYVsvn_b__1Baibdu4elN4SoF3JTBZ&index=7 - # Card - - title: Community - links: - - text: Join the Surface Hub Technical Community - url: https://techcommunity.microsoft.com/t5/Surface-Hub/bd-p/SurfaceHub - - text: Join the Surface Devices Technical Community - url: https://techcommunity.microsoft.com/t5/Surface-Devices/ct-p/SurfaceDevices + # Card + - title: Explore security guidance + linkLists: + - linkListType: learn + links: + - text: Secure and manage Surface Hub 2S with SEMM and UEFI + url: surface-hub-2s-secure-with-uefi-semm.md + - text: Wi-Fi security considerations + url: surface-hub-wifi-direct.md + - text: Surface Hub security overview + url: surface-hub-security.md + + # Card + - title: Troubleshoot Surface Hub + linkLists: + - linkListType: learn + links: + - text: Service and warranty + url: https://support.microsoft.com/help/4493926 + - text: Recover & reset Surface Hub 2S + url: surface-hub-2s-recover-reset.md + - text: Surface Hub support solutions + url: support-solutions-surface-hub.md + + +# Card + - title: Surface Hub 2S Videos + linkLists: + - linkListType: video + links: + - text: Adoption and training videos + url: surface-hub-2s-adoption-videos.md + - text: Surface Hub 2S with Teams + url: https://www.youtube.com/watch?v=CH2seLS5Wb0 + - text: Surface Hub 2S with Microsoft 365 + url: https://www.youtube.com/watch?v=I4N2lQX4WyI&list=PLXtHYVsvn_b__1Baibdu4elN4SoF3JTBZ&index=7 From a08f5f518feb04e74e80245214f22e2c841a6d5a Mon Sep 17 00:00:00 2001 From: Zachariusz Karwacki Date: Mon, 15 Jun 2020 23:19:13 -0700 Subject: [PATCH 70/73] Fix grammar in mac-install-with-intune.md after change https://github.com/MicrosoftDocs/windows-docs-pr/commit/b192690b4bf683fe18aac55f4b4e7a1f11e27360 --- .../microsoft-defender-atp/mac-install-with-intune.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md index d892904b96..2a03c67c16 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md @@ -207,7 +207,7 @@ You may now enroll more devices. You can also enroll them later, after you have ``` -9. To allow Defender and Auto Update for displaying notifications in UI on macOS 10.15 (Catalina), import the following .mobileconfig as a custom payload: +9. To allow Defender and Auto Update to display notifications in UI on macOS 10.15 (Catalina), import the following .mobileconfig as a custom payload: ```xml From 0dd4d0f1c94fb601a83667ba5573eab7f84dc875 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Tue, 16 Jun 2020 09:34:15 -0700 Subject: [PATCH 71/73] Update index.yml --- devices/surface-hub/index.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/surface-hub/index.yml b/devices/surface-hub/index.yml index f91c453b06..a4a4b05f20 100644 --- a/devices/surface-hub/index.yml +++ b/devices/surface-hub/index.yml @@ -27,7 +27,7 @@ landingContent: - text: What's new in Surface Hub 2S? url: surface-hub-2s-whats-new.md - text: Surface Hub 2S tech specs - url: surface-hub/surface-hub-2s-techspecs.md + url: surface-hub-2s-techspecs.md - text: Operating system essentials url: differences-between-surface-hub-and-windows-10-enterprise.md From 04200abca755ddfa35f0c4f90ac6efe1632e41b5 Mon Sep 17 00:00:00 2001 From: jaimeo Date: Tue, 16 Jun 2020 12:16:16 -0700 Subject: [PATCH 72/73] added some material to the cards --- windows/deployment/index.yml | 120 ++++++++++++++--------------------- 1 file changed, 48 insertions(+), 72 deletions(-) diff --git a/windows/deployment/index.yml b/windows/deployment/index.yml index 70fa4b92c9..b065acab3d 100644 --- a/windows/deployment/index.yml +++ b/windows/deployment/index.yml @@ -22,96 +22,72 @@ landingContent: # Cards and links should be based on top customer tasks or top subjects # Start card title with a verb # Card (optional) - - title: Deploy Windows 10 + - title: Get started linkLists: - linkListType: overview links: + - text: What's new + url: windows-10-deployment-scenarios.md - text: Windows 10 deployment scenarios url: windows-10-deployment-scenarios.md - - - linkListType: get-started - links: - - text: Demonstrate Autopilot deployment - url: windows-autopilot/demonstrate-deployment-on-vm.md - - text: Deploy Windows 10 in a test lab - url: windows-10-poc.md + - text: Basics of Windows updates, channels, and tools + url: update/get-started-updates-channels-tools.md # Card (optional) - - title: Update Windows 10 + - title: Plan and prepare linkLists: - linkListType: overview - links: - - text: What is Windows as a service? - url: update/waas-overview.md - - text: Types of Windows updates - url: update/waas-quick-start.md#definitions - - linkListType: get-started - links: - - text: Servicing the Windows 10 operating system - url: update/waas-servicing-strategy-windows-10-updates.md - - - # Card (optional) - - title: Deployment planning - linkLists: - - linkListType: architecture links: - text: Create a deployment plan - url: update/create-deployment-plan.md - - text: Define readiness criteria - url: update/plan-define-readiness.md - - text: Evaluate infrastructure and tools - url: update/eval-infra-tools.md - - text: Determine application readiness - url: update/plan-determine-app-readiness.md - - text: Define your servicing strategy - url: update/waas-servicing-strategy-windows-10-updates.md - - # Card - - title: Prepare to deploy Windows 10 + url: update/create-deployment-plan + - text: Prepare to deploy Windows 10 updates + url: update/prepare-deploy-windows + - text: Prepare updates using Windows Update for Business + url: update/waas-manage-updates-wufb + # Card (optional) + - title: Deploy linkLists: - - linkListType: how-to-guide + - linkListType: overview links: - - text: Prepare for Zero Touch Installation with Configuration Manager - url: deploy-windows-cm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md - - text: Prepare to deploy Windows 10 with MDT - url: deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md - - text: Evaluate and update infrastructure - url: update/update-policies.md - - text: Build a successful servicing strategy - url: update/waas-deployment-rings-windows-10-updates.md + - text: Deploy with Autopilot + url: windows-autopilot/windows-autopilot-scenarios.md + - text: Assign devices to servicing channels + url: update/waas-servicing-channels-windows-10-updates + - text: Deploy Windows updates with Configuration Manager + url: update/deploy-updates-configmgr + + # Card + - title: Keep Windows current + linkLists: + - linkListType: overview + links: + - text: Define servicing strategy + url: update/define-update-strategy.md + - text: JAMES'S CALENDAR BLOG POST + url: windows-autopilot/windows-autopilot-scenarios.md + - text: Optimizing Windows 10 Update Adoption + url: https://www.microsoft.com/download/details.aspx?id=101056 # Card - - title: Deploy and update Windows 10 + - title: Support remote work linkLists: - - linkListType: deploy + - linkListType: overview links: - - text: Windows Autopilot scenarios and capabilities - url: windows-autopilot/windows-autopilot-scenarios.md - - text: Deploy Windows 10 to a new device with Configuration Manager - url: deploy-windows-cm/deploy-windows-10-using-pxe-and-configuration-manager.md - - text: Deploy a Windows 10 image using MDT - url: deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md - - text: Assign devices to servicing channels - url: update/waas-servicing-channels-windows-10-updates.md - - text: Deploy Windows 10 updates - url: update/waas-servicing-channels-windows-10-updates.md - - text: Resolve Windows 10 upgrade errors - url: upgrade/resolve-windows-10-upgrade-errors.md + - text: Deploy Windows 10 for a remote world + url: https://techcommunity.microsoft.com/t5/windows-it-pro-blog/deploying-a-new-version-of-windows-10-in-a-remote-world/ba-p/1419846 + - text: Update infrastructure + url: update/update-policies.md + - text: Build a servicing strategy + url: update/waas-deployment-rings-windows-10-updates.md # Card (optional) - - title: Windows 10 resources + - title: Microsoft Learn linkLists: - - linkListType: reference + - linkListType: overview links: - - text: Windows 10 release information - url: https://docs.microsoft.com/windows/release-information/ - - text: What's new in Windows 10 - url: https://docs.microsoft.com/windows/whats-new/ - - text: Windows 10 Enterprise Security - url: https://docs.microsoft.com/windows/security/ - - text: Desktop Deployment Center - url: https://docs.microsoft.com/microsoft-365/enterprise/desktop-deployment-center-home - - text: Microsoft 365 solution and architecture center - url: https://docs.microsoft.com/microsoft-365/solutions/?view=o365-worldwide - + - text: Plan to deploy updates for Windows 10 and Microsoft 365 Apps + url: https://docs.microsoft.com/learn/modules/windows-plan + - text: Prepare to deploy updates for Windows 10 and Microsoft 365 Apps + url: https://docs.microsoft.com/learn/modules/windows-prepare/ + - text: Deploy updates for Windows 10 and Microsoft 365 Apps + url: https://docs.microsoft.com/learn/modules/windows-deploy \ No newline at end of file From b28c65899da19eb5fddb0be3f89de05577ddbec9 Mon Sep 17 00:00:00 2001 From: jaimeo Date: Tue, 16 Jun 2020 13:32:07 -0700 Subject: [PATCH 73/73] fixing filenames --- windows/deployment/index.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/windows/deployment/index.yml b/windows/deployment/index.yml index b065acab3d..d5a4c3316a 100644 --- a/windows/deployment/index.yml +++ b/windows/deployment/index.yml @@ -39,11 +39,11 @@ landingContent: - linkListType: overview links: - text: Create a deployment plan - url: update/create-deployment-plan + url: update/create-deployment-plan.md - text: Prepare to deploy Windows 10 updates - url: update/prepare-deploy-windows + url: update/prepare-deploy-windows.md - text: Prepare updates using Windows Update for Business - url: update/waas-manage-updates-wufb + url: update/waas-manage-updates-wufb.md # Card (optional) - title: Deploy linkLists: @@ -52,9 +52,9 @@ landingContent: - text: Deploy with Autopilot url: windows-autopilot/windows-autopilot-scenarios.md - text: Assign devices to servicing channels - url: update/waas-servicing-channels-windows-10-updates + url: update/waas-servicing-channels-windows-10-updates.md - text: Deploy Windows updates with Configuration Manager - url: update/deploy-updates-configmgr + url: update/deploy-updates-configmgr.md # Card - title: Keep Windows current
    ServiceInformation
    Windows Autopilot Deployment ServiceAfter a network connection is in place, each Windows 10 device will contact the Windows Autopilot Deployment Service. With Windows 10 version 1903 and above, the following URLs are used: https://ztd.dds.microsoft.com, https://cs.dds.microsoft.com.
    diff --git a/windows/security/threat-protection/auditing/appendix-a-security-monitoring-recommendations-for-many-audit-events.md b/windows/security/threat-protection/auditing/appendix-a-security-monitoring-recommendations-for-many-audit-events.md index d212b266b1..b062a6e72b 100644 --- a/windows/security/threat-protection/auditing/appendix-a-security-monitoring-recommendations-for-many-audit-events.md +++ b/windows/security/threat-protection/auditing/appendix-a-security-monitoring-recommendations-for-many-audit-events.md @@ -27,7 +27,7 @@ This document, the [Advanced security audit policy settings](advanced-security-a | **High-value accounts**: You might have high-value domain or local accounts for which you need to monitor each action.
    Examples of high-value accounts are database administrators, built-in local administrator account, domain administrators, service accounts, domain controller accounts and so on. | Monitor relevant events for the **“Subject\\Security ID”** that corresponds to the high-value account or accounts. | | **Anomalies or malicious actions**: You might have specific requirements for detecting anomalies or monitoring potential malicious actions. For example, you might need to monitor for use of an account outside of working hours. | When you monitor for anomalies or malicious actions, use the **“Subject\\Security ID”** (with other information) to monitor how or when a particular account is being used. | | **Non-active accounts**: You might have non-active, disabled, or guest accounts, or other accounts that should never be used. | Monitor relevant events for the **“Subject\\Security ID”** that corresponds to the accounts that should never be used. | -| **Account whitelist**: You might have a specific whitelist of accounts that are the only ones allowed to perform actions corresponding to particular events. | Monitor the relevant events for **“Subject\\Security ID”** accounts that are outside the whitelist of accounts. | +| **Account allow list**: You might have a specific allow list of accounts that are the only ones allowed to perform actions corresponding to particular events. | Monitor the relevant events for **“Subject\\Security ID”** accounts that are outside the allow list of accounts. | | **Accounts of different types**: You might want to ensure that certain actions are performed only by certain account types, for example, local or domain account, machine or user account, vendor or employee account, and so on. | Identify events that correspond to the actions you want to monitor, and for those events, review the **“Subject\\Security ID”** to see whether the account type is as expected. | | **External accounts**: You might be monitoring accounts from another domain, or “external” accounts that are not allowed to perform certain actions (represented by certain specific events). | Monitor the specific events for the **“Subject\\Account Domain”** corresponding to accounts from another domain or “external” accounts. | | **Restricted-use computers or devices**: You might have certain computers, machines, or devices on which certain people (accounts) should not typically perform any actions. | Monitor the target **Computer:** (or other target device) for actions performed by the **“Subject\\Security ID”** that you are concerned about. | diff --git a/windows/security/threat-protection/auditing/audit-security-system-extension.md b/windows/security/threat-protection/auditing/audit-security-system-extension.md index 50dcccadde..8c764f65c4 100644 --- a/windows/security/threat-protection/auditing/audit-security-system-extension.md +++ b/windows/security/threat-protection/auditing/audit-security-system-extension.md @@ -35,9 +35,9 @@ Attempts to install or load security system extensions or services are critical | Computer Type | General Success | General Failure | Stronger Success | Stronger Failure | Comments | |-------------------|-----------------|-----------------|------------------|------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| Domain Controller | Yes | No | Yes | No | The main reason why we recommend Success auditing for this subcategory is “[4697](event-4697.md)(S): A service was installed in the system.”
    For other events we strongly recommend monitoring a whitelist of allowed security extensions (authenticated packages, logon processes, notification packages, and security packages). Otherwise it's hard to pull useful information from these events, except event 4611 which typically should have “SYSTEM” as value for **“Subject”** field.
    This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. | -| Member Server | Yes | No | Yes | No | The main reason why we recommend Success auditing for this subcategory is “[4697](event-4697.md)(S): A service was installed in the system.”
    For other events we strongly recommend monitoring a whitelist of allowed security extensions (authenticated packages, logon processes, notification packages, and security packages). Otherwise it's hard to pull useful information from these events, except event 4611 which typically should display “SYSTEM” for the **“Subject”** field.
    This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. | -| Workstation | Yes | No | Yes | No | The main reason why we recommend Success auditing for this subcategory is “[4697](event-4697.md)(S): A service was installed in the system.”
    For other events we strongly recommend monitoring a whitelist of allowed security extensions (authenticated packages, logon processes, notification packages, and security packages). Otherwise it's hard to pull useful information from these events, except event 4611 which typically should display “SYSTEM” for the **“Subject”** field.
    This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. | +| Domain Controller | Yes | No | Yes | No | The main reason why we recommend Success auditing for this subcategory is “[4697](event-4697.md)(S): A service was installed in the system.”
    For other events we strongly recommend monitoring an allow list of allowed security extensions (authenticated packages, logon processes, notification packages, and security packages). Otherwise it's hard to pull useful information from these events, except event 4611 which typically should have “SYSTEM” as value for **“Subject”** field.
    This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. | +| Member Server | Yes | No | Yes | No | The main reason why we recommend Success auditing for this subcategory is “[4697](event-4697.md)(S): A service was installed in the system.”
    For other events we strongly recommend monitoring an allow list of allowed security extensions (authenticated packages, logon processes, notification packages, and security packages). Otherwise it's hard to pull useful information from these events, except event 4611 which typically should display “SYSTEM” for the **“Subject”** field.
    This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. | +| Workstation | Yes | No | Yes | No | The main reason why we recommend Success auditing for this subcategory is “[4697](event-4697.md)(S): A service was installed in the system.”
    For other events we strongly recommend monitoring an allow list of allowed security extensions (authenticated packages, logon processes, notification packages, and security packages). Otherwise it's hard to pull useful information from these events, except event 4611 which typically should display “SYSTEM” for the **“Subject”** field.
    This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. | **Events List:** diff --git a/windows/security/threat-protection/auditing/event-4611.md b/windows/security/threat-protection/auditing/event-4611.md index d245a30f27..6862a8d6a8 100644 --- a/windows/security/threat-protection/auditing/event-4611.md +++ b/windows/security/threat-protection/auditing/event-4611.md @@ -108,7 +108,7 @@ For 4611(S): A trusted logon process has been registered with the Local Security - Because this event is typically triggered by the SYSTEM account, we recommend that you report it whenever **“Subject\\Security ID”** is not SYSTEM. -- Typically this event has an informational purpose. If you defined the list of allowed Logon Processes in the system, then you can check is “**Logon Process Name”** field value in the whitelist or not. +- Typically this event has an informational purpose. If you defined the list of allowed Logon Processes in the system, then you can check is “**Logon Process Name”** field value in the allow list or not. - diff --git a/windows/security/threat-protection/auditing/event-4614.md b/windows/security/threat-protection/auditing/event-4614.md index 8dd6e72adc..f86b22408c 100644 --- a/windows/security/threat-protection/auditing/event-4614.md +++ b/windows/security/threat-protection/auditing/event-4614.md @@ -78,5 +78,5 @@ Each time a system starts, it loads the notification package DLLs from **HKEY\_L For 4614(S): A notification package has been loaded by the Security Account Manager. -- Typically this event has an informational purpose. If you defined the list of allowed Notification Packages in the system, then you can check is “**Notification Package Name”** field value in the whitelist or not. +- Typically this event has an informational purpose. If you defined the list of allowed Notification Packages in the system, then you can check is “**Notification Package Name”** field value in the allow list or not. diff --git a/windows/security/threat-protection/auditing/event-4622.md b/windows/security/threat-protection/auditing/event-4622.md index e425430b75..385f508b09 100644 --- a/windows/security/threat-protection/auditing/event-4622.md +++ b/windows/security/threat-protection/auditing/event-4622.md @@ -100,5 +100,5 @@ These are some Security Package DLLs loaded by default in Windows 10: For 4622(S): A security package has been loaded by the Local Security Authority. -- Typically this event has an informational purpose. If you defined the list of allowed Security Packages in the system, then you can check is “**Security Package Name”** field value in the whitelist or not. +- Typically this event has an informational purpose. If you defined the list of allowed Security Packages in the system, then you can check is “**Security Package Name”** field value in the allow list or not. diff --git a/windows/security/threat-protection/auditing/event-4624.md b/windows/security/threat-protection/auditing/event-4624.md index a7f80d6745..cf8e0d63b8 100644 --- a/windows/security/threat-protection/auditing/event-4624.md +++ b/windows/security/threat-protection/auditing/event-4624.md @@ -277,7 +277,7 @@ For 4624(S): An account was successfully logged on. | **High-value accounts**: You might have high-value domain or local accounts for which you need to monitor each action.
    Examples of high-value accounts are database administrators, built-in local administrator account, domain administrators, service accounts, domain controller accounts and so on. | Monitor this event with the **“New Logon\\Security ID”** that corresponds to the high-value account or accounts. | | **Anomalies or malicious actions**: You might have specific requirements for detecting anomalies or monitoring potential malicious actions. For example, you might need to monitor for use of an account outside of working hours. | When you monitor for anomalies or malicious actions, use the **“New Logon\\Security ID”** (with other information) to monitor how or when a particular account is being used. | | **Non-active accounts**: You might have non-active, disabled, or guest accounts, or other accounts that should never be used. | Monitor this event with the **“New Logon\\Security ID”** that corresponds to the accounts that should never be used. | -| **Account whitelist**: You might have a specific whitelist of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“New Logon\\Security ID”** for accounts that are outside the whitelist. | +| **Account whitelist**: You might have a specific allow list of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “allow list-only” action, review the **“New Logon\\Security ID”** for accounts that are outside the allow list. | | **Accounts of different types**: You might want to ensure that certain actions are performed only by certain account types, for example, local or domain account, machine or user account, vendor or employee account, and so on. | If this event corresponds to an action you want to monitor for certain account types, review the **“New Logon\\Security ID”** to see whether the account type is as expected. | | **External accounts**: You might be monitoring accounts from another domain, or “external” accounts that are not allowed to perform certain actions (represented by certain specific events). | Monitor this event for the **“Subject\\Account Domain”** corresponding to accounts from another domain or “external” accounts. | | **Restricted-use computers or devices**: You might have certain computers, machines, or devices on which certain people (accounts) should not typically perform any actions. | Monitor the target **Computer:** (or other target device) for actions performed by the **“New Logon\\Security ID”** that you are concerned about. | diff --git a/windows/security/threat-protection/auditing/event-4648.md b/windows/security/threat-protection/auditing/event-4648.md index 97bb3eda59..5a44bd38f1 100644 --- a/windows/security/threat-protection/auditing/event-4648.md +++ b/windows/security/threat-protection/auditing/event-4648.md @@ -178,7 +178,7 @@ The following table is similar to the table in [Appendix A: Security monitoring | **High-value accounts**: You might have high value domain or local accounts for which you need to monitor each action.
    Examples of high value accounts are database administrators, built-in local administrator account, domain administrators, service accounts, domain controller accounts and so on. | Monitor this event with the **“Subject\\Security ID”** or “**Account Whose Credentials Were Used\\Security ID**” that correspond to the high value account or accounts. | | **Anomalies or malicious actions**: You might have specific requirements for detecting anomalies or monitoring potential malicious actions. For example, you might need to monitor for use of an account outside of working hours. | When you monitor for anomalies or malicious actions, use the **“Subject\\Security ID”** and “**Account Whose Credentials Were Used\\Security ID**” (with other information) to monitor how or when a particular account is being used. | | **Non-active accounts**: You might have non-active, disabled, or guest accounts, or other accounts that should never be used. | Monitor this event with the **“Subject\\Security ID”** or “**Account Whose Credentials Were Used\\Security ID**” that correspond to the accounts that should never be used. | -| **Account whitelist**: You might have a specific whitelist of accounts that are allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Security ID”** and “**Account Whose Credentials Were Used\\Security ID**” for accounts that are outside the whitelist. | +| **Account allow list**: You might have a specific allow list of accounts that are allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Security ID”** and “**Account Whose Credentials Were Used\\Security ID**” for accounts that are outside the allow list. | | **External accounts**: You might be monitoring accounts from another domain, or “external” accounts that are not allowed to perform the action corresponding to this event. | Monitor for the **“Subject\\Account Domain”** or “**Account Whose Credentials Were Used\\Security ID**” corresponding to accounts from another domain or “external” accounts. | | **Restricted-use computers or devices**: You might have certain computers, machines, or devices on which certain people (accounts) should not typically perform any actions. | Monitor the target **Computer:** (or other target device) for actions performed by the **“Subject\\Security ID”** or “**Account Whose Credentials Were Used\\Security ID**” that you are concerned about.
    For example, you might monitor to ensure that “**Account Whose Credentials Were Used\\Security ID**” is not used to log on to a certain computer. | | **Account naming conventions**: Your organization might have specific naming conventions for account names. | Monitor “**Subject\\Account Name”** and “**Account Whose Credentials Were Used\\Security ID**” for names that don’t comply with naming conventions. | diff --git a/windows/security/threat-protection/auditing/event-4688.md b/windows/security/threat-protection/auditing/event-4688.md index 94d84a85cf..55ace9419d 100644 --- a/windows/security/threat-protection/auditing/event-4688.md +++ b/windows/security/threat-protection/auditing/event-4688.md @@ -192,7 +192,7 @@ For 4688(S): A new process has been created. | **High-value accounts**: You might have high-value domain or local accounts for which you need to monitor each action.
    Examples of high-value accounts are database administrators, built-in local administrator account, domain administrators, service accounts, domain controller accounts and so on. | Monitor all events with the **“Creator Subject\\Security ID”** or **“Target Subject\\Security ID”** that corresponds to the high-value account or accounts. | | **Anomalies or malicious actions**: You might have specific requirements for detecting anomalies or monitoring potential malicious actions. For example, you might need to monitor for use of an account outside of working hours. | When you monitor for anomalies or malicious actions, use the **“Creator Subject\\Security ID”** or **“Target Subject\\Security ID”** (with other information) to monitor how or when a particular account is being used. | | **Non-active accounts**: You might have non-active, disabled, or guest accounts, or other accounts that should never be used. | Monitor all events with the **“Creator Subject\\Security ID”** or **“Target Subject\\Security ID”** that corresponds to the accounts that should never be used. | -| **Account whitelist**: You might have a specific whitelist of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Creator Subject\\Security ID”** and **“Target Subject\\Security ID”** for accounts that are outside the whitelist. | +| **Account whitelist**: You might have a specific allow list of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Creator Subject\\Security ID”** and **“Target Subject\\Security ID”** for accounts that are outside the allow list. | | **Accounts of different types**: You might want to ensure that certain actions are performed only by certain account types, for example, local or domain account, machine or user account, vendor or employee account, and so on. | If this event corresponds to an action you want to monitor for certain account types, review the **“Creator Subject\\Security ID”** or **“Target Subject\\Security ID”** to see whether the account type is as expected. | | **External accounts**: You might be monitoring accounts from another domain, or “external” accounts that are not allowed to perform certain actions (represented by certain specific events). | Monitor the specific events for the **“Creator Subject\\Security ID”** or **“Target Subject\\Security ID”** corresponding to accounts from another domain or “external” accounts. | | **Restricted-use computers or devices**: You might have certain computers, machines, or devices on which certain people (accounts) should not typically perform any actions. | Monitor the target **Computer:** (or other target device) for actions performed by the **“Creator Subject\\Security ID”** or **“Target Subject\\Security ID”** that you are concerned about. | diff --git a/windows/security/threat-protection/auditing/event-4696.md b/windows/security/threat-protection/auditing/event-4696.md index cc31b9e54f..0268cd25a8 100644 --- a/windows/security/threat-protection/auditing/event-4696.md +++ b/windows/security/threat-protection/auditing/event-4696.md @@ -152,7 +152,7 @@ For 4696(S): A primary token was assigned to process. | **High-value accounts**: You might have high-value domain or local accounts for which you need to monitor each action.
    Examples of high-value accounts are database administrators, built-in local administrator account, domain administrators, service accounts, domain controller accounts and so on. | Monitor this event with the **“Subject\\Security ID”** or **“New Token Information\\Security ID”** that corresponds to the high-value account or accounts. | | **Anomalies or malicious actions**: You might have specific requirements for detecting anomalies or monitoring potential malicious actions. For example, you might need to monitor for use of an account outside of working hours. | When you monitor for anomalies or malicious actions, use the **“Subject\\Security ID”** or **“New Token Information\\Security ID”** (with other information) to monitor how or when a particular account is being used. | | **Non-active accounts**: You might have non-active, disabled, or guest accounts, or other accounts that should never be used. | Monitor this event with the **“Subject\\Security ID”** or **“New Token Information\\Security ID”** that corresponds to the accounts that should never be used. | -| **Account whitelist**: You might have a specific whitelist of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Security ID”** and **“New Token Information\\Security ID”** for accounts that are outside the whitelist. | +| **Account whitelist**: You might have a specific allow list of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Security ID”** and **“New Token Information\\Security ID”** for accounts that are outside the allow list. | | **Accounts of different types**: You might want to ensure that certain actions are performed only by certain account types, for example, local or domain account, machine or user account, vendor or employee account, and so on. | If this event corresponds to an action you want to monitor for certain account types, review the **“Subject\\Security ID”** or **“New Token Information\\Security ID”** to see whether the account type is as expected. | | **External accounts**: You might be monitoring accounts from another domain, or “external” accounts that are not allowed to perform certain actions (represented by certain specific events). | Monitor this event for the **“Subject\\Security ID”** or **“New Token Information\\Security ID”** corresponding to accounts from another domain or “external” accounts. | | **Restricted-use computers or devices**: You might have certain computers, machines, or devices on which certain people (accounts) should not typically perform any actions. | Monitor the target **Computer:** (or other target device) for actions performed by the **“Subject\\Security ID”** or **“New Token Information\\Security ID”** that you are concerned about. | diff --git a/windows/security/threat-protection/auditing/event-4703.md b/windows/security/threat-protection/auditing/event-4703.md index 5c8f7fcc36..9e2056f25d 100644 --- a/windows/security/threat-protection/auditing/event-4703.md +++ b/windows/security/threat-protection/auditing/event-4703.md @@ -194,7 +194,7 @@ Otherwise, see the recommendations in the following table. | **High-value accounts**: You might have high-value domain or local accounts for which you need to monitor each action.
    Examples of high-value accounts are database administrators, built-in local administrator account, domain administrators, service accounts, domain controller accounts and so on. | Monitor this event with the **“Subject\\Security ID”** that corresponds to the high-value account or accounts. | | **Anomalies or malicious actions**: You might have specific requirements for detecting anomalies or monitoring potential malicious actions. For example, you might need to monitor for use of an account outside of working hours. | When you monitor for anomalies or malicious actions, use the **“Subject\\Security ID”** (with other information) to monitor how or when a particular account is being used. | | **Non-active accounts**: You might have non-active, disabled, or guest accounts, or other accounts that should never be used. | Monitor this event with the **“Subject\\Security ID”** or “**Target Account\\Security ID**” that correspond to the accounts that should never be used. | -| **Account whitelist**: You might have a specific whitelist of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Security ID”** for accounts that are outside the whitelist. Also check the “**Target Account\\Security ID**” and **“Enabled Privileges”** to see what was enabled. | +| **Account whitelist**: You might have a specific allow list of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Security ID”** for accounts that are outside the allow list. Also check the “**Target Account\\Security ID**” and **“Enabled Privileges”** to see what was enabled. | | **Accounts of different types**: You might want to ensure that certain actions are performed only by certain account types, for example, local or domain account, machine or user account, vendor or employee account, and so on. | If this event corresponds to an action you want to monitor for certain account types, review the **“Subject\\Security ID”** to see whether the account type is as expected. | | **External accounts**: You might be monitoring accounts from another domain, or “external” accounts that are not allowed to perform certain actions (represented by certain specific events). | Monitor this event for the **“Subject\\Account Domain”** corresponding to accounts from another domain or “external” accounts. | | **Restricted-use computers or devices**: You might have certain computers, machines, or devices on which certain people (accounts) should perform only limited actions, or no actions at all. | Monitor the target **Computer:** (or other target device) for actions performed by the **“Subject\\Security ID”** that you are concerned about.
    Also check **“Target Account\\Security ID”** to see whether the change in privileges should be made on that computer for that account. | diff --git a/windows/security/threat-protection/auditing/event-4704.md b/windows/security/threat-protection/auditing/event-4704.md index f78b83ef3c..7db8499254 100644 --- a/windows/security/threat-protection/auditing/event-4704.md +++ b/windows/security/threat-protection/auditing/event-4704.md @@ -152,7 +152,7 @@ For 4704(S): A user right was assigned. | **High-value accounts**: You might have high-value domain or local accounts for which you need to monitor each action.
    Examples of high-value accounts are database administrators, built-in local administrator account, domain administrators, service accounts, domain controller accounts and so on. | Monitor this event with the **“Subject\\Security ID”** that corresponds to the high-value account or accounts. | | **Anomalies or malicious actions**: You might have specific requirements for detecting anomalies or monitoring potential malicious actions. For example, you might need to monitor for use of an account outside of working hours. | When you monitor for anomalies or malicious actions, use the **“Subject\\Security ID”** (with other information) to monitor how or when a particular account is being used. | | **Non-active accounts**: You might have non-active, disabled, or guest accounts, or other accounts that should never be used. | Monitor this event with the **“Subject\\Security ID”** or “**Target Account\\ Account Name**” that correspond to the accounts that should never be used. | -| **Account whitelist**: You might have a specific whitelist of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Security ID”** for accounts that are outside the whitelist. Also check the “**Target Account\\Account Name**” and **“New Right”** to see what was enabled. | +| **Account whitelist**: You might have a specific allow list of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Security ID”** for accounts that are outside the allow list. Also check the “**Target Account\\Account Name**” and **“New Right”** to see what was enabled. | | **Accounts of different types**: You might want to ensure that certain actions are performed only by certain account types, for example, local or domain account, machine or user account, vendor or employee account, and so on. | If this event corresponds to an action you want to monitor for certain account types, review the **“Subject\\Security ID”** to see whether the account type is as expected. | | **External accounts**: You might be monitoring accounts from another domain, or “external” accounts that are not allowed to perform certain actions (represented by certain specific events). | Monitor this event for the **“Subject\\Account Domain”** corresponding to accounts from another domain or “external” accounts. | | **Restricted-use computers or devices**: You might have certain computers, machines, or devices on which certain people (accounts) should perform only limited actions, or no actions at all. | Monitor the target **Computer:** (or other target device) for actions performed by the **“Subject\\Security ID”** that you are concerned about.
    Also check **“Target Account\\ Account Name”** to see whether the change in rights should be made on that computer for that account. | diff --git a/windows/security/threat-protection/auditing/event-4705.md b/windows/security/threat-protection/auditing/event-4705.md index 09c240e026..a89086caee 100644 --- a/windows/security/threat-protection/auditing/event-4705.md +++ b/windows/security/threat-protection/auditing/event-4705.md @@ -151,7 +151,7 @@ For 4705(S): A user right was removed. | **High-value accounts**: You might have high-value domain or local accounts for which you need to monitor each action.
    Examples of high-value accounts are database administrators, built-in local administrator account, domain administrators, service accounts, domain controller accounts and so on. | Monitor this event with the **“Subject\\Security ID”** that corresponds to the high-value account or accounts. | | **Anomalies or malicious actions**: You might have specific requirements for detecting anomalies or monitoring potential malicious actions. For example, you might need to monitor for use of an account outside of working hours. | When you monitor for anomalies or malicious actions, use the **“Subject\\Security ID”** (with other information) to monitor how or when a particular account is being used. | | **Non-active accounts**: You might have non-active, disabled, or guest accounts, or other accounts that should never be used. | Monitor this event with the **“Subject\\Security ID”** or “**Target Account\\Account Name**” that correspond to the accounts that should never be used. | -| **Account whitelist**: You might have a specific whitelist of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Security ID”** for accounts that are outside the whitelist.
    If you have specific user rights policies, for example, a whitelist of accounts that can perform certain actions, monitor this event to confirm that it was appropriate that the “**Removed Right**” was removed from “**Target** **Account\\Account Name**.” | +| **Account whitelist**: You might have a specific allow list of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Security ID”** for accounts that are outside the allow list.
    If you have specific user rights policies, for example, an allow list of accounts that can perform certain actions, monitor this event to confirm that it was appropriate that the “**Removed Right**” was removed from “**Target** **Account\\Account Name**.” | | **Accounts of different types**: You might want to ensure that certain actions are performed only by certain account types, for example, local or domain account, machine or user account, vendor or employee account, and so on. | If this event corresponds to an action you want to monitor for certain account types, review the **“Subject\\Security ID”** and “**Target Account\\Account Name”** to see whether the account type is as expected.
    For example, if some accounts have critical user rights which should never be removed, monitor this event for the **“Target** **Account\\Account Name”** and the appropriate rights.
    As another example, if non-administrative accounts should never be granted certain user rights (for example, **SeAuditPrivilege**), you might monitor this event, because a right can be removed only after it was previously granted. | | **External accounts**: You might be monitoring accounts from another domain, or “external” accounts that are not allowed to perform certain actions (represented by certain specific events). | Monitor this event for the **“Subject\\Account Domain”** corresponding to accounts from another domain or “external” accounts. | | **Restricted-use computers or devices**: You might have certain computers, machines, or devices on which certain people (accounts) should perform only limited actions, or no actions at all. | Monitor the target **Computer:** (or other target device) for actions performed by the **“Subject\\Security ID”** that you are concerned about. Also be sure to check “**Target Account\\Account Name**” to see whether user rights should be removed from that account (or whether that account should have any rights on that computer).
    For high-value servers or other computers, we recommend that you track this event and investigate whether the specific “**Removed Right**” should be removed from “**Target** **Account\\Account Name**” in each case. | diff --git a/windows/security/threat-protection/auditing/event-4717.md b/windows/security/threat-protection/auditing/event-4717.md index 13f2c744aa..ffe87e87e0 100644 --- a/windows/security/threat-protection/auditing/event-4717.md +++ b/windows/security/threat-protection/auditing/event-4717.md @@ -126,7 +126,7 @@ For 4717(S): System security access was granted to an account. | **High-value accounts**: You might have high-value domain or local accounts for which you need to monitor each action.
    Examples of high-value accounts are database administrators, built-in local administrator account, domain administrators, service accounts, domain controller accounts and so on. | Monitor this event with the **“Subject\\Security ID”** and “**Account Modified\\Account Name”** that correspond to the high-value account or accounts. | | **Anomalies or malicious actions**: You might have specific requirements for detecting anomalies or monitoring potential malicious actions. For example, you might need to monitor for use of an account outside of working hours. | When you monitor for anomalies or malicious actions, use the **“Subject\\Security ID”** (with other information) to monitor how or when a particular account is being used. | | **Non-active accounts**: You might have non-active, disabled, or guest accounts, or other accounts that should never be used. | Monitor this event with the **“Subject\\Security ID”** that corresponds to the accounts that should never be used. | -| **Account whitelist**: You might have a specific whitelist of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Security ID”** for accounts that are outside the whitelist.
    If you have specific user logon rights policies, for example, a whitelist of accounts that can log on to certain computers, monitor this event to confirm that any “**Access Right**” was granted only to the appropriate “**Account Modified\\Account Name**.” | +| **Account whitelist**: You might have a specific allow list of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Security ID”** for accounts that are outside the allow list.
    If you have specific user logon rights policies, for example, an allow list of accounts that can log on to certain computers, monitor this event to confirm that any “**Access Right**” was granted only to the appropriate “**Account Modified\\Account Name**.” | | **Accounts of different types**: You might want to ensure that certain actions are performed only by certain account types, for example, local or domain account, machine or user account, vendor or employee account, and so on. | If this event corresponds to an action you want to monitor for certain account types, review the **“Subject\\Security ID”** and “**Account Modified\\Account Name”** to see whether the account type is as expected.
    For example, if non-service accounts should never be granted certain logon rights (for example, **SeServiceLogonRight**), monitor this event for those accounts and rights. | | **External accounts**: You might be monitoring accounts from another domain, or “external” accounts that are not allowed to perform certain actions (represented by certain specific events). | Monitor this event for the **“Subject\\Account Domain”** corresponding to accounts from another domain or “external” accounts. | | **Restricted-use computers or devices**: You might have certain computers, machines, or devices on which certain people (accounts) should perform only limited actions, or no actions at all. | Monitor the target **Computer:** (or other target device) for actions performed by the **“Subject\\Security ID”** that you are concerned about. Also be sure to check “**Account Modified\\Account Name**” to see whether logon rights should be granted to that account.
    For high-value servers or other computers, we recommend that you track this event and investigate whether the specific “**Access Right**” should be granted to “**Account Modified\\Account Name**” in each case. | diff --git a/windows/security/threat-protection/auditing/event-4718.md b/windows/security/threat-protection/auditing/event-4718.md index 9bb398d835..ecef74c71a 100644 --- a/windows/security/threat-protection/auditing/event-4718.md +++ b/windows/security/threat-protection/auditing/event-4718.md @@ -126,7 +126,7 @@ For 4718(S): System security access was removed from an account. | **High-value accounts**: You might have high-value domain or local accounts for which you need to monitor each action.
    Examples of high-value accounts are database administrators, built-in local administrator account, domain administrators, service accounts, domain controller accounts and so on. | Monitor this event with the **“Subject\\Security ID”** and “**Account Modified\\Account Name”** that correspond to the high-value account or accounts. | | **Anomalies or malicious actions**: You might have specific requirements for detecting anomalies or monitoring potential malicious actions. For example, you might need to monitor for use of an account outside of working hours. | When you monitor for anomalies or malicious actions, use the **“Subject\\Security ID”** (with other information) to monitor how or when a particular account is being used. | | **Non-active accounts**: You might have non-active, disabled, or guest accounts, or other accounts that should never be used. | Monitor this event with the **“Subject\\Security ID”** that corresponds to the accounts that should never be used. | -| **Account whitelist**: You might have a specific whitelist of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Security ID”** for accounts that are outside the whitelist.
    If you have specific user logon rights policies, for example, a whitelist of accounts that can log on to certain computers, monitor this event to confirm that it was appropriate that the “**Access Right**” was removed from “**Account Modified\\Account Name**.” | +| **Account whitelist**: You might have a specific allow list of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Security ID”** for accounts that are outside the allow list.
    If you have specific user logon rights policies, for example, an allow list of accounts that can log on to certain computers, monitor this event to confirm that it was appropriate that the “**Access Right**” was removed from “**Account Modified\\Account Name**.” | | **Accounts of different types**: You might want to ensure that certain actions are performed only by certain account types, for example, local or domain account, machine or user account, vendor or employee account, and so on. | If this event corresponds to an action you want to monitor for certain account types, review the **“Subject\\Security ID”** and “**Account Modified\\Account Name”** to see whether the account type is as expected.
    For example, if critical remote network service accounts have user logon rights which should never be removed (for example, **SeNetworkLogonRight**), monitor this event for the **“Account Modified\\Account Name”** and the appropriate rights.
    As another example, if non-service accounts should never be granted certain logon rights (for example, **SeServiceLogonRight**), you might monitor this event, because a right can be removed only after it was previously granted. | | **External accounts**: You might be monitoring accounts from another domain, or “external” accounts that are not allowed to perform certain actions (represented by certain specific events). | Monitor this event for the **“Subject\\Account Domain”** corresponding to accounts from another domain or “external” accounts. | | **Restricted-use computers or devices**: You might have certain computers, machines, or devices on which certain people (accounts) should perform only limited actions, or no actions at all. | Monitor the target **Computer:** (or other target device) for actions performed by the **“Subject\\Security ID”** that you are concerned about. Also be sure to check “**Account Modified\\Account Name**” to see whether logon rights should be removed from that account.
    For high-value servers or other computers, we recommend that you track this event and investigate whether the specific “**Access Right**” should be removed from “**Account Modified\\Account Name**” in each case. | diff --git a/windows/security/threat-protection/auditing/event-4732.md b/windows/security/threat-protection/auditing/event-4732.md index 511b73b62c..65ba0ae840 100644 --- a/windows/security/threat-protection/auditing/event-4732.md +++ b/windows/security/threat-protection/auditing/event-4732.md @@ -153,7 +153,7 @@ For 4732(S): A member was added to a security-enabled local group. | **High-value accounts**: You might have high-value domain or local accounts for which you need to monitor each action.
    Examples of high-value accounts are database administrators, built-in local administrator account, domain administrators, service accounts, domain controller accounts and so on. | Monitor this event with the **“Subject\\Security ID”** and **“Member\\Security ID”** that correspond to the high-value account or accounts. | | **Anomalies or malicious actions**: You might have specific requirements for detecting anomalies or monitoring potential malicious actions. For example, you might need to monitor for use of an account outside of working hours. | When you monitor for anomalies or malicious actions, use the **“Subject\\Security ID”** (with other information) to monitor how or when a particular account is being used. | | **Non-active accounts**: You might have non-active, disabled, or guest accounts, or other accounts that should never be used. | Monitor this event with the **“Subject\\Security ID”** and **“Member\\Security ID”** that correspond to the accounts that should never be used. | -| **Account whitelist**: You might have a specific whitelist of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Security ID”** for accounts that are outside the whitelist. | +| **Account whitelist**: You might have a specific allow list of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Security ID”** for accounts that are outside the allow list. | | **Accounts of different types**: You might want to ensure that certain actions are performed only by certain account types, for example, local or domain account, machine or user account, vendor or employee account, and so on. | If this event corresponds to an action you want to monitor for certain account types, review the **“Subject\\Security ID”** to see whether the account type is as expected. | | **External accounts**: You might be monitoring accounts from another domain, or “external” accounts that are not allowed to perform certain actions (represented by certain specific events). | Monitor this event for the **“Subject\\Account Domain”** corresponding to accounts from another domain or “external” accounts. | | **Restricted-use computers or devices**: You might have certain computers, machines, or devices on which certain people (accounts) should not typically perform any actions. | Monitor the target **Computer:** (or other target device) for actions performed by the **“Subject\\Security ID”** that you are concerned about. | diff --git a/windows/security/threat-protection/auditing/event-4733.md b/windows/security/threat-protection/auditing/event-4733.md index e7b90640ec..b970a918bc 100644 --- a/windows/security/threat-protection/auditing/event-4733.md +++ b/windows/security/threat-protection/auditing/event-4733.md @@ -160,7 +160,7 @@ For 4733(S): A member was removed from a security-enabled local group. | **High-value accounts**: You might have high-value domain or local accounts for which you need to monitor each action.
    Examples of high-value accounts are database administrators, built-in local administrator account, domain administrators, service accounts, domain controller accounts and so on. | Monitor this event with the **“Subject\\Security ID”** and **“Member\\Security ID”** that correspond to the high-value account or accounts. | | **Anomalies or malicious actions**: You might have specific requirements for detecting anomalies or monitoring potential malicious actions. For example, you might need to monitor for use of an account outside of working hours. | When you monitor for anomalies or malicious actions, use the **“Subject\\Security ID”** (with other information) to monitor how or when a particular account is being used. | | **Non-active accounts**: You might have non-active, disabled, or guest accounts, or other accounts that should never be used. | Monitor this event with the **“Subject\\Security ID”** and **“Member\\Security ID”** that correspond to the accounts that should never be used. | -| **Account whitelist**: You might have a specific whitelist of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Security ID”** for accounts that are outside the whitelist. | +| **Account whitelist**: You might have a specific allow list of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Security ID”** for accounts that are outside the allow list. | | **Accounts of different types**: You might want to ensure that certain actions are performed only by certain account types, for example, local or domain account, machine or user account, vendor or employee account, and so on. | If this event corresponds to an action you want to monitor for certain account types, review the **“Subject\\Security ID”** to see whether the account type is as expected. | | **External accounts**: You might be monitoring accounts from another domain, or “external” accounts that are not allowed to perform certain actions (represented by certain specific events). | Monitor this event for the **“Subject\\Account Domain”** corresponding to accounts from another domain or “external” accounts. | | **Restricted-use computers or devices**: You might have certain computers, machines, or devices on which certain people (accounts) should not typically perform any actions. | Monitor the target **Computer:** (or other target device) for actions performed by the **“Subject\\Security ID”** that you are concerned about. | diff --git a/windows/security/threat-protection/auditing/event-4751.md b/windows/security/threat-protection/auditing/event-4751.md index 3d070ae403..e72bc3b3a0 100644 --- a/windows/security/threat-protection/auditing/event-4751.md +++ b/windows/security/threat-protection/auditing/event-4751.md @@ -157,7 +157,7 @@ For 4751(S): A member was added to a security-disabled global group. | **High-value accounts**: You might have high-value domain or local accounts for which you need to monitor each action.
    Examples of high-value accounts are database administrators, built-in local administrator account, domain administrators, service accounts, domain controller accounts and so on. | Monitor this event with the **“Subject\\Security ID”** and **“Member\\Security ID”** that correspond to the high-value account or accounts. | | **Anomalies or malicious actions**: You might have specific requirements for detecting anomalies or monitoring potential malicious actions. For example, you might need to monitor for use of an account outside of working hours. | When you monitor for anomalies or malicious actions, use the **“Subject\\Security ID”** (with other information) to monitor how or when a particular account is being used. | | **Non-active accounts**: You might have non-active, disabled, or guest accounts, or other accounts that should never be used. | Monitor this event with the **“Subject\\Security ID”** and **“Member\\Security ID”** that correspond to the accounts that should never be used. | -| **Account whitelist**: You might have a specific whitelist of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Security ID”** for accounts that are outside the whitelist. | +| **Account whitelist**: You might have a specific allow list of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Security ID”** for accounts that are outside the allow list. | | **Accounts of different types**: You might want to ensure that certain actions are performed only by certain account types, for example, local or domain account, machine or user account, vendor or employee account, and so on. | If this event corresponds to an action you want to monitor for certain account types, review the **“Subject\\Security ID”** to see whether the account type is as expected. | | **External accounts**: You might be monitoring accounts from another domain, or “external” accounts that are not allowed to perform certain actions (represented by certain specific events). | Monitor this event for the **“Subject\\Account Domain”** corresponding to accounts from another domain or “external” accounts. | | **Restricted-use computers or devices**: You might have certain computers, machines, or devices on which certain people (accounts) should not typically perform any actions. | Monitor the target **Computer:** (or other target device) for actions performed by the **“Subject\\Security ID”** that you are concerned about. | diff --git a/windows/security/threat-protection/auditing/event-4752.md b/windows/security/threat-protection/auditing/event-4752.md index 63d0425219..b1fc1df98f 100644 --- a/windows/security/threat-protection/auditing/event-4752.md +++ b/windows/security/threat-protection/auditing/event-4752.md @@ -148,7 +148,7 @@ For 4752(S): A member was removed from a security-disabled global group. | **High-value accounts**: You might have high-value domain or local accounts for which you need to monitor each action.
    Examples of high-value accounts are database administrators, built-in local administrator account, domain administrators, service accounts, domain controller accounts and so on. | Monitor this event with the **“Subject\\Security ID”** and **“Member\\Security ID”** that correspond to the high-value account or accounts. | | **Anomalies or malicious actions**: You might have specific requirements for detecting anomalies or monitoring potential malicious actions. For example, you might need to monitor for use of an account outside of working hours. | When you monitor for anomalies or malicious actions, use the **“Subject\\Security ID”** (with other information) to monitor how or when a particular account is being used. | | **Non-active accounts**: You might have non-active, disabled, or guest accounts, or other accounts that should never be used. | Monitor this event with the **“Subject\\Security ID”** and **“Member\\Security ID”** that correspond to the accounts that should never be used. | -| **Account whitelist**: You might have a specific whitelist of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Security ID”** for accounts that are outside the whitelist. | +| **Account whitelist**: You might have a specific allow list of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Security ID”** for accounts that are outside the allow list. | | **Accounts of different types**: You might want to ensure that certain actions are performed only by certain account types, for example, local or domain account, machine or user account, vendor or employee account, and so on. | If this event corresponds to an action you want to monitor for certain account types, review the **“Subject\\Security ID”** to see whether the account type is as expected. | | **External accounts**: You might be monitoring accounts from another domain, or “external” accounts that are not allowed to perform certain actions (represented by certain specific events). | Monitor this event for the **“Subject\\Account Domain”** corresponding to accounts from another domain or “external” accounts. | | **Restricted-use computers or devices**: You might have certain computers, machines, or devices on which certain people (accounts) should not typically perform any actions. | Monitor the target **Computer:** (or other target device) for actions performed by the **“Subject\\Security ID”** that you are concerned about. | diff --git a/windows/security/threat-protection/auditing/event-4768.md b/windows/security/threat-protection/auditing/event-4768.md index 74e6e22b45..1da086eb93 100644 --- a/windows/security/threat-protection/auditing/event-4768.md +++ b/windows/security/threat-protection/auditing/event-4768.md @@ -304,13 +304,13 @@ For 4768(S, F): A Kerberos authentication ticket (TGT) was requested. | **High-value accounts**: You might have high-value domain or local accounts for which you need to monitor each action.
    Examples of high-value accounts are database administrators, built-in local administrator account, domain administrators, service accounts, domain controller accounts and so on. | Monitor this event with the **“User ID”** that corresponds to the high-value account or accounts. | | **Anomalies or malicious actions**: You might have specific requirements for detecting anomalies or monitoring potential malicious actions. For example, you might need to monitor for use of an account outside of working hours. | When you monitor for anomalies or malicious actions, use the **“User ID”** (with other information) to monitor how or when a particular account is being used. | | **Non-active accounts**: You might have non-active, disabled, or guest accounts, or other accounts that should never be used. | Monitor this event with the **“User ID”** that corresponds to the accounts that should never be used. | -| **Account whitelist**: You might have a specific whitelist of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“User ID”** for accounts that are outside the whitelist. | +| **Account whitelist**: You might have a specific allow list of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“User ID”** for accounts that are outside the allow list. | | **External accounts**: You might be monitoring accounts from another domain, or “external” accounts that are not allowed to perform certain actions (represented by certain specific events). | Monitor this event for the **“Supplied Realm Name”** corresponding to another domain or “external” location. | | **Account naming conventions**: Your organization might have specific naming conventions for account names. | Monitor “**User ID”** for names that don’t comply with naming conventions. | - You can track all [4768](event-4768.md) events where the **Client Address** is not from your internal IP range or not from private IP ranges. -- If you know that **Account Name** should be used only from known list of IP addresses, track all **Client Address** values for this **Account Name** in [4768](event-4768.md) events. If **Client Address** is not from the whitelist, generate the alert. +- If you know that **Account Name** should be used only from known list of IP addresses, track all **Client Address** values for this **Account Name** in [4768](event-4768.md) events. If **Client Address** is not from the allow list, generate the alert. - All **Client Address** = ::1 means local authentication. If you know the list of accounts which should log on to the domain controllers, then you need to monitor for all possible violations, where **Client Address** = ::1 and **Account Name** is not allowed to log on to any domain controller. diff --git a/windows/security/threat-protection/auditing/event-4769.md b/windows/security/threat-protection/auditing/event-4769.md index 199a11849a..64f7bf4503 100644 --- a/windows/security/threat-protection/auditing/event-4769.md +++ b/windows/security/threat-protection/auditing/event-4769.md @@ -280,9 +280,9 @@ For 4769(S, F): A Kerberos service ticket was requested. - You can track all [4769](event-4769.md) events where the **Client Address** is not from your internal IP range or not from private IP ranges. -- If you know that **Account Name** should be able to request tickets (should be used) only from a known whitelist of IP addresses, track all **Client Address** values for this **Account Name** in [4769](event-4769.md) events. If **Client Address** is not from your whitelist of IP addresses, generate the alert. +- If you know that **Account Name** should be able to request tickets (should be used) only from a known allow list of IP addresses, track all **Client Address** values for this **Account Name** in [4769](event-4769.md) events. If **Client Address** is not from your allow list of IP addresses, generate the alert. -- All **Client Address** = ::1 means local TGS requests, which means that the **Account Name** logged on to a domain controller before making the TGS request. If you have a whitelist of accounts allowed to log on to domain controllers, monitor events with **Client Address** = ::1 and any **Account Name** outside the whitelist. +- All **Client Address** = ::1 means local TGS requests, which means that the **Account Name** logged on to a domain controller before making the TGS request. If you have an allow list of accounts allowed to log on to domain controllers, monitor events with **Client Address** = ::1 and any **Account Name** outside the allow list. - All [4769](event-4769.md) events with **Client Port** field value > 0 and < 1024 should be examined, because a well-known port was used for outbound connection. diff --git a/windows/security/threat-protection/auditing/event-4771.md b/windows/security/threat-protection/auditing/event-4771.md index f97c972551..b099911afd 100644 --- a/windows/security/threat-protection/auditing/event-4771.md +++ b/windows/security/threat-protection/auditing/event-4771.md @@ -208,12 +208,12 @@ For 4771(F): Kerberos pre-authentication failed. | **High-value accounts**: You might have high-value domain or local accounts for which you need to monitor each action.
    Examples of high-value accounts are database administrators, built-in local administrator account, domain administrators, service accounts, domain controller accounts and so on. | Monitor this event with the **“Security ID”** that corresponds to the high-value account or accounts. | | **Anomalies or malicious actions**: You might have specific requirements for detecting anomalies or monitoring potential malicious actions. For example, you might need to monitor for use of an account outside of working hours. | When you monitor for anomalies or malicious actions, use the **“Security ID”** (with other information) to monitor how or when a particular account is being used. | | **Non-active accounts**: You might have non-active, disabled, or guest accounts, or other accounts that should never be used. | Monitor this event with the **“Security ID”** that corresponds to the accounts that should never be used. | -| **Account whitelist**: You might have a specific whitelist of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Security ID”** for accounts that are outside the whitelist. | +| **Account whitelist**: You might have a specific allow list of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Security ID”** for accounts that are outside the allow list. | | **Account naming conventions**: Your organization might have specific naming conventions for account names. | Monitor “**Subject\\Account Name”** for names that don’t comply with naming conventions. | - You can track all [4771](event-4771.md) events where the **Client Address** is not from your internal IP range or not from private IP ranges. -- If you know that **Account Name** should be used only from known list of IP addresses, track all **Client Address** values for this **Account Name** in [4771](event-4771.md) events. If **Client Address** is not from the whitelist, generate the alert. +- If you know that **Account Name** should be used only from known list of IP addresses, track all **Client Address** values for this **Account Name** in [4771](event-4771.md) events. If **Client Address** is not from the allow list, generate the alert. - All **Client Address** = ::1 means local authentication. If you know the list of accounts which should log on to the domain controllers, then you need to monitor for all possible violations, where **Client Address** = ::1 and **Account Name** is not allowed to log on to any domain controller. diff --git a/windows/security/threat-protection/auditing/event-4776.md b/windows/security/threat-protection/auditing/event-4776.md index 895d43226c..2e759dcb4e 100644 --- a/windows/security/threat-protection/auditing/event-4776.md +++ b/windows/security/threat-protection/auditing/event-4776.md @@ -129,7 +129,7 @@ For 4776(S, F): The computer attempted to validate the credentials for an accoun | **High-value accounts**: You might have high-value domain or local accounts for which you need to monitor each action.
    Examples of high-value accounts are database administrators, built-in local administrator account, domain administrators, service accounts, domain controller accounts and so on. | Monitor this event with the **“Logon Account”** that corresponds to the high-value account or accounts. | | **Anomalies or malicious actions**: You might have specific requirements for detecting anomalies or monitoring potential malicious actions. For example, you might need to monitor for use of an account outside of working hours. | When you monitor for anomalies or malicious actions, use the **“Logon Account”** value (with other information) to monitor how or when a particular account is being used.
    To monitor activity of specific user accounts outside of working hours, monitor the appropriate **Logon Account + Source Workstation** pairs. | | **Non-active accounts**: You might have non-active, disabled, or guest accounts, or other accounts that should never be used. | Monitor this event with the **“Logon Account”** that should never be used. | -| **Account whitelist**: You might have a specific whitelist of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Logon Account”** for accounts that are outside the whitelist. | +| **Account allow list**: You might have a specific allow list of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Logon Account”** for accounts that are outside the allow list. | | **Restricted-use computers**: You might have certain computers from which certain people (accounts) should not log on. | Monitor the target **Source Workstation** for credential validation requests from the **“Logon Account”** that you are concerned about. | | **Account naming conventions**: Your organization might have specific naming conventions for account names. | Monitor “**Logon Account”** for names that don’t comply with naming conventions. | diff --git a/windows/security/threat-protection/auditing/event-4778.md b/windows/security/threat-protection/auditing/event-4778.md index 92d5783c67..265b39dbcf 100644 --- a/windows/security/threat-protection/auditing/event-4778.md +++ b/windows/security/threat-protection/auditing/event-4778.md @@ -126,7 +126,7 @@ For 4778(S): A session was reconnected to a Window Station. | **High-value accounts**: You might have high-value domain or local accounts for which you need to monitor each action.
    Examples of high-value accounts are database administrators, built-in local administrator account, domain administrators, service accounts, domain controller accounts and so on. | Monitor this event with the **“Subject\\Account Name”** that corresponds to the high-value account or accounts. | | **Anomalies or malicious actions**: You might have specific requirements for detecting anomalies or monitoring potential malicious actions. For example, you might need to monitor for use of an account outside of working hours. | When you monitor for anomalies or malicious actions, use the **“Subject\\Account Name”** (with other information) to monitor how or when a particular account is being used. | | **Non-active accounts**: You might have non-active, disabled, or guest accounts, or other accounts that should never be used. | Monitor this event with the **“Subject\\Account Name”** that corresponds to the accounts that should never be used. | -| **Account whitelist**: You might have a specific whitelist of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Account Name”** for accounts that are outside the whitelist. | +| **Account allow list**: You might have a specific allow list of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Account Name”** for accounts that are outside the allow list. | | **Accounts of different types**: You might want to ensure that certain actions are performed only by certain account types, for example, local or domain account, machine or user account, vendor or employee account, and so on. | If this event corresponds to an action you want to monitor for certain account types, review the **“Subject\\Account Name”** to see whether the account type is as expected. | | **External accounts**: You might be monitoring accounts from another domain, or “external” accounts that are not allowed to perform certain actions (represented by certain specific events). | Monitor this event for the **“Subject\\Account Domain”** corresponding to accounts from another domain or “external” accounts. | | **Restricted-use computers or devices**: You might have certain computers, machines, or devices on which certain people (accounts) should not typically perform any actions. | Monitor the target **Computer:** (or other target device) for actions performed by the **“Subject\\Account Name”** that you are concerned about. | diff --git a/windows/security/threat-protection/auditing/event-4779.md b/windows/security/threat-protection/auditing/event-4779.md index a5a3de2a56..bd733289bb 100644 --- a/windows/security/threat-protection/auditing/event-4779.md +++ b/windows/security/threat-protection/auditing/event-4779.md @@ -130,7 +130,7 @@ For 4779(S): A session was disconnected from a Window Station. | **High-value accounts**: You might have high-value domain or local accounts for which you need to monitor each action.
    Examples of high-value accounts are database administrators, built-in local administrator account, domain administrators, service accounts, domain controller accounts and so on. | Monitor this event with the **“Subject\\Account Name”** that corresponds to the high-value account or accounts. | | **Anomalies or malicious actions**: You might have specific requirements for detecting anomalies or monitoring potential malicious actions. For example, you might need to monitor for use of an account outside of working hours. | When you monitor for anomalies or malicious actions, use the **“Subject\\Account Name”** (with other information) to monitor how or when a particular account is being used. | | **Non-active accounts**: You might have non-active, disabled, or guest accounts, or other accounts that should never be used. | Monitor this event with the **“Subject\\Account Name”** that corresponds to the accounts that should never be used. | -| **Account whitelist**: You might have a specific whitelist of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Account Name”** for accounts that are outside the whitelist. | +| **Account whitelist**: You might have a specific allow list of accounts that are the only ones allowed to perform actions corresponding to particular events. | If this event corresponds to a “whitelist-only” action, review the **“Subject\\Account Name”** for accounts that are outside the whitelist. | | **Accounts of different types**: You might want to ensure that certain actions are performed only by certain account types, for example, local or domain account, machine or user account, vendor or employee account, and so on. | If this event corresponds to an action you want to monitor for certain account types, review the **“Subject\\Account Name”** to see whether the account type is as expected. | | **External accounts**: You might be monitoring accounts from another domain, or “external” accounts that are not allowed to perform certain actions (represented by certain specific events). | Monitor this event for the **“Subject\\Account Domain”** corresponding to accounts from another domain or “external” accounts. | | **Restricted-use computers or devices**: You might have certain computers, machines, or devices on which certain people (accounts) should not typically perform any actions.
    For example, you might have computers to which connections should not be made from certain accounts or addresses. | Monitor the target **Computer:** (or other target device) for actions performed by the **“Subject\\Account Name”** that you are concerned about.
    If you have a target **Computer:** (or other target device) to which connections should not be made from certain accounts or addresses, monitor this event for the corresponding **Client Name** or **Client Address**. | diff --git a/windows/security/threat-protection/auditing/event-5152.md b/windows/security/threat-protection/auditing/event-5152.md index e2b46de2c3..a13a14a7de 100644 --- a/windows/security/threat-protection/auditing/event-5152.md +++ b/windows/security/threat-protection/auditing/event-5152.md @@ -180,7 +180,7 @@ For 5152(F): The Windows Filtering Platform blocked a packet. - If you know that the computer should never contact or be contacted by certain network IP addresses, monitor for these addresses in “**Destination Address**.” -- If you have a “whitelist” of IP addresses that the computer or device is expected to contact or be contacted by, monitor for IP addresses in **“Destination Address”** that are not in the whitelist. +- If you have an allow list of IP addresses that the computer or device is expected to contact or be contacted by, monitor for IP addresses in **“Destination Address”** that are not in the allow list. - If you need to monitor all inbound connections to a specific local port, monitor for [5152](event-5152.md) events with that “**Source Port**.**”** diff --git a/windows/security/threat-protection/auditing/event-5156.md b/windows/security/threat-protection/auditing/event-5156.md index cdfc758875..6a97371b47 100644 --- a/windows/security/threat-protection/auditing/event-5156.md +++ b/windows/security/threat-protection/auditing/event-5156.md @@ -180,7 +180,7 @@ For 5156(S): The Windows Filtering Platform has permitted a connection. - If you know that the computer should never contact or be contacted by certain network IP addresses, monitor for these addresses in “**Destination Address**.**”** -- If you have a “whitelist” of IP addresses that the computer or device is expected to contact or be contacted by, monitor for IP addresses in “**Destination Address”** that are not in the whitelist. +- If you have an allow list of IP addresses that the computer or device is expected to contact or be contacted by, monitor for IP addresses in “**Destination Address”** that are not in the allow list. - If you need to monitor all inbound connections to a specific local port, monitor for [5156](event-5156.md) events with that “**Source Port**.**”** diff --git a/windows/security/threat-protection/auditing/event-5157.md b/windows/security/threat-protection/auditing/event-5157.md index 76a8a34a2d..f35e1cf804 100644 --- a/windows/security/threat-protection/auditing/event-5157.md +++ b/windows/security/threat-protection/auditing/event-5157.md @@ -180,7 +180,7 @@ For 5157(F): The Windows Filtering Platform has blocked a connection. - If you know that the computer should never contact or be contacted by certain network IP addresses, monitor for these addresses in “**Destination Address**.**”** -- If you have a “whitelist” of IP addresses that the computer or device is expected to contact or be contacted by, monitor for IP addresses in “**Destination Address”** that are not in the whitelist. +- If you have an allow list of IP addresses that the computer or device is expected to contact or be contacted by, monitor for IP addresses in “**Destination Address”** that are not in the allow list. - If you need to monitor all inbound connections to a specific local port, monitor for [5157](event-5157.md) events with that “**Source Port**.**”** diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md index db0d9fed09..2a7c5b7895 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md @@ -62,7 +62,7 @@ Because your protection is a cloud service, computers must have access to the in ## Validate connections between your network and the cloud -After whitelisting the URLs listed above, you can test if you are connected to the Microsoft Defender Antivirus cloud service and are correctly reporting and receiving information to ensure you are fully protected. +After allowing the URLs listed above, you can test if you are connected to the Microsoft Defender Antivirus cloud service and are correctly reporting and receiving information to ensure you are fully protected. **Use the cmdline tool to validate cloud-delivered protection:** diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md index ab87a6d7f1..7f7ce8196d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md @@ -159,7 +159,7 @@ Step 1: Create a third-party application Step 2: Get access and refresh tokens from your customer's tenant -Step 3: Whitelist your application on Microsoft Defender Security Center +Step 3: allow your application on Microsoft Defender Security Center @@ -279,11 +279,11 @@ After providing your credentials, you'll need to grant consent to the applicatio 8. In the PowerShell window, you'll receive an access token and a refresh token. Save the refresh token to configure your SIEM connector. -### Step 3: Whitelist your application on Microsoft Defender Security Center -You'll need to whitelist the application you created in Microsoft Defender Security Center. +### Step 3: Allow your application on Microsoft Defender Security Center +You'll need to allow the application you created in Microsoft Defender Security Center. -You'll need to have **Manage portal system settings** permission to whitelist the application. Otherwise, you'll need to request your customer to whitelist the application for you. +You'll need to have **Manage portal system settings** permission to allow the application. Otherwise, you'll need to request your customer to allow the application for you. 1. Go to `https://securitycenter.windows.com?tid=` (replace \ with the customer's tenant ID. diff --git a/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md index d33c9a2195..0f087e2e04 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md +++ b/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md @@ -37,7 +37,7 @@ Controlled folder access is especially useful in helping to protect your documen With Controlled folder access in place, a notification will appear on the computer where the app attempted to make changes to a protected folder. You can [customize the notification](customize-attack-surface-reduction.md#customize-the-notification) with your company details and contact information. You can also enable the rules individually to customize what techniques the feature monitors. -The protected folders include common system folders, and you can [add additional folders](customize-controlled-folders.md#protect-additional-folders). You can also [allow or whitelist apps](customize-controlled-folders.md#allow-specific-apps-to-make-changes-to-controlled-folders) to give them access to the protected folders. +The protected folders include common system folders, and you can [add additional folders](customize-controlled-folders.md#protect-additional-folders). You can also [allow apps](customize-controlled-folders.md#allow-specific-apps-to-make-changes-to-controlled-folders) to give them access to the protected folders. You can use [audit mode](audit-windows-defender.md) to evaluate how controlled folder access would impact your organization if it were enabled. You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works. diff --git a/windows/security/threat-protection/microsoft-defender-atp/customize-controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/customize-controlled-folders.md index 858060526b..7853dd9b56 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/customize-controlled-folders.md +++ b/windows/security/threat-protection/microsoft-defender-atp/customize-controlled-folders.md @@ -1,7 +1,7 @@ --- title: Add additional folders and apps to be protected -description: Add additional folders that should be protected by Controlled folder access, or whitelist apps that are incorrectly blocking changes to important files. -keywords: Controlled folder access, windows 10, windows defender, ransomware, protect, files, folders, customize, add folder, add app, whitelist, add executable +description: Add additional folders that should be protected by Controlled folder access, or allow apps that are incorrectly blocking changes to important files. +keywords: Controlled folder access, windows 10, windows defender, ransomware, protect, files, folders, customize, add folder, add app, allow, add executable search.product: eADQiWindows 10XVcnh ms.pagetype: security ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md index cf50d3ac04..d892904b96 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md @@ -207,7 +207,7 @@ You may now enroll more devices. You can also enroll them later, after you have ``` -9. To whitelist Defender and Auto Update for displaying notifications in UI on macOS 10.15 (Catalina), import the following .mobileconfig as a custom payload: +9. To allow Defender and Auto Update for displaying notifications in UI on macOS 10.15 (Catalina), import the following .mobileconfig as a custom payload: ```xml diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md index d67b31e398..05fc7da212 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md @@ -72,7 +72,7 @@ MDM uses it to deploy the settings file to **/Library/Managed Preferences/com.mi ### Kernel extension policy -Set up a KEXT or kernel extension policy. Use team identifier **UBF8T346G9** to whitelist kernel extensions provided by Microsoft. +Set up a KEXT or kernel extension policy. Use team identifier **UBF8T346G9** to allow kernel extensions provided by Microsoft. ## Check installation status diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md index b1deb73638..3613ce2eb0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md @@ -24,7 +24,7 @@ ms.topic: conceptual > > In the meantime, starting with macOS Catalina update 10.15.4, Apple introduced a user facing *Legacy System Extension* warning to signal applications that rely on kernel extensions. > -> If you have previously whitelisted the kernel extension as part of your remote deployment, that warning should not be presented to the end user. If you have not previously deployed a policy to whitelist the kernel extension, your users will be presented with the warning. To proactively silence the warning, you can still deploy a configuration to whitelist the kernel extension. Refer to the instructions in the [JAMF-based deployment](mac-install-with-jamf.md#approved-kernel-extension) and [Microsoft Intune-based deployment](mac-install-with-intune.md#create-system-configuration-profiles) topics. +> If you have previously allowed the kernel extension as part of your remote deployment, that warning should not be presented to the end user. If you have not previously deployed a policy to allow the kernel extension, your users will be presented with the warning. To proactively silence the warning, you can still deploy a configuration to allow the kernel extension. Refer to the instructions in the [JAMF-based deployment](mac-install-with-jamf.md#approved-kernel-extension) and [Microsoft Intune-based deployment](mac-install-with-intune.md#create-system-configuration-profiles) topics. ## 101.00.31 diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-automation-folder-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/manage-automation-folder-exclusions.md index 04299aa29c..a0dcdc9364 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-automation-folder-exclusions.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-automation-folder-exclusions.md @@ -1,7 +1,7 @@ --- title: Manage automation folder exclusions description: Add automation folder exclusions to control the files that are excluded from an automated investigation. -keywords: manage, automation, exclusion, whitelist, blacklist, block, clean, malicious +keywords: manage, automation, exclusion, block, clean, malicious search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md b/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md index c2f2dd8964..328f88b28d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md @@ -2,7 +2,7 @@ title: Manage indicators ms.reviewer: description: Create indicators for a file hash, IP address, URLs, or domains that define the detection, prevention, and exclusion of entities. -keywords: manage, allowed, blocked, whitelist, blacklist, block, clean, malicious, file hash, ip address, urls, domain +keywords: manage, allowed, blocked, block, clean, malicious, file hash, ip address, urls, domain search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md b/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md index fc6cb7176a..ebad60bf6b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md +++ b/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md @@ -140,12 +140,12 @@ the following discovery methods: If a Transparent proxy or WPAD has been implemented in the network topology, there is no need for special configuration settings. For more information on Microsoft Defender ATP URL exclusions in the proxy, see the -Appendix section in this document for the URLs Whitelisting or on +Appendix section in this document for the URLs allow list or on [Microsoft Docs](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection#enable-access-to-windows-defender-atp-service-urls-in-the-proxy-server). > [!NOTE] -> For a detailed list of URLs that need to be whitelisted, please see [this article](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus). +> For a detailed list of URLs that need to be allowed, please see [this article](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus). **Manual static proxy configuration:** diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-mdatp.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-mdatp.md index ea417b545a..965b186fad 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-mdatp.md +++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-mdatp.md @@ -1,7 +1,7 @@ --- title: Troubleshoot Microsoft Defender Advanced Threat Protection service issues description: Find solutions and work arounds to known issues such as server errors when trying to access the service. -keywords: troubleshoot Microsoft Defender Advanced Threat Protection, troubleshoot Windows ATP, server error, access denied, invalid credentials, no data, dashboard portal, whitelist, event viewer +keywords: troubleshoot Microsoft Defender Advanced Threat Protection, troubleshoot Windows ATP, server error, access denied, invalid credentials, no data, dashboard portal, allow, event viewer search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 @@ -28,7 +28,7 @@ Configure your browser to allow cookies. ## Elements or data missing on the portal If some UI elements or data is missing on Microsoft Defender Security Center it’s possible that proxy settings are blocking it. -Make sure that `*.securitycenter.windows.com` is included the proxy whitelist. +Make sure that `*.securitycenter.windows.com` is included the proxy allow list. > [!NOTE] diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-np.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-np.md index 12ce265639..b435c4b723 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-np.md +++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-np.md @@ -74,7 +74,7 @@ If you've tested the feature with the demo site and with audit mode, and network ## Exclude website from network protection scope -To whitelist the website that is being blocked (false positive), add its URL to the [list of trusted sites](https://blogs.msdn.microsoft.com/asiatech/2014/08/19/how-to-add-web-sites-to-trusted-sites-via-gpo-from-dc-installed-ie10-or-higher-ie-version/). Web resources from this list bypass the network protection check. +To allow the website that is being blocked (false positive), add its URL to the [list of trusted sites](https://blogs.msdn.microsoft.com/asiatech/2014/08/19/how-to-add-web-sites-to-trusted-sites-via-gpo-from-dc-installed-ie10-or-higher-ie-version/). Web resources from this list bypass the network protection check. ## Collect diagnostic data for file submissions diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md index 0628b4a46e..17903652ed 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md +++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md @@ -69,11 +69,11 @@ If the portal dashboard, and other sections show an error message such as "Data ![Image of data currently isn't available](images/atp-data-not-available.png) -You'll need to whitelist the `securitycenter.windows.com` and all sub-domains under it. For example `*.securitycenter.windows.com`. +You'll need to allow the `securitycenter.windows.com` and all sub-domains under it. For example `*.securitycenter.windows.com`. ## Portal communication issues -If you encounter issues with accessing the portal, missing data, or restricted access to portions of the portal, you'll need to verify that the following URLs are whitelisted and open for communication. +If you encounter issues with accessing the portal, missing data, or restricted access to portions of the portal, you'll need to verify that the following URLs are allowed and open for communication. - `*.blob.core.windows.net crl.microsoft.com` diff --git a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md index 6356278506..15bf8bc91c 100644 --- a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md +++ b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md @@ -60,7 +60,7 @@ Windows 10 mitigations that you can configure are listed in the following two ta | **Windows Defender SmartScreen**
    helps prevent
    malicious applications
    from being downloaded | Windows Defender SmartScreen can check the reputation of a downloaded application by using a service that Microsoft maintains. The first time a user runs an app that originates from the Internet (even if the user copied it from another PC), SmartScreen checks to see if the app lacks a reputation or is known to be malicious, and responds accordingly.

    **More information**: [Windows Defender SmartScreen](#windows-defender-smartscreen), later in this topic | | **Credential Guard**
    helps keep attackers
    from gaining access through
    Pass-the-Hash or
    Pass-the-Ticket attacks | Credential Guard uses virtualization-based security to isolate secrets, such as NTLM password hashes and Kerberos Ticket Granting Tickets, so that only privileged system software can access them.
    Credential Guard is included in Windows 10 Enterprise and Windows Server 2016.

    **More information**: [Protect derived domain credentials with Credential Guard](/windows/access-protection/credential-guard/credential-guard) | | **Enterprise certificate pinning**
    helps prevent
    man-in-the-middle attacks
    that leverage PKI | Enterprise certificate pinning enables you to protect your internal domain names from chaining to unwanted certificates or to fraudulently issued certificates. With enterprise certificate pinning, you can "pin" (associate) an X.509 certificate and its public key to its Certification Authority, either root or leaf.

    **More information**: [Enterprise Certificate Pinning](/windows/access-protection/enterprise-certificate-pinning) | -| **Device Guard**
    helps keep a device
    from running malware or
    other untrusted apps | Device Guard includes a Code Integrity policy that you create; a whitelist of trusted apps—the only apps allowed to run in your organization. Device Guard also includes a powerful system mitigation called hypervisor-protected code integrity (HVCI), which leverages virtualization-based security (VBS) to protect Windows' kernel-mode code integrity validation process. HVCI has specific hardware requirements, and works with Code Integrity policies to help stop attacks even if they gain access to the kernel.
    Device Guard is included in Windows 10 Enterprise and Windows Server 2016.

    **More information**: [Introduction to Device Guard](/windows/device-security/device-guard/introduction-to-device-guard-virtualization-based-security-and-code-integrity-policies) | +| **Device Guard**
    helps keep a device
    from running malware or
    other untrusted apps | Device Guard includes a Code Integrity policy that you create; an allowlist of trusted apps—the only apps allowed to run in your organization. Device Guard also includes a powerful system mitigation called hypervisor-protected code integrity (HVCI), which leverages virtualization-based security (VBS) to protect Windows' kernel-mode code integrity validation process. HVCI has specific hardware requirements, and works with Code Integrity policies to help stop attacks even if they gain access to the kernel.
    Device Guard is included in Windows 10 Enterprise and Windows Server 2016.

    **More information**: [Introduction to Device Guard](/windows/device-security/device-guard/introduction-to-device-guard-virtualization-based-security-and-code-integrity-policies) | | **Microsoft Defender Antivirus**,
    which helps keep devices
    free of viruses and other
    malware | Windows 10 includes Microsoft Defender Antivirus, a robust inbox antimalware solution. Microsoft Defender Antivirus has been significantly improved since it was introduced in Windows 8.

    **More information**: [Microsoft Defender Antivirus](#microsoft-defender-antivirus), later in this topic | | **Blocking of untrusted fonts**
    helps prevent fonts
    from being used in
    elevation-of-privilege attacks | Block Untrusted Fonts is a setting that allows you to prevent users from loading fonts that are "untrusted" onto your network, which can mitigate elevation-of-privilege attacks associated with the parsing of font files. However, as of Windows 10, version 1703, this mitigation is less important, because font parsing is isolated in an [AppContainer sandbox](https://docs.microsoft.com/windows/win32/secauthz/appcontainer-isolation) (for a list describing this and other kernel pool protections, see [Kernel pool protections](#kernel-pool-protections), later in this topic).

    **More information**: [Block untrusted fonts in an enterprise](/windows/threat-protection/block-untrusted-fonts-in-enterprise) | | **Memory protections**
    help prevent malware
    from using memory manipulation
    techniques such as buffer
    overruns | These mitigations, listed in [Table 2](#table-2), help to protect against memory-based attacks, where malware or other code manipulates memory to gain control of a system (for example, malware that attempts to use buffer overruns to inject malicious executable code into memory. Note:
    A subset of apps will not be able to run if some of these mitigations are set to their most restrictive settings. Testing can help you maximize protection while still allowing these apps to run.

    **More information**: [Table 2](#table-2), later in this topic | diff --git a/windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection.md b/windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection.md index 69291f7a17..da3aea58e5 100644 --- a/windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection.md +++ b/windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection.md @@ -174,7 +174,7 @@ To gain the most value out of the baseline subscription we recommend to have the - Apply a security audit policy that is a super-set of the recommended minimum audit policy. For more info, see [Appendix A – Minimum Recommended minimum Audit Policy](#bkmk-appendixa). This ensures that the security event log is generating the required events. - Apply at least an Audit-Only AppLocker policy to devices. - - If you are already whitelisting or blacklisting events by using AppLocker, then this requirement is met. + - If you are already allowing or restricting events by using AppLocker, then this requirement is met. - AppLocker events contain extremely useful information, such as file hash and digital signature information for executables and scripts. - Enable disabled event channels and set the minimum size for modern event files. diff --git a/windows/security/threat-protection/windows-defender-application-control/LOB-win32-apps-on-s.md b/windows/security/threat-protection/windows-defender-application-control/LOB-win32-apps-on-s.md index 4ead268500..a7254e397b 100644 --- a/windows/security/threat-protection/windows-defender-application-control/LOB-win32-apps-on-s.md +++ b/windows/security/threat-protection/windows-defender-application-control/LOB-win32-apps-on-s.md @@ -1,7 +1,7 @@ --- title: Allow LOB Win32 Apps on Intune-Managed S Mode Devices (Windows 10) description: Using WDAC supplemental policies, you can expand the S mode base policy on your Intune-managed devices. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md b/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md index 7591c17136..fd016ed909 100644 --- a/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md +++ b/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md @@ -1,7 +1,7 @@ --- title: Allow COM object registration in a WDAC policy (Windows 10) description: You can allow COM object registration in a Windows Defender Application Control policy. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md index 8f28ada884..c5f703e0aa 100644 --- a/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md @@ -1,7 +1,7 @@ --- title: Audit Windows Defender Application Control policies (Windows 10) description: Audits allow admins to discover apps that were missed during an initial policy scan and to identify new apps that were installed since the policy was created. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-application-control/create-code-signing-cert-for-windows-defender-application-control.md b/windows/security/threat-protection/windows-defender-application-control/create-code-signing-cert-for-windows-defender-application-control.md index e07be3cc57..a7e35f839e 100644 --- a/windows/security/threat-protection/windows-defender-application-control/create-code-signing-cert-for-windows-defender-application-control.md +++ b/windows/security/threat-protection/windows-defender-application-control/create-code-signing-cert-for-windows-defender-application-control.md @@ -1,7 +1,7 @@ --- title: Create a code signing cert for Windows Defender Application Control (Windows 10) description: Learn how to set up a publicly-issued code signing certificate, so you can sign catalog files or WDAC policies internally. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.reviewer: manager: dansimp diff --git a/windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy.md b/windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy.md index 1a27567a27..077d800cdc 100644 --- a/windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy.md +++ b/windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy.md @@ -1,7 +1,7 @@ --- title: Create a WDAC policy for fixed-workload devices using a reference computer (Windows 10) description: To create a Windows Defender Application Control (WDAC) policy for fixed-workload devices within your organization, follow this guide. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy @@ -66,7 +66,7 @@ To create a WDAC policy, copy each of the following commands into an elevated Wi > [!Note] > - > - When you specify the **-UserPEs** parameter (to include user mode executables in the scan), rule option **0 Enabled:UMCI** is automatically added to the WDAC policy. In contrast, if you do not specify **-UserPEs**, the policy will be empty of user mode executables and will only have rules for kernel mode binaries like drivers, in other words, the whitelist will not include applications. If you create such a policy and later add rule option **0 Enabled:UMCI**, all attempts to start applications will cause a response from Windows Defender Application Control. In audit mode, the response is logging an event, and in enforced mode, the response is blocking the application. + > - When you specify the **-UserPEs** parameter (to include user mode executables in the scan), rule option **0 Enabled:UMCI** is automatically added to the WDAC policy. In contrast, if you do not specify **-UserPEs**, the policy will be empty of user mode executables and will only have rules for kernel mode binaries like drivers, in other words, the allow list will not include applications. If you create such a policy and later add rule option **0 Enabled:UMCI**, all attempts to start applications will cause a response from Windows Defender Application Control. In audit mode, the response is logging an event, and in enforced mode, the response is blocking the application. > - You can add the **-MultiplePolicyFormat** parameter when creating policies which will be deployed to computers which are running Windows build 1903+. For more information about multiple policies, see [Deploy multiple Windows Defender Application Control policies](deploy-multiple-windows-defender-application-control-policies.md). > - You can add the **-Fallback** parameter to catch any applications not discovered using the primary file rule level specified by the **-Level** parameter. For more information about file rule level options, see [Windows Defender Application Control file rule levels](select-types-of-rules-to-create.md). > diff --git a/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-fully-managed-devices.md b/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-fully-managed-devices.md index 9957c0ae10..8b4a0fa4ff 100644 --- a/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-fully-managed-devices.md +++ b/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-fully-managed-devices.md @@ -1,7 +1,7 @@ --- title: Create a WDAC policy for fully-managed devices (Windows 10) description: Windows Defender Application Control restricts which applications users are allowed to run and the code that runs in the system core. -keywords: whitelisting, security, malware +keywords: security, malware ms.topic: conceptual ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 diff --git a/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md b/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md index fbee02749f..89cecfc78b 100644 --- a/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md +++ b/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md @@ -1,7 +1,7 @@ --- title: Create a WDAC policy for lightly-managed devices (Windows 10) description: Windows Defender Application Control restricts which applications users are allowed to run and the code that runs in the system core. -keywords: whitelisting, security, malware +keywords: security, malware ms.topic: conceptual ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-catalog-files-to-support-windows-defender-application-control.md b/windows/security/threat-protection/windows-defender-application-control/deploy-catalog-files-to-support-windows-defender-application-control.md index 1ea8df15e9..3abf426167 100644 --- a/windows/security/threat-protection/windows-defender-application-control/deploy-catalog-files-to-support-windows-defender-application-control.md +++ b/windows/security/threat-protection/windows-defender-application-control/deploy-catalog-files-to-support-windows-defender-application-control.md @@ -1,7 +1,7 @@ --- title: Deploy catalog files to support Windows Defender Application Control (Windows 10) description: Catalog files simplify running unsigned applications in the presence of a Windows Defender Application Control (WDAC) policy. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md index 0fc1b53db9..f4ee690c02 100644 --- a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md @@ -1,7 +1,7 @@ --- title: Use multiple Windows Defender Application Control Policies (Windows 10) description: Windows Defender Application Control supports multiple code integrity policies for one device. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-group-policy.md b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-group-policy.md index 1700437f22..9151364753 100644 --- a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-group-policy.md +++ b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-group-policy.md @@ -1,7 +1,7 @@ --- title: Deploy WDAC policies via Group Policy (Windows 10) description: Windows Defender Application Control (WDAC) policies can easily be deployed and managed with Group Policy. Learn how by following this step-by-step guide. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md index 2ec54bcba7..651222522b 100644 --- a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md +++ b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md @@ -1,7 +1,7 @@ --- title: Deploy Windows Defender Application Control (WDAC) policies by using Microsoft Intune (Windows 10) description: You can use Microsoft Intune to configure Windows Defender Application Control (WDAC). Learn how with this step-by-step guide. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-application-control/disable-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/disable-windows-defender-application-control-policies.md index 31261f15de..b1e6b39844 100644 --- a/windows/security/threat-protection/windows-defender-application-control/disable-windows-defender-application-control-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/disable-windows-defender-application-control-policies.md @@ -1,7 +1,7 @@ --- title: Disable Windows Defender Application Control policies (Windows 10) description: This topic covers how to disable unsigned or signed WDAC policies. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-application-control/enforce-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/enforce-windows-defender-application-control-policies.md index ea8808ca7f..9d9abf86c3 100644 --- a/windows/security/threat-protection/windows-defender-application-control/enforce-windows-defender-application-control-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/enforce-windows-defender-application-control-policies.md @@ -1,7 +1,7 @@ --- title: Enforce Windows Defender Application Control (WDAC) policies (Windows 10) description: Learn how to test a Windows Defender Application Control (WDAC) policy in enforced mode by following these steps in an elevated Windows PowerShell session. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-application-control/event-id-explanations.md b/windows/security/threat-protection/windows-defender-application-control/event-id-explanations.md index 182c28dedc..965a842f19 100644 --- a/windows/security/threat-protection/windows-defender-application-control/event-id-explanations.md +++ b/windows/security/threat-protection/windows-defender-application-control/event-id-explanations.md @@ -1,7 +1,7 @@ --- title: Understanding Application Control events (Windows 10) description: Learn what different Windows Defender Application Control events signify. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-application-control/example-wdac-base-policies.md b/windows/security/threat-protection/windows-defender-application-control/example-wdac-base-policies.md index 6a84a32f71..293ed79adc 100644 --- a/windows/security/threat-protection/windows-defender-application-control/example-wdac-base-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/example-wdac-base-policies.md @@ -1,7 +1,7 @@ --- title: Example WDAC base policies (Windows 10) description: When creating a WDAC policy for an organization, start from one of the many available example base policies. -keywords: whitelisting, security, malware +keywords: security, malware ms.topic: article ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 diff --git a/windows/security/threat-protection/windows-defender-application-control/feature-availability.md b/windows/security/threat-protection/windows-defender-application-control/feature-availability.md index d7bdf7e3c3..638d0f40cd 100644 --- a/windows/security/threat-protection/windows-defender-application-control/feature-availability.md +++ b/windows/security/threat-protection/windows-defender-application-control/feature-availability.md @@ -1,7 +1,7 @@ --- title: Feature Availability description: Compare WDAC and AppLocker feature availability. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md b/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md index ebb66d445a..0c2cbcf366 100644 --- a/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md +++ b/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md @@ -1,7 +1,7 @@ --- title: Manage packaged apps with WDAC (Windows 10) description: Packaged apps, also known as Universal Windows apps, allow you to control the entire app by using a single Windows Defender Application Control (WDAC) rule. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies.md index 6054e9f6bd..8437b48c3c 100644 --- a/windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies.md @@ -1,7 +1,7 @@ --- title: Merge Windows Defender Application Control policies (Windows 10) description: Because each computer running Windows 10 can have only one WDAC policy, you will occasionally need to merge two or more policies. Learn how with this guide. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md index 8e442a2a0f..443397ada3 100644 --- a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md @@ -1,7 +1,7 @@ --- title: Microsoft recommended block rules (Windows 10) description: View a list of recommended block rules, based on knowledge shared between Microsoft and the wider security community. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy @@ -26,7 +26,7 @@ ms.date: 04/09/2019 Members of the security community\* continuously collaborate with Microsoft to help protect customers. With the help of their valuable reports, Microsoft has identified a list of valid applications that an attacker could also potentially use to bypass Windows Defender Application Control. -Unless your use scenarios explicitly require them, Microsoft recommends that you block the following applications. These applications or files can be used by an attacker to circumvent application whitelisting policies, including Windows Defender Application Control: +Unless your use scenarios explicitly require them, Microsoft recommends that you block the following applications. These applications or files can be used by an attacker to circumvent application allow policies, including Windows Defender Application Control: - addinprocess.exe - addinprocess32.exe @@ -53,7 +53,7 @@ Unless your use scenarios explicitly require them, Microsoft recommends that you [1]A vulnerability in bginfo.exe has been fixed in the latest version 4.22. If you use BGInfo, for security, make sure to download and run the latest version here [BGInfo 4.22](https://docs.microsoft.com/sysinternals/downloads/bginfo). Note that BGInfo versions earlier than 4.22 are still vulnerable and should be blocked. -[2]If you are using your reference system in a development context and use msbuild.exe to build managed applications, we recommend that you whitelist msbuild.exe in your code integrity policies. However, if your reference system is an end user device that is not being used in a development context, we recommend that you block msbuild.exe. +[2]If you are using your reference system in a development context and use msbuild.exe to build managed applications, we recommend that you allow msbuild.exe in your code integrity policies. However, if your reference system is an end user device that is not being used in a development context, we recommend that you block msbuild.exe. *Microsoft recognizes the efforts of those in the security community who help us protect customers through responsible vulnerability disclosure, and extends thanks to the following people: diff --git a/windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management.md b/windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management.md index cccca7a73e..9c6d253b10 100644 --- a/windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management.md +++ b/windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management.md @@ -1,7 +1,7 @@ --- title: Plan for WDAC policy management (Windows 10) description: How to plan for Windows Defender Application Control (WDAC) policy management. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting.md b/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting.md index 74f69040e8..3b0e313266 100644 --- a/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting.md +++ b/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting.md @@ -1,7 +1,7 @@ --- title: Query Application Control events with Advanced Hunting (Windows 10) description: Learn how to query Windows Defender Application Control events across your entire organization by using Advanced Hunting. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md index 5b823d7eeb..e14032719c 100644 --- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md +++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md @@ -1,7 +1,7 @@ --- title: Understand WDAC policy rules and file rules (Windows 10) description: Windows Defender Application Control (WDAC) provides control over a computer running Windows 10 by using policies that specify whether a driver or application is trusted and can be run. A policy includes *policy rules* that control options. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md b/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md index db8225d362..601d01340e 100644 --- a/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md +++ b/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md @@ -1,7 +1,7 @@ --- title: Policy creation for common WDAC usage scenarios (Windows 10) description: Develop a plan for deploying Windows Defender Application Control (WDAC) in your organization based on these common scenarios. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md b/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md index 54d8ea8492..266e60b744 100644 --- a/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md +++ b/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md @@ -1,7 +1,7 @@ --- title: Understand Windows Defender Application Control policy design decisions (Windows 10) description: Understand Windows Defender Application Control policy design decisions. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.reviewer: manager: dansimp diff --git a/windows/security/threat-protection/windows-defender-application-control/use-code-signing-to-simplify-application-control-for-classic-windows-applications.md b/windows/security/threat-protection/windows-defender-application-control/use-code-signing-to-simplify-application-control-for-classic-windows-applications.md index da33a878fe..555168716a 100644 --- a/windows/security/threat-protection/windows-defender-application-control/use-code-signing-to-simplify-application-control-for-classic-windows-applications.md +++ b/windows/security/threat-protection/windows-defender-application-control/use-code-signing-to-simplify-application-control-for-classic-windows-applications.md @@ -1,7 +1,7 @@ --- title: Use code signing to simplify application control for classic Windows applications (Windows 10) description: With embedded signing, your WDAC policies typically do not have to be updated when an app is updated. To set this up, you can choose from a variety of methods. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.reviewer: manager: dansimp diff --git a/windows/security/threat-protection/windows-defender-application-control/use-device-guard-signing-portal-in-microsoft-store-for-business.md b/windows/security/threat-protection/windows-defender-application-control/use-device-guard-signing-portal-in-microsoft-store-for-business.md index 5e852821b5..d050e42b00 100644 --- a/windows/security/threat-protection/windows-defender-application-control/use-device-guard-signing-portal-in-microsoft-store-for-business.md +++ b/windows/security/threat-protection/windows-defender-application-control/use-device-guard-signing-portal-in-microsoft-store-for-business.md @@ -1,7 +1,7 @@ --- title: Use the Device Guard Signing Portal in the Microsoft Store for Business (Windows 10) description: You can sign code integrity policies with the Device Guard signing portal to prevent them from being tampered with after they're deployed. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.reviewer: manager: dansimp diff --git a/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering.md b/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering.md index 7386316a87..5bbcb531fa 100644 --- a/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering.md +++ b/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering.md @@ -1,7 +1,7 @@ --- title: Use signed policies to protect Windows Defender Application Control against tampering (Windows 10) description: Signed WDAC policies give organizations the highest level of malware protection available in Windows 10. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.reviewer: manager: dansimp diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md index 8dfefbb2b5..43cc718d71 100644 --- a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md +++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md @@ -1,7 +1,7 @@ --- title: Use a Windows Defender Application Control policy to control specific plug-ins, add-ins, and modules (Windows 10) description: WDAC policies can be used not only to control applications, but also to control whether specific plug-ins, add-ins, and modules can run from specific apps. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.reviewer: manager: dansimp diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md index 90585fe7cb..5490ef7a77 100644 --- a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md +++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md @@ -1,7 +1,7 @@ --- title: Windows Defender Application Control and .NET Hardening (Windows 10) description: Dynamic Code Security is an application control feature that can verify code loaded by .NET at runtime. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md index 09a7320fa3..7705229827 100644 --- a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md +++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md @@ -1,7 +1,7 @@ --- title: Authorize reputable apps with the Intelligent Security Graph (ISG) (Windows 10) description: Automatically authorize applications that Microsoft’s ISG recognizes as having known good reputation. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-managed-installer.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-managed-installer.md index 675381d926..8ad3ce6f98 100644 --- a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-managed-installer.md +++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-managed-installer.md @@ -1,7 +1,7 @@ --- title: Authorize apps deployed with a WDAC managed installer (Windows 10) description: Explains how you can use a managed installer to automatically authorize applications deployed and installed by a designated software distribution solution, such as Microsoft Endpoint Configuration Manager. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy @@ -56,7 +56,7 @@ The identity of the managed installer executable(s) is specified in an AppLocker Currently, neither the AppLocker policy creation UI in GPO Editor nor the PowerShell cmdlets allow for directly specifying rules for the Managed Installer rule collection. However, a text editor can be used to make the simple changes needed to an EXE or DLL rule collection policy to specify Type="ManagedInstaller", so that the new rule can be imported into a GPO. An example of a valid Managed Installer rule collection is shown below. -For more information about creating an AppLocker policy that includes a managed installer and configuring client devices, see [Simplify application whitelisting with Configuration Manager and Windows 10](https://cloudblogs.microsoft.com/enterprisemobility/2016/06/20/configmgr-as-a-managed-installer-with-win10/). +For more information about creating an AppLocker policy that includes a managed installer and configuring client devices, see [Simplify application listing with Configuration Manager and Windows 10](https://cloudblogs.microsoft.com/enterprisemobility/2016/06/20/configmgr-as-a-managed-installer-with-win10/). As mentioned above, the AppLocker CSP for OMA-URI policies does not currently support the Managed Installer rule collection or the Service Enforcement rule extensions mentioned below. diff --git a/windows/security/threat-protection/windows-defender-application-control/wdac-and-applocker-overview.md b/windows/security/threat-protection/windows-defender-application-control/wdac-and-applocker-overview.md index 7a955f8700..73deb5fff0 100644 --- a/windows/security/threat-protection/windows-defender-application-control/wdac-and-applocker-overview.md +++ b/windows/security/threat-protection/windows-defender-application-control/wdac-and-applocker-overview.md @@ -1,7 +1,7 @@ --- title: WDAC and AppLocker Overview description: Compare Windows application control technologies. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide.md index 9e0b0651d1..0484518b2a 100644 --- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide.md +++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide.md @@ -1,7 +1,7 @@ --- title: Planning and getting started on the Windows Defender Application Control deployment process (Windows 10) description: Learn how to gather information, create a plan, and begin to test initial code integrity policies for a Windows Defender Application Control deployment. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy @@ -46,7 +46,7 @@ This topic provides a roadmap for planning and getting started on the Windows De Legitimate applications from trusted vendors provide valid functionality. However, an attacker could also potentially use that same functionality to run malicious executable code that could bypass WDAC. - For operational scenarios that require elevated security, certain applications with known Code Integrity bypasses may represent a security risk if you whitelist them in your WDAC policies. Other applications, where older versions of the application had vulnerabilities, also represent a risk. Therefore, you may want to deny or block such applications from your WDAC policies. For applications with vulnerabilities, once the vulnerabilities are fixed you can create a rule that only allows the fixed or newer versions of that application. The decision to allow or block applications depends on the context and on how the reference system is being used. + For operational scenarios that require elevated security, certain applications with known Code Integrity bypasses may represent a security risk if you allow them in your WDAC policies. Other applications, where older versions of the application had vulnerabilities, also represent a risk. Therefore, you may want to deny or block such applications from your WDAC policies. For applications with vulnerabilities, once the vulnerabilities are fixed you can create a rule that only allows the fixed or newer versions of that application. The decision to allow or block applications depends on the context and on how the reference system is being used. Security professionals collaborate with Microsoft continuously to help protect customers. With the help of their valuable reports, Microsoft has identified a list of known applications that an attacker could potentially use to bypass Windows Defender Application Control. Depending on the context, you may want to block these applications. To view this list of applications and for use case examples, such as disabling msbuild.exe, see [Microsoft recommended block rules](microsoft-recommended-block-rules.md). diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md index 66a776eaf6..1d18afd93e 100644 --- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md +++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md @@ -1,7 +1,7 @@ --- title: Windows Defender Application Control design guide (Windows 10) description: Microsoft Windows Defender Application Control allows organizations to control what apps and drivers will run on their managed Windows 10 devices. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-operational-guide.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-operational-guide.md index d3e82010c2..9ee20747b7 100644 --- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-operational-guide.md +++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-operational-guide.md @@ -1,7 +1,7 @@ --- title: Managing and troubleshooting Windows Defender Application Control policies (Windows 10) description: Gather information about how your deployed Windows Defender Application Control policies are behaving. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control.md index 7f723913e2..e6c525c383 100644 --- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control.md +++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control.md @@ -1,7 +1,7 @@ --- title: Application Control for Windows description: Application Control restricts which applications users are allowed to run and the code that runs in the system core. -keywords: whitelisting, security, malware +keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md b/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md index 9c4ca00884..e389280262 100644 --- a/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md +++ b/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md @@ -37,7 +37,7 @@ This hardware-based root of trust comes from the device’s Secure Boot feature, This technique of measuring the static early boot UEFI components is called the Static Root of Trust for Measurement (SRTM). As there are thousands of PC vendors that produce numerous models with different UEFI BIOS versions, there becomes an incredibly large number of SRTM measurements upon bootup. -Two techniques exist to establish trust here—either maintain a list of known 'bad' SRTM measurements (also known as a blacklist), or a list of known 'good' SRTM measurements (also known as a whitelist). +Two techniques exist to establish trust here—either maintain a list of known 'bad' SRTM measurements (also known as a block list), or a list of known 'good' SRTM measurements (also known as an allow list). Each option has a drawback: - A list of known 'bad' SRTM measurements allows a hacker to change just 1 bit in a component to create an entirely new SRTM hash that needs to be listed. This means that the SRTM flow is inherently brittle - a minor change can invalidate the entire chain of trust. diff --git a/windows/security/threat-protection/windows-defender-system-guard/system-guard-how-hardware-based-root-of-trust-helps-protect-windows.md b/windows/security/threat-protection/windows-defender-system-guard/system-guard-how-hardware-based-root-of-trust-helps-protect-windows.md index a17ad45ab9..33b2c4f62e 100644 --- a/windows/security/threat-protection/windows-defender-system-guard/system-guard-how-hardware-based-root-of-trust-helps-protect-windows.md +++ b/windows/security/threat-protection/windows-defender-system-guard/system-guard-how-hardware-based-root-of-trust-helps-protect-windows.md @@ -38,7 +38,7 @@ This hardware-based root of trust comes from the device’s Secure Boot feature, This technique of measuring the static early boot UEFI components is called the Static Root of Trust for Measurement (SRTM). As there are thousands of PC vendors that produce numerous models with different UEFI BIOS versions, there becomes an incredibly large number of SRTM measurements upon bootup. -Two techniques exist to establish trust here—either maintain a list of known 'bad' SRTM measurements (also known as a blacklist), or a list of known 'good' SRTM measurements (also known as a whitelist). +Two techniques exist to establish trust here—either maintain a list of known 'bad' SRTM measurements (also known as a block list), or a list of known 'good' SRTM measurements (also known as an allow list). Each option has a drawback: - A list of known 'bad' SRTM measurements allows a hacker to change just 1 bit in a component to create an entirely new SRTM hash that needs to be listed. This means that the SRTM flow is inherently brittle - a minor change can invalidate the entire chain of trust. From 23e4d58f6fcb78988a4fda1068b74e3017daf1ea Mon Sep 17 00:00:00 2001 From: Tina Burden Date: Mon, 15 Jun 2020 08:58:13 -0700 Subject: [PATCH 54/73] pencil edits --- devices/surface/manage-surface-driver-and-firmware-updates.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/devices/surface/manage-surface-driver-and-firmware-updates.md b/devices/surface/manage-surface-driver-and-firmware-updates.md index 2bbe968461..39fccb3ec4 100644 --- a/devices/surface/manage-surface-driver-and-firmware-updates.md +++ b/devices/surface/manage-surface-driver-and-firmware-updates.md @@ -142,8 +142,8 @@ This file name provides the following information: ## Learn more - [Download drivers and firmware for Surface](https://support.microsoft.com/help/4023482/surface-download-drivers-and-firmware) -- [How to manage Surface driver updates in Configuration Manager.](https://support.microsoft.com/help/4098906/manage-surface-driver-updates-in-configuration-manager) -- [Deploy applications with Configuration Manager](https://docs.microsoft.com/configmgr/apps/deploy-use/deploy-applications). +- [How to manage Surface driver updates in Configuration Manager](https://support.microsoft.com/help/4098906/manage-surface-driver-updates-in-configuration-manager) +- [Deploy applications with Configuration Manager](https://docs.microsoft.com/configmgr/apps/deploy-use/deploy-applications) - [Endpoint Configuration Manager documentation](https://docs.microsoft.com/configmgr/) - [Microsoft Deployment Toolkit documentation](https://docs.microsoft.com/configmgr/mdt/) - [Deploy Windows 10 with the Microsoft Deployment Toolkit](https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit) From 29be7a044fae08bc374d1d7627df4de70320476d Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Mon, 15 Jun 2020 09:35:57 -0700 Subject: [PATCH 55/73] fixing brkn link --- windows/client-management/mdm/applocker-csp.md | 1 - .../mdm/new-in-windows-mdm-enrollment-management.md | 5 ++--- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/windows/client-management/mdm/applocker-csp.md b/windows/client-management/mdm/applocker-csp.md index ea7d1567cb..973ba78922 100644 --- a/windows/client-management/mdm/applocker-csp.md +++ b/windows/client-management/mdm/applocker-csp.md @@ -40,7 +40,6 @@ Defines restrictions for applications. Additional information: - [Find publisher and product name of apps](#productname) - step-by-step guide for getting the publisher and product names for various Windows apps. -- [Whitelist example](#whitelist-examples) - example for Windows 10 Mobile that denies all apps except the ones listed. **AppLocker/ApplicationLaunchRestrictions/_Grouping_** Grouping nodes are dynamic nodes, and there may be any number of them for a given enrollment (or a given context). The actual identifiers are selected by the management endpoint, whose job it is to determine what their purpose is, and to not conflict with other identifiers that they define. diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md index c2b889cfe1..aa8a5bcf89 100644 --- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md +++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md @@ -44,8 +44,7 @@ For details about Microsoft mobile device management protocols for Windows 10 s - [Server-initiated unenrollment failure](#server-initiated-unenrollment-failure) - [Certificates causing issues with Wi-Fi and VPN](#certificates-causing-issues-with-wi-fi-and-vpn) - [Version information for mobile devices](#version-information-for-mobile-devices) - - [Upgrading Windows Phone 8.1 devices with app allow list using ApplicationRestriction policy has issues](#upgrading-windows-phone-81-devices-with-app-whitelisting-using-applicationrestriction-policy-has-issues) - - [Apps dependent on Microsoft Frameworks may get blocked in phones prior to build 10586.218](#apps-dependent-on-microsoft-frameworks-may-get-blocked-in-phones-prior-to-build-10586218) + - [Apps dependent on Microsoft Frameworks may get blocked in phones prior to build 10586.218](#apps-dependent-on-microsoft-frameworks-may-get-blocked-in-phones-prior-to-build-10586218) - [Multiple certificates might cause Wi-Fi connection instabilities in Windows 10 Mobile](#multiple-certificates-might-cause-wi-fi-connection-instabilities-in-windows-10-mobile) - [Remote PIN reset not supported in Azure Active Directory joined mobile devices](#remote-pin-reset-not-supported-in-azure-active-directory-joined-mobile-devices) - [MDM client will immediately check-in with the MDM server after client renews WNS channel URI](#mdm-client-will-immediately-check-in-with-the-mdm-server-after-client-renews-wns-channel-uri) @@ -2946,7 +2945,7 @@ How do I turn if off? | The service can be stopped from the "Services" console o
    AppLocker CSP

    Added two new SyncML examples (to disable the calendar app and to block usage of the map app) in Allow list examples.

    +

    Added two new SyncML examples (to disable the calendar app and to block usage of the map app) in Allow list examples.

    DeviceManageability CSP
    AppLocker CSP

    Added two new SyncML examples (to disable the calendar app and to block usage of the map app) in Allow list examples.

    +

    Added two new SyncML examples (to disable the calendar app and to block usage of the map app) in Allow list examples.

    DeviceManageability CSP