diff --git a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml index 9856117a73..bcbaa365e9 100644 --- a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: " + @@ -50,6 +51,15 @@ sections:
" +- title: January 2020 +- items: + - type: markdown + text: " +
SummaryOriginating updateStatusDate resolved
Custom wallpaper displays as black
Using a custom image set to \"Stretch\" might not display as expected.

See details >		January 14, 2020
KB4534310		Resolved
KB4539601		February 07, 2020
10:00 AM PT
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.

See details >
Resolved
January 23, 2020
02:08 PM PT
Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and results print job failure.

See details >		September 24, 2019
KB4516048		Resolved
KB4519976		October 08, 2019
10:00 AM PT
You may receive an error when opening or using the Toshiba Qosmio AV Center
Toshiba Qosmio AV Center may error when opening and you may also receive an error in Event Log related to cryptnet.dll.

See details >		August 13, 2019
KB4512506		Resolved
KB4516048		September 24, 2019
10:00 AM PT
+ +
DetailsOriginating updateStatusHistory
Custom wallpaper displays as black
After installing KB4534310, your desktop wallpaper when set to \"Stretch\" might display as black.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1
Resolution: This issue was resolved in KB4539601, if you are using Monthly Rollups. If you are using Security Only updates, see KB4539602. These updates are available for all customers running Windows 7 SP1 and Windows Server 2008 R2 SP1.

Back to top		January 14, 2020
KB4534310		Resolved
KB4539601		Resolved:
February 07, 2020
10:00 AM PT

Opened:
January 24, 2020
09:15 AM PT
+ " + - title: November 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml index 10ac2c6e75..b801c81883 100644 --- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml @@ -60,7 +60,7 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- + @@ -79,7 +79,7 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusLast updated
Custom wallpaper displays as black
Using a custom image set to \"Stretch\" might not display as expected.

See details >		January 14, 2020
KB4534310		Mitigated
KB4539601		January 27, 2020
12:27 PM PT
Custom wallpaper displays as black
Using a custom image set to \"Stretch\" might not display as expected.

See details >		January 14, 2020
KB4534310		Resolved
KB4539601		February 07, 2020
10:00 AM PT
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.

See details >
Resolved
January 23, 2020
02:08 PM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		October 08, 2019
KB4519976		Mitigated External
November 05, 2019
03:36 PM PT
IA64 and x64 devices may fail to start after installing updates
After installing updates released on or after August 13, 2019, IA64 and x64 devices using EFI Boot may fail to start.

See details >		August 13, 2019
KB4512506		Mitigated
August 17, 2019
12:59 PM PT
- +
DetailsOriginating updateStatusHistory
Custom wallpaper displays as black
After installing KB4534310, your desktop wallpaper when set to \"Stretch\" might display as black.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1
Workaround: To mitigate the issue, you can do one of the following:
  • Set your custom image to an option other than \"Stretch\", such as “Fill”, “Fit”, “Tile”, or “Center”, or
  • Choose a custom wallpaper that matches the resolution of your desktop.
Next steps: We are working on a resolution and estimate a solution will be available mid-February, which will be released to all customers running Windows 7 and Windows Server 2008 R2 SP1.

Back to top		January 14, 2020
KB4534310		Mitigated
KB4539601		Last updated:
January 27, 2020
12:27 PM PT

Opened:
January 24, 2020
09:15 AM PT
Custom wallpaper displays as black
After installing KB4534310, your desktop wallpaper when set to \"Stretch\" might display as black.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1
Resolution: This issue was resolved in KB4539601, if you are using Monthly Rollups. If you are using Security Only updates, see KB4539602. These updates are available for all customers running Windows 7 SP1 and Windows Server 2008 R2 SP1.

Back to top		January 14, 2020
KB4534310		Resolved
KB4539601		Resolved:
February 07, 2020
10:00 AM PT

Opened:
January 24, 2020
09:15 AM PT
" diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml index e5ecf14f9e..1b87554500 100644 --- a/windows/release-information/windows-message-center.yml +++ b/windows/release-information/windows-message-center.yml @@ -85,13 +85,6 @@ sections: Advisory: Bluetooth encryption key size vulnerability disclosed (CVE-2019-9506)
On August 13, 2019, Microsoft released security updates to address a Bluetooth key length encryption vulnerability. To exploit this vulnerability, an attacker would need specialized hardware and would be limited by the signal range of the Bluetooth devices in use. For more information about this industry-wide issue, see CVE-2019-9506 | Bluetooth Encryption Key Size Vulnerability in the Microsoft Security Update Guide and important guidance for IT pros in KB4514157. (Note: we are documenting this vulnerability together with guidance for IT admins as part of a coordinated industry disclosure effort.)
August 13, 2019
10:00 AM PT Advisory: Windows Advanced Local Procedure Call Elevation of Privilege vulnerability disclosed (CVE-2019-1162)
On August 13, 2019, Google Project Zero (GPZ) disclosed an Elevation of Privilege (EoP) vulnerability in how Windows handles calls to Advanced Local Procedure Call (ALPC) that affects Windows operating systems, versions 8.1 and higher. An attacker must already have code execution on the target system to leverage these vulnerabilities. Microsoft released security updates on August 13, 2019 that partially address this issue. Other items disclosed by GPZ require more time to address and we are working to release a resolution in mid-September. For more information, see CVE-2019-1162 | Windows ALPC Elevation of Privilege Vulnerability
August 13, 2019
10:00 AM PT Take action: Windows 10, version 1803 (the April 2018 Update) reaches end of service on November 12, 2019
Windows 10, version 1803 (the April 2018 Update) will reach end of service on November 12, 2019 for Home and Pro editions. We will begin updating devices running Windows 10, version 1803 to Windows 10, version 1903 (the May 2019 Update) starting July 16, 2019 to help ensure that these devices remain in a serviced and secure state. For more information, see the Windows 10, version 1903 section of the Windows release health dashboard.
August 13, 2019
10:00 AM PT - Advisory: Windows Kernel Information Disclosure Vulnerability (CVE-2019-1125)
On July 9, 2019, Microsoft released a security update for a Windows kernel information disclosure vulnerability (CVE-2019-1125). Customers who have Windows Update enabled and have applied the security updates released on July 9, 2019 are protected automatically; no further configuration is necessary. For more information, see CVE-2019-1125 | Windows Kernel Information Disclosure Vulnerability in the Microsoft Security Update Guide. (Note: we are documenting this mitigation publicly today, instead of back in July, as part of a coordinated industry disclosure effort.)
August 06, 2019
10:00 AM PT - Resolved August 1, 2019 16:00 PT: Microsoft Store users may encounter blank screens when clicking on certain buttons
Some customers running the version of the Microsoft Store app released on July 29, 2019 encountered a blank screen when selecting “Switch out of S mode,” “Get Genuine,” or some “Upgrade to [version]” OS upgrade options. This issue has now been resolved and a new version of the Microsoft Store app has been released. Users who encountered this issue will need to update the Microsoft Store app on their device. If you are still encountering an issue, please see Fix problems with apps from Microsoft Store.
August 01, 2019
02:00 PM PT - Status update: Windows 10, version 1903 “D” release now available
The optional monthly “D” release for Windows 10, version 1903 is now available. Follow @WindowsUpdate for the latest on the availability of this release.
July 26, 2019
02:00 PM PT - Plan for change: Microsoft Silverlight will reach end of support on October 12, 2021
After this date, Silverlight will not receive any future quality or security updates. Microsoft will continue to ship updates to the Silverlight 5 Developer Runtime for supported browsers and versions (Internet Explorer 10 and Internet Explorer 11); however, please note that support for Internet Explorer 10 will end on 31 January 2020. See the Silverlight end of support FAQ for more details.
July 19, 2019
12:00 AM PT - Evolving Windows 10 servicing and quality
Find out how we plan to further optimize the delivery of the next Windows 10 feature update for devices running Windows 10, version 1903. If you're a commercial customer, please see the Windows IT Pro Blog for more details on how to plan for this new update option in your environment.
July 01, 2019
02:00 PM PT - Windows 10, version 1903 starting to roll out to devices running Windows 10, version 1803 and earlier
We are now beginning to build and train the machine learning (ML) based rollout process to update devices running Windows 10, version 1803 (the April 2018 Update) and earlier versions of Windows 10, to ensure we can continue to service these devices and provide the latest updates, security updates, and improvements.
June 18, 2019
02:00 PM PT - Windows 10, version 1903 available by selecting “Check for updates”
Windows 10, version 1903 is now available for any user who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.
June 06, 2019
06:00 PM PT Windows 10, version 1903 rollout begins
The Windows 10 May 2019 Update (Windows 10, version 1903) is available today to commercial customers via Windows Server Update Services (WSUS), Windows Update for Business, and the Volume Licensing Service Center (VLSC)—and to end users who manually select “Check for updates.” We are slowly throttling up availability while we carefully monitor data and feedback.May 21, 2019
10:00 AM PT " diff --git a/windows/security/identity-protection/access-control/service-accounts.md b/windows/security/identity-protection/access-control/service-accounts.md index bc52668527..7a95b60584 100644 --- a/windows/security/identity-protection/access-control/service-accounts.md +++ b/windows/security/identity-protection/access-control/service-accounts.md @@ -114,5 +114,5 @@ The following table provides links to additional resources that are related to s | Content type | References | |---------------|-------------| | **Product evaluation** | [What's New for Managed Service Accounts](https://technet.microsoft.com/library/hh831451(v=ws.11).aspx)
[Getting Started with Group Managed Service Accounts](https://technet.microsoft.com/library/jj128431(v=ws.11).aspx) | -| **Deployment** | [Windows Server 2012: Group Managed Service Accounts - Ask Premier Field Engineering (PFE) Platforms - Site Home - TechNet Blogs](http://blogs.technet.com/b/askpfeplat/archive/2012/12/17/windows-server-2012-group-managed-service-accounts.aspx) | +| **Deployment** | [Windows Server 2012: Group Managed Service Accounts - Ask Premier Field Engineering (PFE) Platforms - Site Home - TechNet Blogs](https://blogs.technet.com/b/askpfeplat/archive/2012/12/17/windows-server-2012-group-managed-service-accounts.aspx) | | **Related technologies** | [Security Principals](security-principals.md)
[What's new in Active Directory Domain Services](https://technet.microsoft.com/library/mt163897.aspx) | diff --git a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-use-virtual-smart-cards.md b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-use-virtual-smart-cards.md index db7f20bb3e..0737f18fec 100644 --- a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-use-virtual-smart-cards.md +++ b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-use-virtual-smart-cards.md @@ -48,7 +48,7 @@ Virtual smart cards can also be created and deleted by using APIs. For more info - [ITPMVirtualSmartCardManagerStatusCallBack](https://msdn.microsoft.com/library/windows/desktop/hh707161(v=vs.85).aspx) -You can use APIs that were introduced in the Windows.Device.SmartCards namespace in Windows Server 2012 R2 and Windows 8.1 to build Microsoft Store apps to manage the full lifecycle of virtual smart cards. For information about how to build an app to do this, see [Strong Authentication: Building Apps That Leverage Virtual Smart Cards in Enterprise, BYOD, and Consumer Environments | Build 2013 | Channel 9](http://channel9.msdn.com/events/build/2013/2-041). +You can use APIs that were introduced in the Windows.Device.SmartCards namespace in Windows Server 2012 R2 and Windows 8.1 to build Microsoft Store apps to manage the full lifecycle of virtual smart cards. For information about how to build an app to do this, see [Strong Authentication: Building Apps That Leverage Virtual Smart Cards in Enterprise, BYOD, and Consumer Environments | Build 2013 | Channel 9](https://channel9.msdn.com/events/build/2013/2-041). The following table describes the features that can be developed in a Microsoft Store app: diff --git a/windows/security/threat-protection/auditing/event-4624.md b/windows/security/threat-protection/auditing/event-4624.md index 1eaf9e6b79..d9b5265f75 100644 --- a/windows/security/threat-protection/auditing/event-4624.md +++ b/windows/security/threat-protection/auditing/event-4624.md @@ -158,7 +158,7 @@ This event generates when a logon session is created (on destination machine). I - **Restricted Admin Mode** \[Version 2\] \[Type = UnicodeString\]**:** Only populated for **RemoteInteractive** logon type sessions. This is a Yes/No flag indicating if the credentials provided were passed using Restricted Admin mode. Restricted Admin mode was added in Win8.1/2012R2 but this flag was added to the event in Win10. - Reference: . + Reference: . If not a **RemoteInteractive** logon, then this will be "-" string. diff --git a/windows/security/threat-protection/auditing/event-4793.md b/windows/security/threat-protection/auditing/event-4793.md index 50099438ee..f2bdc2b09f 100644 --- a/windows/security/threat-protection/auditing/event-4793.md +++ b/windows/security/threat-protection/auditing/event-4793.md @@ -30,7 +30,7 @@ This event generates each time the [Password Policy Checking API](https://msdn.m The Password Policy Checking API allows an application to check password compliance against an application-provided account database or single account and verify that passwords meet the complexity, aging, minimum length, and history reuse requirements of a password policy. -This event, for example, generates during Directory Services Restore Mode ([DSRM](http://blogs.technet.com/b/askds/archive/2009/03/11/ds-restore-mode-password-maintenance.aspx)) account password reset procedure to check new DSRM password. +This event, for example, generates during Directory Services Restore Mode ([DSRM](https://blogs.technet.com/b/askds/archive/2009/03/11/ds-restore-mode-password-maintenance.aspx)) account password reset procedure to check new DSRM password. This event generates on the computer where Password Policy Checking API was called. diff --git a/windows/security/threat-protection/auditing/event-4908.md b/windows/security/threat-protection/auditing/event-4908.md index a832d5c983..847263668e 100644 --- a/windows/security/threat-protection/auditing/event-4908.md +++ b/windows/security/threat-protection/auditing/event-4908.md @@ -34,7 +34,7 @@ This event is always logged regardless of the "Audit Policy Change" sub-category More information about Special Groups auditing can be found here: - + diff --git a/windows/security/threat-protection/auditing/event-4911.md b/windows/security/threat-protection/auditing/event-4911.md index d385a72649..bbd17b1660 100644 --- a/windows/security/threat-protection/auditing/event-4911.md +++ b/windows/security/threat-protection/auditing/event-4911.md @@ -26,7 +26,7 @@ ms.author: dansimp ***Event Description:*** -This event generates when [resource attributes](http://blogs.technet.com/b/canitpro/archive/2013/05/07/step-by-step-protecting-your-information-with-dynamic-access-control.aspx) of the file system object were changed. +This event generates when [resource attributes](https://blogs.technet.com/b/canitpro/archive/2013/05/07/step-by-step-protecting-your-information-with-dynamic-access-control.aspx) of the file system object were changed. Resource attributes for file or folder can be changed, for example, using Windows File Explorer (object’s Properties->Classification tab). diff --git a/windows/security/threat-protection/auditing/event-4964.md b/windows/security/threat-protection/auditing/event-4964.md index e178696465..4cd9707147 100644 --- a/windows/security/threat-protection/auditing/event-4964.md +++ b/windows/security/threat-protection/auditing/event-4964.md @@ -26,7 +26,7 @@ ms.author: dansimp ***Event Description:*** -This event occurs when an account that is a member of any defined [Special Group](http://blogs.technet.com/b/askds/archive/2008/03/11/special-groups-auditing-via-group-policy-preferences.aspx) logs in. +This event occurs when an account that is a member of any defined [Special Group](https://blogs.technet.com/b/askds/archive/2008/03/11/special-groups-auditing-via-group-policy-preferences.aspx) logs in. > **Note**  For recommendations, see [Security Monitoring Recommendations](#security-monitoring-recommendations) for this event. @@ -94,7 +94,7 @@ This event occurs when an account that is a member of any defined [Special Group > S-1-5-32-544;S-1-5-32-123-54-65 -> For more information see: +> For more information see: ***Field Descriptions:*** diff --git a/windows/security/threat-protection/auditing/event-5056.md b/windows/security/threat-protection/auditing/event-5056.md index 408ac0608b..a675d79c58 100644 --- a/windows/security/threat-protection/auditing/event-5056.md +++ b/windows/security/threat-protection/auditing/event-5056.md @@ -28,9 +28,9 @@ For more information about Cryptographic Next Generation (CNG) visit these pages - -- +- -- +- This event is mainly used for Cryptographic Next Generation (CNG) troubleshooting. diff --git a/windows/security/threat-protection/auditing/event-5057.md b/windows/security/threat-protection/auditing/event-5057.md index 483df27b13..eb3cc568ab 100644 --- a/windows/security/threat-protection/auditing/event-5057.md +++ b/windows/security/threat-protection/auditing/event-5057.md @@ -28,9 +28,9 @@ For more information about Cryptographic Next Generation (CNG) visit these pages - -- +- -- +- This event is mainly used for Cryptographic Next Generation (CNG) troubleshooting. diff --git a/windows/security/threat-protection/auditing/event-5060.md b/windows/security/threat-protection/auditing/event-5060.md index 54471b87c2..bd0414e3ca 100644 --- a/windows/security/threat-protection/auditing/event-5060.md +++ b/windows/security/threat-protection/auditing/event-5060.md @@ -28,9 +28,9 @@ For more information about Cryptographic Next Generation (CNG) visit these pages - -- +- -- +- This event is mainly used for Cryptographic Next Generation (CNG) troubleshooting. diff --git a/windows/security/threat-protection/auditing/event-5063.md b/windows/security/threat-protection/auditing/event-5063.md index 1563a51f1b..159cda1e2b 100644 --- a/windows/security/threat-protection/auditing/event-5063.md +++ b/windows/security/threat-protection/auditing/event-5063.md @@ -28,9 +28,9 @@ For more information about Cryptographic Next Generation (CNG) visit these pages - -- +- -- +- This event is mainly used for Cryptographic Next Generation (CNG) troubleshooting. diff --git a/windows/security/threat-protection/auditing/event-5064.md b/windows/security/threat-protection/auditing/event-5064.md index 1225d34816..a5c3c577e0 100644 --- a/windows/security/threat-protection/auditing/event-5064.md +++ b/windows/security/threat-protection/auditing/event-5064.md @@ -28,9 +28,9 @@ For more information about Cryptographic Next Generation (CNG) visit these pages - -- +- -- +- This event is mainly used for Cryptographic Next Generation (CNG) troubleshooting. diff --git a/windows/security/threat-protection/auditing/event-5065.md b/windows/security/threat-protection/auditing/event-5065.md index 9722578bab..0f5d4dd997 100644 --- a/windows/security/threat-protection/auditing/event-5065.md +++ b/windows/security/threat-protection/auditing/event-5065.md @@ -28,9 +28,9 @@ For more information about Cryptographic Next Generation (CNG) visit these pages - -- +- -- +- This event is mainly used for Cryptographic Next Generation (CNG) troubleshooting. diff --git a/windows/security/threat-protection/auditing/event-5066.md b/windows/security/threat-protection/auditing/event-5066.md index 1560226341..9c5f389dcf 100644 --- a/windows/security/threat-protection/auditing/event-5066.md +++ b/windows/security/threat-protection/auditing/event-5066.md @@ -28,9 +28,9 @@ For more information about Cryptographic Next Generation (CNG) visit these pages - -- +- -- +- This event is mainly used for Cryptographic Next Generation (CNG) troubleshooting. diff --git a/windows/security/threat-protection/auditing/event-5067.md b/windows/security/threat-protection/auditing/event-5067.md index afbbb47736..6ab1f5a7c1 100644 --- a/windows/security/threat-protection/auditing/event-5067.md +++ b/windows/security/threat-protection/auditing/event-5067.md @@ -28,9 +28,9 @@ For more information about Cryptographic Next Generation (CNG) visit these pages - -- +- -- +- This event is mainly used for Cryptographic Next Generation (CNG) troubleshooting. diff --git a/windows/security/threat-protection/auditing/event-5068.md b/windows/security/threat-protection/auditing/event-5068.md index 3722edd66c..fb084fd8dd 100644 --- a/windows/security/threat-protection/auditing/event-5068.md +++ b/windows/security/threat-protection/auditing/event-5068.md @@ -26,9 +26,9 @@ For more information about Cryptographic Next Generation (CNG) visit these pages - -- +- -- +- This event is mainly used for Cryptographic Next Generation (CNG) troubleshooting. diff --git a/windows/security/threat-protection/auditing/event-5069.md b/windows/security/threat-protection/auditing/event-5069.md index 317e12299b..64dbd91086 100644 --- a/windows/security/threat-protection/auditing/event-5069.md +++ b/windows/security/threat-protection/auditing/event-5069.md @@ -28,9 +28,9 @@ For more information about Cryptographic Next Generation (CNG) visit these pages - -- +- -- +- This event is mainly used for Cryptographic Next Generation (CNG) troubleshooting. diff --git a/windows/security/threat-protection/auditing/event-5070.md b/windows/security/threat-protection/auditing/event-5070.md index e5fd12760a..ce069a495c 100644 --- a/windows/security/threat-protection/auditing/event-5070.md +++ b/windows/security/threat-protection/auditing/event-5070.md @@ -28,9 +28,9 @@ For more information about Cryptographic Next Generation (CNG) visit these pages - -- +- -- +- This event is mainly used for Cryptographic Next Generation (CNG) troubleshooting. diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md index 1b8c03d660..70a68c00ed 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md +++ b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md @@ -56,7 +56,7 @@ You can exclude files and folders from being evaluated by most attack surface re You can specify individual files or folders (using folder paths or fully qualified resource names) but you can't specify which rules the exclusions apply to. An exclusion is applied only when the excluded application or service starts. For example, if you add an exclusion for an update service that is already running, the update service will continue to trigger events until the service is stopped and restarted. -ASR rules support environment variables and wildcards. For information about using wildcards, see [Use wildcards in the file name and folder path or extension exclusion lists](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus#use-wildcards-in-the-file-name-and-folder-path-or-extension-exclusion-lists). +ASR rules support environment variables and wildcards. For information about using wildcards, see [Use wildcards in the file name and folder path or extension exclusion lists](../windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md#use-wildcards-in-the-file-name-and-folder-path-or-extension-exclusion-lists). The following procedures for enabling ASR rules include instructions for how to exclude files and folders. @@ -76,7 +76,7 @@ The following procedures for enabling ASR rules include instructions for how to Use the [./Vendor/MSFT/Policy/Config/Defender/AttackSurfaceReductionRules](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-attacksurfacereductionrules) configuration service provider (CSP) to individually enable and set the mode for each rule. -The following is a sample for reference, using [GUID values for ASR rules](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction#attack-surface-reduction-rules). +The following is a sample for reference, using [GUID values for ASR rules](attack-surface-reduction.md#attack-surface-reduction-rules). OMA-URI path: ./Vendor/MSFT/Policy/Config/Defender/AttackSurfaceReductionRules @@ -186,4 +186,4 @@ Value: c:\path|e:\path|c:\Whitelisted.exe * [Reduce attack surfaces with attack surface reduction rules](attack-surface-reduction.md) * [Evaluate attack surface reduction](evaluate-attack-surface-reduction.md) -* [Enable cloud-delivered protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus) +* [Enable cloud-delivered protection](../windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md)