Merge pull request #1219 from MicrosoftDocs/master

Publish 9/26/2019 3:52 PM PST

devices/hololens/hololens-status.md

@@ -8,7 +8,7 @@ manager: jarrettr
 audience: Admin
 ms.topic: article
 ms.prod: hololens
-localization_priority: Medium 
+ms.localizationpriority: Medium 
 ms.sitesec: library
 ---
 

devices/hololens/hololens2-setup.md

@@ -54,14 +54,14 @@ To turn on your HoloLens 2, press the Power button.  The LED lights below the Po
 
 ### Power button actions for different power transitions
 
-|To do this |Perform this action and watch for these indicator lights |
+| To do this | Perform this action and watch for these indicator lights |
 | - | - |
-|To turn on |**Single click**  ![Press power button - no lights lit](images/hololens-2-button-turn-on.png) |
+| To turn on | Single button press - lights will indicate battery state. |
-|To sleep |**Single click**  ![Press power button - three lights lit](images/hololens-2-button-sleep.png) |
+| To sleep | Single button press - lights will indicate battery state then go dark on sleep. |
-|To wake from sleep |**Single click**  ![Press power button - no lights lit](images/hololens-2-button-wake.png) |
+| To wake from sleep | Single button press - lights will indicate battery state. |
-|To turn off |**Press and for hold 5s**  ![Press and hold power button - all lights lit](images/hololens-2-button-turn-off.png) |
+| To turn off | Press and for hold 5s - all five lights will light then go dark on shutdown. |
-|To force the Hololens to restart if it is unresponsive |**Press and hold for 10s**  ![Press and hold power button - all lights lit](images/hololens-2-button-turn-off.png) |
+| To force the Hololens to restart if it is unresponsive | Press and hold for 10s - all lights will light then go dark on shutdown.  They'll relight on restart. |
-</br>
+
 ## HoloLens indicator lights
 
 Not sure what the indicator lights on your HoloLens mean? Here's some help!
@@ -70,12 +70,12 @@ Not sure what the indicator lights on your HoloLens mean? Here's some help!
 
 |When you do this | And then the lights do this | It means |
 | - | - | - |
-|You press the Power button. |All five lights turn on, then change to indicate the battery level. After four seconds, a sound plays. | HoloLens is starting up. |
+| You press the Power button. |All five lights turn on, then change to indicate the battery level. After four seconds, a sound plays. | HoloLens is starting up. |
-|You press the Power button. |All five lights turn on, then change to indicate the battery level. A sound immediately plays. | HoloLens is on, awake, and ready to use. |
+| You press the Power button. |All five lights turn on, then change to indicate the battery level. A sound immediately plays. | HoloLens is on, awake, and ready to use. |
-|You press and hold the Power button for five seconds or longer. |All five lights turn on, then fade off one at a time. After the lights turn off, a sound plays and the screen displays "Goodbye." |HoloLens is shutting down. |
+| You press and hold the Power button for five seconds or longer. |All five lights turn on, then fade off one at a time. After the lights turn off, a sound plays and the screen displays "Goodbye." |HoloLens is shutting down. |
-|You press and hold the Power button for less than five seconds. |All five lights turn on, then fade off one at a time. After the lights turn off, a sound plays and the screen displays "Goodbye." |HoloLens is entering sleep. |
+| You press and hold the Power button for less than five seconds. |All five lights turn on, then fade off one at a time. After the lights turn off, a sound plays and the screen displays "Goodbye." |HoloLens is entering sleep. |
-|You press the Power button. |One light flashes five times, then turns off. |The HoloLens battery is critically low. Charge your HoloLens. |
+| You press the Power button. |One light flashes five times, then turns off. |The HoloLens battery is critically low. Charge your HoloLens. |
-|You press the Power button. |All five lights flash five times, then turn off. |HoloLens cannot start correctly and is in an error state. |
+| You press the Power button. |All five lights flash five times, then turn off. | HoloLens cannot start correctly and is in an error state. |
 
 ### Lights that indicate the battery level
 

devices/surface-hub/index.md

@@ -9,7 +9,7 @@ ms.tgt_pltfrm: na
 ms.devlang: na
 ms.topic: landing-page
 description: "Get started with Microsoft Surface Hub."
-localization_priority: High
+ms.localizationpriority: High
 ---
 # Get started with Surface Hub
 

devices/surface/get-started.md

@@ -10,7 +10,7 @@ ms.tgt_pltfrm: na
 ms.devlang: na
 ms.topic: landing-page
 description: "Get started with Microsoft Surface devices"
-localization_priority: High
+ms.localizationpriority: High
 ---
 # Get started with Surface devices
 

devices/surface/index.md

@@ -8,7 +8,7 @@ ms.author: robmazz
 manager: laurawi
 ms.topic: hub-page
 keywords: Microsoft Surface, Microsoft Surface Hub, Surface documentation
-localization_priority: High
+ms.localizationpriority: High
 audience: ITPro
 ms.prod: Surface
 description: Learn about Microsoft Surface and Surface Hub devices.

devices/surface/surface-wireless-connect.md

@@ -6,7 +6,7 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 author: dansimp
 ms.audience: itpro
-ms.localization_priority: normal
+ms.localizationpriority: normal
 ms.author: dansimp
 ms.topic: article
 ms.date: 08/15/2019

mdop/appv-v4/about-app-v-package-accelerators--app-v-46-sp1-.md

@@ -1,11 +1,11 @@
 ---
 title: About App-V Package Accelerators (App-V 4.6 SP1)
 description: About App-V Package Accelerators (App-V 4.6 SP1)
-author: dansimp
+author: manikadhiman
 ms.assetid: fc2d2375-8f17-4a6d-b374-771cb947cb8c
 ms.reviewer: 
 manager: dansimp
-ms.author: manikadhiman
+ms.author: v-madhi
 ms.pagetype: mdop, appcompat, virtualization
 ms.mktglfcycl: deploy
 ms.sitesec: library

mdop/appv-v5/how-to-revert-extension-points-from-an-app-v-50-package-to-an-app-v-46-package-for-all-users-on-a-specific-computer.md

@@ -1,5 +1,5 @@
 ---
-title: How to Revert Extension Points from an App-V 5.0 Package to an App-V 4.6 Package For All Users on a Specific Computer
+title: "How to Revert Extension Points from an App-V 5.0 Package to an App-V 4.6 Package For All Users on a Specific Computer"
 description: How to Revert Extension Points from an App-V 5.0 Package to an App-V 4.6 Package For All Users on a Specific Computer
 ms.assetid: 2a43ca1b-6847-4dd1-ade2-336ac4ac6af0
 ms.reviewer: 

mdop/mbam-v25/upgrade-mbam2.5-sp1.md

@@ -7,7 +7,7 @@ audience: ITPro
 ms.topic: article  
 ms.prod: w10
 manager: miaposto
-localization_priority: Normal
+ms.localizationpriority: Normal
 --- 
 
 # Upgrade from MBAM 2.5 to MBAM 2.5 SP1 Servicing Release Update

windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md

@@ -103,6 +103,8 @@ For details about Microsoft mobile device management protocols for Windows 10 s
 <li><a href="policy-csp-devicehealthmonitoring.md#devicehealthmonitoring-allowdevicehealthmonitoring" data-raw-source="[DeviceHealthMonitoring/AllowDeviceHealthMonitoring](policy-csp-devicehealthmonitoring.md#devicehealthmonitoring-allowdevicehealthmonitoring)">DeviceHealthMonitoring/AllowDeviceHealthMonitoring</a></li>
 <li><a href="policy-csp-devicehealthmonitoring.md#devicehealthmonitoring-configdevicehealthmonitoringscope" data-raw-source="[DeviceHealthMonitoring/ConfigDeviceHealthMonitoringScope](policy-csp-devicehealthmonitoring.md#devicehealthmonitoring-configdevicehealthmonitoringscope)">DeviceHealthMonitoring/ConfigDeviceHealthMonitoringScope</a></li>
 <li><a href="policy-csp-devicehealthmonitoring.md#devicehealthmonitoring-configdevicehealthmonitoringuploaddestination" data-raw-source="[DeviceHealthMonitoring/ConfigDeviceHealthMonitoringUploadDestination](policy-csp-devicehealthmonitoring.md#devicehealthmonitoring-configdevicehealthmonitoringuploaddestination)">DeviceHealthMonitoring/ConfigDeviceHealthMonitoringUploadDestination</a></li>
+<li><a href="policy-csp-deviceinstallation.md#deviceinstallation-allowinstallationofmatchingdeviceinstanceids" data-raw-source="[DeviceInstallation/AllowInstallationOfMatchingDeviceInstanceIDs](policy-csp-deviceinstallation.md#deviceinstallation-allowinstallationofmatchingdeviceinstanceids)">DeviceInstallation/AllowInstallationOfMatchingDeviceInstanceIDs</a></li>
+<li><a href="policy-csp-deviceinstallation.md#deviceinstallation-preventinstallationofmatchingdeviceinstanceids" data-raw-source="[DeviceInstallation/PreventInstallationOfMatchingDeviceInstanceIDs](policy-csp-deviceinstallation.md#deviceinstallation-preventinstallationofmatchingdeviceinstanceids)">DeviceInstallation/PreventInstallationOfMatchingDeviceInstanceIDs</a></li>
 <li><a href="policy-csp-experience.md#experience-showlockonusertile" data-raw-source="[Experience/ShowLockOnUserTile](policy-csp-experience.md#experience-showlockonusertile)">Experience/ShowLockOnUserTile</a></li>
 <li><a href="policy-csp-internetexplorer.md#internetexplorer-allowenhancedsuggestionsinaddressbar" data-raw-source="[InternetExplorer/AllowEnhancedSuggestionsInAddressBar](policy-csp-internetexplorer.md#internetexplorer-allowenhancedsuggestionsinaddressbar)">InternetExplorer/AllowEnhancedSuggestionsInAddressBar</a></li>
 <li><a href="policy-csp-internetexplorer.md#internetexplorer-disableactivexversionlistautodownload" data-raw-source="[InternetExplorer/DisableActiveXVersionListAutoDownload](policy-csp-internetexplorer.md#internetexplorer-disableactivexversionlistautodownload)">InternetExplorer/DisableActiveXVersionListAutoDownload</a></li>
@@ -1909,6 +1911,7 @@ How do I turn if off? | The service can be stopped from the "Services" console o
 |New or updated topic | Description|
 |--- | ---|
 |[Policy CSP - Defender](policy-csp-defender.md)|Updated the supported value list for Defender/ScheduleScanDay policy.|
+|[Policy CSP - DeviceInstallation](policy-csp-deviceinstallation.md)|Added the following new policies: <br>DeviceInstallation/AllowInstallationOfMatchingDeviceInstanceIDs, DeviceInstallation/PreventInstallationOfMatchingDeviceInstanceIDs.|
 
 ### August 2019
 

windows/client-management/mdm/policy-configuration-service-provider.md

@@ -1209,6 +1209,9 @@ The following diagram shows the Policy configuration service provider in tree fo
   <dd>
     <a href="./policy-csp-deviceinstallation.md#deviceinstallation-allowinstallationofmatchingdevicesetupclasses" id="deviceinstallation-allowinstallationofmatchingdevicesetupclasses">DeviceInstallation/AllowInstallationOfMatchingDeviceSetupClasses</a>
   </dd>
+  <dd>
+    <a href="./policy-csp-deviceinstallation.md#deviceinstallation-allowinstallationofmatchingdeviceinstanceids"id="deviceinstallation-allowinstallationofmatchingdeviceinstanceids">DeviceInstallation/AllowInstallationOfMatchingDeviceInstanceIDs</a>
+  </dd>
   <dd>
     <a href="./policy-csp-deviceinstallation.md#deviceinstallation-preventdevicemetadatafromnetwork" id="deviceinstallation-preventdevicemetadatafromnetwork">DeviceInstallation/PreventDeviceMetadataFromNetwork</a>
   </dd>
@@ -1218,6 +1221,9 @@ The following diagram shows the Policy configuration service provider in tree fo
   <dd>
     <a href="./policy-csp-deviceinstallation.md#deviceinstallation-preventinstallationofmatchingdeviceids" id="deviceinstallation-preventinstallationofmatchingdeviceids">DeviceInstallation/PreventInstallationOfMatchingDeviceIDs</a>
   </dd>
+  <dd>
+    <a href="./policy-csp-deviceinstallation.md#deviceinstallation-preventinstallationofmatchingdeviceinstanceids"id="deviceinstallation-preventinstallationofmatchingdeviceinstanceids">DeviceInstallation/PreventInstallationOfMatchingDeviceInstanceIDs</a>
+  </dd>
   <dd>
     <a href="./policy-csp-deviceinstallation.md#deviceinstallation-preventinstallationofmatchingdevicesetupclasses" id="deviceinstallation-preventinstallationofmatchingdevicesetupclasses">DeviceInstallation/PreventInstallationOfMatchingDeviceSetupClasses</a>
   </dd>
@@ -3553,6 +3559,15 @@ The following diagram shows the Policy configuration service provider in tree fo
   <dd>
     <a href="./policy-csp-textinput.md#textinput-allowlinguisticdatacollection" id="textinput-allowlinguisticdatacollection">TextInput/AllowLinguisticDataCollection</a>
   </dd>
+  <dd>
+    <a href="./policy-csp-textinput.md#textinput-configurejapaneseimeversion"id="textinput-configurejapaneseimeversion">TextInput/ConfigureJapaneseIMEVersion</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-textinput.md#textinput-configuresimplifiedchineseimeversion"id="textinput-configuresimplifiedchineseimeversion">TextInput/ConfigureSimplifiedChineseIMEVersion</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-textinput.md#textinput-configuretraditionalchineseimeversion"id="textinput-configuretraditionalchineseimeversion">TextInput/ConfigureTraditionalChineseIMEVersion</a>
+  </dd>
   <dd>
     <a href="./policy-csp-textinput.md#textinput-enabletouchkeyboardautoinvokeindesktopmode" id="textinput-enabletouchkeyboardautoinvokeindesktopmode">TextInput/EnableTouchKeyboardAutoInvokeInDesktopMode</a>
   </dd>

windows/client-management/mdm/policy-csp-deviceinstallation.md

@@ -4,6 +4,7 @@ ms.reviewer:
 manager: dansimp
 description: Policy CSP - DeviceInstallation
 ms.author: dansimp
+ms.date: 09/26/2019
 ms.topic: article
 ms.prod: w10
 ms.technology: windows
@@ -11,6 +12,8 @@ author: manikadhiman
 ---
 
 # Policy CSP - DeviceInstallation
+> [!WARNING]
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
 
 <hr/>
 
@@ -24,6 +27,9 @@ author: manikadhiman
   <dd>
     <a href="#deviceinstallation-allowinstallationofmatchingdevicesetupclasses">DeviceInstallation/AllowInstallationOfMatchingDeviceSetupClasses</a>
   </dd>
+  <dd>
+    <a href="#deviceinstallation-allowinstallationofmatchingdeviceinstanceids">DeviceInstallation/AllowInstallationOfMatchingDeviceInstanceIDs</a>
+  </dd>
   <dd>
     <a href="#deviceinstallation-preventdevicemetadatafromnetwork">DeviceInstallation/PreventDeviceMetadataFromNetwork</a>
   </dd>
@@ -33,12 +39,14 @@ author: manikadhiman
   <dd>
     <a href="#deviceinstallation-preventinstallationofmatchingdeviceids">DeviceInstallation/PreventInstallationOfMatchingDeviceIDs</a>
   </dd>
+  <dd>
+    <a href="#deviceinstallation-preventinstallationofmatchingdeviceinstanceids">DeviceInstallation/PreventInstallationOfMatchingDeviceInstanceIDs</a>
+  </dd>
   <dd>
     <a href="#deviceinstallation-preventinstallationofmatchingdevicesetupclasses">DeviceInstallation/PreventInstallationOfMatchingDeviceSetupClasses</a>
   </dd>
 </dl>
 
-
 <hr/>
 
 <!--Policy-->
@@ -132,7 +140,7 @@ To enable this policy, use the following SyncML. This example allows Windows to
 </SyncML>
 ```
 
-To verify the policy is applied, check C:\windows\INF\setupapi.dev.log and see if the following is listed near the end of the log:
+To verify that the policy is applied, check C:\windows\INF\setupapi.dev.log and see if the following is listed near the end of the log:
 
 ```txt
 >>>  [Device Installation Restrictions Policy Check]
@@ -247,7 +255,7 @@ Enclose the class GUID within curly brackets {}. To configure multiple classes,
 </SyncML>
 ```
 
-To verify the policy is applied, check C:\windows\INF\setupapi.dev.log and see if the following is listed near the end of the log:
+To verify that the policy is applied, check C:\windows\INF\setupapi.dev.log and see if the following is listed near the end of the log:
 
 
 ```txt
@@ -264,6 +272,105 @@ To verify the policy is applied, check C:\windows\INF\setupapi.dev.log and see i
 
 <hr/>
 
+<!--Policy-->
+<a href="" id="deviceinstallation-allowinstallationofmatchingdeviceinstanceids"></a>**DeviceInstallation/AllowInstallationOfMatchingDeviceInstanceIDs**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+	<th>Home</th>
+	<th>Pro</th>
+	<th>Business</th>
+	<th>Enterprise</th>
+	<th>Education</th>
+	<th>Mobile</th>
+	<th>Mobile Enterprise</th>
+</tr>
+<tr>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>6</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>6</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>6</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>6</sup></td>
+	<td></td>
+	<td></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Added in Windows 10, version 1903. Also available in Windows 10, version 1809. This policy setting allows you to specify a list of Plug and Play device instance IDs for devices that Windows is allowed to install. Use this policy setting only when the "Prevent installation of devices not described by other policy settings" policy setting is enabled. Other policy settings that prevent device installation take precedence over this one.
+
+If you enable this policy setting, Windows is allowed to install or update any device whose Plug and Play device instance ID appears in the list you create, unless another policy setting specifically prevents that installation (for example, the "Prevent installation of devices that match any of these device IDs" policy setting, the "Prevent installation of devices for these device classes" policy setting, the "Prevent installation of devices that match any of these device instance IDs" policy setting, or the "Prevent installation of removable devices" policy setting). If you enable this policy setting on a remote desktop server, the policy setting affects redirection of the specified devices from a remote desktop client to the remote desktop server.
+
+If you disable or do not configure this policy setting, and no other policy setting describes the device, the "Prevent installation of devices not described by other policy settings" policy setting determines whether the device can be installed.
+
+Peripherals can be specified by their [device instance ID](https://docs.microsoft.com/windows-hardware/drivers/install/device-instance-ids). Test the configuration prior to rolling it out to ensure it allows the devices expected. Ideally test various instances of the hardware. For example, test multiple USB keys rather than only one.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it.  For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Allow installation of devices that match any of these device instance IDs*
+-   GP name: *DeviceInstall_Instance_IDs_Allow*
+-   GP path: *System/Device Installation/Device Installation Restrictions*
+-   GP ADMX file name: *deviceinstallation.admx*
+
+<!--/ADMXBacked-->
+<!--SupportedValues-->
+
+<!--/SupportedValues-->
+<!--Example-->
+To enable this policy, use the following SyncML. 
+
+``` xml
+<SyncML>
+    <SyncBody>
+        <Replace>
+            <CmdID>$CmdID$</CmdID>
+            <Item>
+                <Target>
+                    <LocURI>./Device/Vendor/MSFT/Policy/Config/DeviceInstallation/AllowInstallationOfMatchingDeviceInstanceIDs</LocURI>
+                </Target>
+                <Meta>
+                    <Format xmlns="syncml:metinf">string</Format>
+                </Meta>
+                <Data><enabled/><Data id="DeviceInstall_Instance_IDs_Allow_List" value="1&#xF000;USB\VID_1F75&amp;PID_0917\47802411805883"/></Data>
+                </Item>
+        </Replace>
+    </SyncBody>
+</SyncML>
+```
+To verify the policy is applied, check C:\windows\INF\setupapi.dev.log and see if the following is listed near the end of the log:
+``` txt
+>>>  [Device Installation Restrictions Policy Check]
+>>>  Section start 2018/11/15 12:26:41.659
+<<<  Section end 2018/11/15 12:26:41.751
+<<<  [Exit status: SUCCESS]
+```
+<!--/Example-->
+<!--Validation-->
+
+<!--/Validation-->
+<!--/Policy-->
+
+<hr/>
+
 <!--Policy-->
 <a href="" id="deviceinstallation-preventdevicemetadatafromnetwork"></a>**DeviceInstallation/PreventDeviceMetadataFromNetwork**  
 
@@ -546,6 +653,107 @@ For example, this custom profile blocks installation and usage of USB devices wi
 <!--/Validation-->
 <!--/Policy-->
 
+<hr/>
+
+<!--Policy-->
+<a href="" id="deviceinstallation-preventinstallationofmatchingdeviceinstanceids"></a>**DeviceInstallation/PreventInstallationOfMatchingDeviceInstanceIDs**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+	<th>Home</th>
+	<th>Pro</th>
+	<th>Business</th>
+	<th>Enterprise</th>
+	<th>Education</th>
+	<th>Mobile</th>
+	<th>Mobile Enterprise</th>
+</tr>
+<tr>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>6</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>6</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>6</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>6</sup></td>
+	<td></td>
+	<td></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Added in Windows 10, version 1903. Also available in Windows 10, version 1809. This policy setting allows you to specify a list of Plug and Play device instance IDs for devices that Windows is prevented from installing. This policy setting takes precedence over any other policy setting that allows Windows to install a device.
+
+If you enable this policy setting, Windows is prevented from installing a device whose device instance ID appears in the list you create. If you enable this policy setting on a remote desktop server, the policy setting affects redirection of the specified devices from a remote desktop client to the remote desktop server.
+
+If you disable or do not configure this policy setting, devices can be installed and updated as allowed or prevented by other policy settings.
+
+Peripherals can be specified by their [device instance ID](https://docs.microsoft.com/windows-hardware/drivers/install/device-instance-ids). Test the configuration prior to rolling it out to ensure it allows the devices expected. Ideally test various instances of the hardware. For example, test multiple USB keys rather than only one.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it.  For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Prevent installation of devices that match any of these device instance IDs*
+-   GP name: *DeviceInstall_Instance_IDs_Deny*
+-   GP path: *System/Device Installation/Device Installation Restrictions*
+-   GP ADMX file name: *deviceinstallation.admx*
+
+<!--/ADMXBacked-->
+<!--SupportedValues-->
+
+<!--/SupportedValues-->
+<!--Example-->
+To enable this policy, use the following SyncML. 
+
+``` xml
+<SyncML>
+    <SyncBody>
+        <Replace>
+            <CmdID>$CmdID$</CmdID>
+            <Item>
+                <Target>
+                    <LocURI>./Device/Vendor/MSFT/Policy/Config/DeviceInstallation/PreventInstallationOfMatchingDeviceInstanceIDs</LocURI>
+                </Target>
+                <Meta>
+                    <Format xmlns="syncml:metinf">string</Format>
+                </Meta>
+                <Data><enabled/><data id="DeviceInstall_Instance_IDs_Deny_Retroactive" value="true"/><Data id="DeviceInstall_Instance_IDs_Deny_List" value="1&#xF000;USB\VID_1F75&amp;PID_0917\47802411805883&#xF000;2&#xF000;USB\VID_0781&amp;PID_5530\4C530001191214116305"/></Data>
+                </Item>
+        </Replace>
+    </SyncBody>
+</SyncML>
+```
+To verify the policy is applied, check C:\windows\INF\setupapi.dev.log and see if the following is listed near the end of the log:  
+
+``` txt
+>>>  [Device Installation Restrictions Policy Check]
+>>>  Section start 2018/11/15 12:26:41.659
+<<<  Section end 2018/11/15 12:26:41.751
+<<<  [Exit status: SUCCESS]
+```
+<!--/Example-->
+<!--Validation-->
+
+<!--/Validation-->
+<!--/Policy-->
+
+<hr/>
 
 <!--Policy-->
 <a href="" id="deviceinstallation-preventinstallationofmatchingdevicesetupclasses"></a>**DeviceInstallation/PreventInstallationOfMatchingDeviceSetupClasses**  

windows/client-management/mdm/policy-csp-textinput.md

@@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: manikadhiman
-ms.date: 08/09/2018
+ms.date: 09/20/2019
 ms.reviewer: 
 manager: dansimp
 ---
@@ -14,7 +14,7 @@ manager: dansimp
 # Policy CSP - TextInput
 
 > [!WARNING]
-> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+> Some information relates to prereleased products, which may be substantially modified before they are commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
 
 
 <hr/>
@@ -58,6 +58,15 @@ manager: dansimp
   </dd>
   <dd>
     <a href="#textinput-allowlinguisticdatacollection">TextInput/AllowLinguisticDataCollection</a>
+  </dd>
+  <dd>
+    <a href="#textinput-configurejapaneseimeversion">TextInput/ConfigureJapaneseIMEVersion</a>
+  </dd>  
+  <dd>
+    <a href="#textinput-configuresimplifiedchineseimeversion">TextInput/ConfigureSimplifiedChineseIMEVersion</a>
+  </dd>
+  <dd>
+    <a href="#textinput-configuretraditionalchineseimeversion">TextInput/ConfigureTraditionalChineseIMEVersion</a>
   </dd>
    <dd>
     <a href="#textinput-enabletouchkeyboardautoinvokeindesktopmode">TextInput/EnableTouchKeyboardAutoInvokeInDesktopMode</a>
@@ -705,6 +714,171 @@ This setting supports a range of values between 0 and 1.
 
 <hr/>
 
+<!--Policy-->
+<a href="" id="textinput-configurejapaneseimeversion"></a>**TextInput/ConfigureJapaneseIMEVersion**
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+	<th>Home</th>
+	<th>Pro</th>
+	<th>Business</th>
+	<th>Enterprise</th>
+	<th>Education</th>
+	<th>Mobile</th>
+	<th>Mobile Enterprise</th>
+</tr>
+<tr>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+> [!NOTE]
+> - The policy is only enforced in Windows 10 for desktop.  
+> - This policy requires reboot to take effect.
+
+Added in next major release of Windows 10. Allows IT admins to configure Microsoft Japanese IME version in the desktop.
+
+<!--/Description-->
+<!--SupportedValues-->
+The following list shows the supported values:
+
+- 0 (default) - Allows you to configure which Microsoft Japanese IME version to use. The new Microsoft Japanese IME version is configured by default.
+- 1 - Does not allow you to configure which Microsoft Japanese IME version to use. The previous version of Microsoft Japanese IME is always selected.
+- 2 - Does not allow you to configure which Microsoft Japanese IME version to use. The new Microsoft Japanese IME version is always selected.
+
+<!--/SupportedValues-->
+<!--/Policy-->
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="textinput-configuresimplifiedchineseimeversion"></a>**TextInput/ConfigureSimplifiedChineseIMEVersion**
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+	<th>Home</th>
+	<th>Pro</th>
+	<th>Business</th>
+	<th>Enterprise</th>
+	<th>Education</th>
+	<th>Mobile</th>
+	<th>Mobile Enterprise</th>
+</tr>
+<tr>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+> [!NOTE]
+> - This policy is enforced only in Windows 10 for desktop.  
+> - This policy requires reboot to take effect.
+
+Added in next major release of Windows 10. Allows IT admins to configure Microsoft Simplified Chinese IME version in the desktop.
+
+<!--/Description-->
+<!--SupportedValues-->
+The following list shows the supported values:
+
+- 0 (default) - Allows you to configure which Microsoft Simplified Chinese IME version to use. The new Microsoft Simplified Chinese IME version is configured by default.
+- 1 - Does not allow you to configure which Microsoft Simplified Chinese IME version to use. The previous version of Microsoft Simplified Chinese IME is always selected.
+- 2 - Does not allow you to configure which Microsoft Simplified Chinese IME version to use. The new Microsoft Simplified Chinese IME version is always selected.
+
+<!--/SupportedValues-->
+<!--/Policy-->
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="textinput-configuretraditionalchineseimeversion"></a>**TextInput/ConfigureTraditionalChineseIMEVersion**
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+	<th>Home</th>
+	<th>Pro</th>
+	<th>Business</th>
+	<th>Enterprise</th>
+	<th>Education</th>
+	<th>Mobile</th>
+	<th>Mobile Enterprise</th>
+</tr>
+<tr>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+> [!NOTE]
+> - This policy is enforced only in Windows 10 for desktop.  
+> - This policy requires reboot to take effect.
+
+Added in next major release of Windows 10. Allows IT admins to configure Microsoft Traditional Chinese IME version in the desktop.
+
+<!--/Description-->
+<!--SupportedValues-->
+The following list shows the supported values:
+
+- 0 (default) - Allows you to configure which Microsoft Traditional Chinese IME version to use. The new Microsoft Traditional Chinese IME version is configured by default.
+- 1 - Does not allow you to configure which Microsoft Traditional Chinese IME version to use. The previous version of Microsoft Traditional Chinese IME is always selected.
+- 2 - Does not allow you to configure which Microsoft Traditional Chinese IME version to use. The new Microsoft Traditional Chinese IME version is always selected.
+
+<!--/SupportedValues-->
+<!--/Policy-->
+
+<hr/>
+
 <!--Policy-->
 <a href="" id="textinput-enabletouchkeyboardautoinvokeindesktopmode"></a>**TextInput/EnableTouchKeyboardAutoInvokeInDesktopMode**  
 
@@ -762,6 +936,7 @@ The following list shows the supported values:
 <hr/>
 
 <!--Policy-->
+
 <a href="" id="textinput-excludejapaneseimeexceptjis0208"></a>**TextInput/ExcludeJapaneseIMEExceptJIS0208**  
 
 <!--SupportedSKUs-->

windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md

@@ -1,6 +1,6 @@
 ---
 title: Onboard non-Windows machines to the Microsoft Defender ATP service
-description: Configure non-Winodws machines so that they can send sensor data to the Microsoft Defender ATP service.
+description: Configure non-Windows machines so that they can send sensor data to the Microsoft Defender ATP service.
 keywords: onboard non-Windows machines, macos, linux, machine management, configure Windows ATP machines, configure Microsoft Defender Advanced Threat Protection machines
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -27,14 +27,10 @@ ms.topic: article
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-nonwindows-abovefoldlink) 
 
-
-
 Microsoft Defender ATP provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in Microsoft Defender Security Center and better protect your organization's network. 
 
 You'll need to know the exact Linux distros and macOS versions that are compatible with Microsoft Defender ATP for the integration to work. 
 
-
-
 ## Onboarding non-Windows machines
 You'll need to take the following steps to onboard non-Windows machines:
 1. Select your preferred method of onboarding:

windows/security/threat-protection/microsoft-defender-atp/preview.md

@@ -46,8 +46,6 @@ The following features are included in the preview release:
 
 - [API Explorer](api-explorer.md)<br> The API explorer makes it easy to construct and perform API queries, test and send requests for any available Microsoft Defender ATP API endpoint.
 
-- [Tamper Protection settings in Intune](../windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md#turn-tamper-protection-on-or-off-for-your-organization-with-intune)<br/>You can now turn Tamper Protection on (or off) for your organization in the Microsoft 365 Device Management portal (Intune).
-
 - [Microsoft Threat Experts - Experts on Demand](microsoft-threat-experts.md) <BR> You now have the option to consult with Microsoft Threat Experts from several places in the portal to help you in the context of your investigation.   
 
 - [Indicators for IP addresses, URLs/Domains](manage-indicators.md) <BR> You can now allow or block URLs/domains using your own threat intelligence. 

windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md

@@ -4,6 +4,7 @@ description: What's in the Threat & Vulnerability Management dashboard and how i
 keywords: mdatp-tvm, mdatp-tvm dashboard, threat & vulnerability management, risk-based threat & vulnerability management, security configuration, configuration score, exposure score    
 search.appverid: met150
 search.product: eADQiWindows 10XVcnh
+ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security

windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md

@@ -25,11 +25,13 @@ ms.topic: conceptual
 
 The following features are generally available (GA) in the latest release of Microsoft Defender ATP as well as security features in Windows 10 and Windows Server.
 
-
 For more information preview features, see [Preview features](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection).
 
 
 ## September 2019
+
+- [Tamper Protection settings using Intune](../windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md#turn-tamper-protection-on-or-off-for-your-organization-using-intune)<br/>You can now turn Tamper Protection on (or off) for your organization in the Microsoft 365 Device Management portal (Intune).
+
 - [Live response](live-response.md)<BR> Get instantaneous access to a machine using a remote shell connection. Do in-depth investigative work and take immediate response actions to promptly contain identified threats - real-time.
 
 - [Evaluation lab](evaluation-lab.md) <BR> The Microsoft Defender ATP evaluation lab is designed to eliminate the complexities of machine and environment configuration so that you can

windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md

@@ -4,7 +4,7 @@ description: Describes the best practices, location, values, policy management a
 ms.assetid: 46a3c3a2-1d2e-4a6f-b5e6-29f9592f535d
 ms.reviewer: 
 ms.author: dansimp
-ms.prod: ws10
+ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security

windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md

@@ -46,9 +46,9 @@ Tamper Protection doesn't prevent you from viewing your security settings. And,
 
 ### What do you want to do?
 
-[Turn Tamper Protection on (or off) for an individual machine](#turn-tamper-protection-on-or-off-for-an-individual-machine)
+[Turn Tamper Protection on (or off) for an individual machine using Windows Security](#turn-tamper-protection-on-or-off-for-an-individual-machine)
 
-[Turn Tamper Protection on (or off) for your organization with Intune (Preview)](#turn-tamper-protection-on-or-off-for-your-organization-with-intune)
+[Turn Tamper Protection on (or off) for your organization using Intune](#turn-tamper-protection-on-or-off-for-your-organization-using-intune)
 
 ## Turn Tamper Protection on (or off) for an individual machine
 
@@ -68,11 +68,9 @@ If you are a home user, or you are not subject to settings managed by a security
 > Once you’ve made this update, Tamper Protection will continue to protect your registry settings, and will also log attempts to modify them without returning errors.
 
 
-## Turn Tamper Protection on (or off) for your organization with Intune
+## Turn Tamper Protection on (or off) for your organization using Intune
 
-If you are part of your organization's security team, the ability to turn Tamper Protection on (or off) for your organization in the Microsoft 365 Device Management portal (Intune) is now in preview. "In preview" means this feature is rolling out to business customers who have [Microsoft Defender ATP](../microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md) and who have agreed to participate in the preview program. As a preview feature, the following applies:
+If you are part of your organization's security team, you can turn Tamper Protection on (or off) for your organization in the Microsoft 365 Device Management portal (Intune). (This feature is rolling out now; if you don't have it yet, you should very soon, assuming your organization has [Microsoft Defender ATP](../microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md) and that you meet the prerequisites listed below.) 
-
-*Some information in this section relates to prereleased product that might be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.*
 
 You must have appropriate [permissions](../microsoft-defender-atp/assign-portal-access.md), such as global admin, security admin, or security operations, to perform the following task. 
 
@@ -118,7 +116,7 @@ Tamper Protection will not have any impact on such devices.
 
 If you are a home user, see [Turn Tamper Protection on (or off) for an individual machine](#turn-tamper-protection-on-or-off-for-an-individual-machine).
 
-If you are an organization using [Microsoft Defender Advanced Threat Protection E5](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp), you should be able to manage Tamper Protection in Intune similar to how you manage other endpoint protection features. See [Turn Tamper Protection on (or off) for your organization with Intune](#turn-tamper-protection-on-or-off-for-your-organization-with-intune).
+If you are an organization using [Microsoft Defender Advanced Threat Protection E5](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp), you should be able to manage Tamper Protection in Intune similar to how you manage other endpoint protection features. See [Turn Tamper Protection on (or off) for your organization using Intune](#turn-tamper-protection-on-or-off-for-your-organization-using-intune).
 
  
 ### How does configuring Tamper Protection in Intune affect how I manage Windows Defender through my group policy?

windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md

@@ -7,6 +7,7 @@ ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
 author: mdsakibMSFT
+ms.author: mdsakib
 ms.date: 05/21/2019
 ---
 

windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md

@@ -1,9 +1,6 @@
-ms.assetid: 10c3597f-f44c-4c8e-8fe5-105d4ac016a6
-ms.reviewer: 
 ---
 title: Use a reference device to create and maintain AppLocker policies (Windows 10)
 description: This topic for the IT professional describes the steps to create and maintain AppLocker policies by using a reference computer.
-
 ms.author: macapara
 ms.prod: w10
 ms.mktglfcycl: deploy
@@ -16,6 +13,8 @@ audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/21/2017
+ms.assetid: 10c3597f-f44c-4c8e-8fe5-105d4ac016a6
+ms.reviewer: 
 ---
 
 # Use a reference device to create and maintain AppLocker policies

windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md

@@ -7,6 +7,7 @@ ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
 author: mdsakibMSFT
+ms.author: mdsakib
 ms.date: 05/17/2019
 ---
 

windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md

@@ -7,6 +7,7 @@ ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
 author: mdsakibMSFT
+ms.author: mdsakib
 ms.date: 05/17/2019
 ---
 

windows/security/threat-protection/windows-security-configuration-framework/level-1-enterprise-basic-security.md

@@ -5,7 +5,7 @@ keywords: virtualization, security, malware
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.localizationpriority: medium
-ms.author: appcompatguy
+ms.author: cjacks
 author: appcompatguy
 manager: dansimp
 audience: ITPro
@@ -177,7 +177,7 @@ Microsoft recommends using [the rings methodology](https://docs.microsoft.com/wi
 | Network / Network Connections | Prohibit use of Internet Connection Sharing on your DNS domain network | Enabled | Determines whether administrators can enable and configure the Internet Connection Sharing (ICS) feature of an Internet connection and if the ICS service can run on the computer. |
 | Network / Network Provider | Hardened UNC Paths | \\\\\*\\SYSVOL and \\\\\*\\NETLOGON RequireMutualAuthentication = 1, RequireIntegrity = 1 | This policy setting configures secure access to UNC paths. If you enable this policy, Windows only allows access to the specified UNC paths after fulfilling additional security requirements. |
 | Network / Windows Connection Manager | Prohibit connection to non-domain networks when connected to domain authenticated network | Enabled | This policy setting prevents computers from connecting to both a domain-based network and a non-domain-based network at the same time. |
-| System / Credentials Delegation | Encryption Oracle Remediation | Force Updated Clients | Enryption Oracle Remediation |
+| System / Credentials Delegation | Encryption Oracle Remediation | Force Updated Clients | Encryption Oracle Remediation |
 | System / Credentials Delegation | Remote host allows delegation of non-exportable credentials | Enabled | When using credential delegation, devices provide an exportable version of credentials to the remote host. This exposes users to the risk of credential theft from attackers on the remote host. If you enable this policy setting, the host supports Restricted Admin or Remote Credential Guard mode. |
 | System / Device Installation / Device Installation Restrictions  | Prevent installation of devices that match any of these device IDs  | [[[main setting]]] = Enabled <br/> Also apply to matching devices that are already installed = True <br/> 1 = PCI\CC_0C0A  | This policy setting allows you to specify a list of Plug and Play hardware IDs and compatible IDs for devices that Windows is prevented from installing. This policy setting takes precedence over any other policy setting that allows Windows to install a device. if you enable this policy setting, Windows is prevented from installing a device whose hardware ID or compatible ID appears in a list that you create. If you enable this policy setting on a remote desktop server, the policy setting affects redirection of the specified devices from a remote desktop client to the remote desktop server. If you disable or do not configure this policy setting, devices can be installed and updated as allowed or prevented by other policy settings.  |
 | System / Device Installation / Device Installation Restrictions  | Prevent installation of devices using drivers that match these device setup classes | [[[main setting]]] = Enabled <br/> Also apply to matching devices that are already installed = True <br/> 1 = {d48179be-ec20-11d1-b6b8-00c04fa372a7}  | This policy setting allows you to specify a list of device setup class globally unique identifiers (GUIDs) for device drivers that Windows is prevented from installing. This policy setting takes precedence over any other policy setting that allows Windows to install a device. if you enable this policy setting, Windows is prevented from installing or updating device drivers whose device setup class GUIDs appear in the list you create. If you enable this policy setting on a remote desktop server, the policy setting affects redirection of the specified devices from a remote desktop client to the remote desktop server. If you disable or do not configure this policy setting, Windows can install and update devices as allowed or prevented by other policy settings.  |

windows/security/threat-protection/windows-security-configuration-framework/level-2-enterprise-enhanced-security.md

@@ -5,7 +5,7 @@ keywords: virtualization, security, malware
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.localizationpriority: medium
-ms.author: appcompatguy
+ms.author: cjacks
 author: appcompatguy
 manager: dansimp
 audience: ITPro

windows/security/threat-protection/windows-security-configuration-framework/level-3-enterprise-high-security.md

@@ -5,7 +5,7 @@ keywords: virtualization, security, malware
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.localizationpriority: medium
-ms.author: appcompatguy
+ms.author: cjacks
 author: appcompatguy
 manager: dansimp
 audience: ITPro