From 8a0acedcd931c785b204c5c940b7a18ff60ab303 Mon Sep 17 00:00:00 2001
From: Eric Avena <eravena@microsoft.com>
Date: Tue, 16 Oct 2018 20:36:32 +0000
Subject: [PATCH] Updated supply-chain-malware.md

---
 .../threat-protection/intelligence/supply-chain-malware.md      | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/windows/security/threat-protection/intelligence/supply-chain-malware.md b/windows/security/threat-protection/intelligence/supply-chain-malware.md
index ce1112d198..31e68f0df4 100644
--- a/windows/security/threat-protection/intelligence/supply-chain-malware.md
+++ b/windows/security/threat-protection/intelligence/supply-chain-malware.md
@@ -17,6 +17,8 @@ Supply chain attacks are an emerging kind of threat that target software develop
 
 ## How supply chain attacks work
 
+[!video https://www.youtube.com/embed/uXm2XNSavwo]
+
 Attackers hunt for unsecure network protocols, unprotected server infrastructures, and unsafe coding practices. They break in, change source codes, and hide malware in build and update processes.  
 
 Because software is built and released by trusted vendors, these apps and updates are signed and certified. In software supply chain attacks, vendors are likely unaware that their apps or updates are infected with malicious code when they’re released to the public. The malicious code then runs with the same trust and permissions as the app.