diff --git a/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering.md b/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering.md
index 7b136fa662..e2566ae779 100644
--- a/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering.md
+++ b/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering.md
@@ -37,7 +37,7 @@ Before signing WDAC policies for the first time, be sure to enable rule options
 
 To sign a WDAC policy with SignTool.exe, you need the following components:
 
--   SignTool.exe, found in the [Windows SDK](https://developer.microsoft.com/en-US/windows/downloads/windows-10-sdk/) (Windows 7 or later)
+-   SignTool.exe, found in the [Windows SDK](https://developer.microsoft.com/windows/downloads/windows-10-sdk/) (Windows 7 or later)
 
 -   The binary format of the WDAC policy that you generated in [Create a Windows Defender Application Control policy from a reference computer](create-initial-default-policy.md) or another WDAC policy that you have created
 
@@ -103,4 +103,4 @@ If you do not have a code signing certificate, see [Optional: Create a code sign
 
 
 > [!NOTE]
-   > The device with the signed policy must be rebooted one time with Secure Boot enabled for the UEFI lock to be set. 
\ No newline at end of file
+   > The device with the signed policy must be rebooted one time with Secure Boot enabled for the UEFI lock to be set.