Merge branch 'public' into patch-25

.openpublishing.publish.config.json

@@ -8,7 +8,7 @@
       "locale": "en-us",
       "monikers": [],
       "moniker_ranges": [],
-      "open_to_public_contributors": true,
+      "open_to_public_contributors": false,
       "type_mapping": {
         "Conceptual": "Content",
         "ManagedReference": "Content",
@@ -40,7 +40,7 @@
       "locale": "en-us",
       "monikers": [],
       "moniker_ranges": [],
-      "open_to_public_contributors": true,
+      "open_to_public_contributors": false,
       "type_mapping": {
         "Conceptual": "Content",
         "ManagedReference": "Content",
@@ -56,7 +56,7 @@
       "locale": "en-us",
       "monikers": [],
       "moniker_ranges": [],
-      "open_to_public_contributors": true,
+      "open_to_public_contributors": false,
       "type_mapping": {
         "Conceptual": "Content",
         "ManagedReference": "Content",
@@ -88,7 +88,7 @@
       "locale": "en-us",
       "monikers": [],
       "moniker_ranges": [],
-      "open_to_public_contributors": true,
+      "open_to_public_contributors": false,
       "type_mapping": {
         "Conceptual": "Content",
         "ManagedReference": "Content",
@@ -120,7 +120,7 @@
       "locale": "en-us",
       "monikers": [],
       "moniker_ranges": [],
-      "open_to_public_contributors": true,
+      "open_to_public_contributors": false,
       "type_mapping": {
         "Conceptual": "Content",
         "ManagedReference": "Content",
@@ -136,7 +136,7 @@
       "locale": "en-us",
       "monikers": [],
       "moniker_ranges": [],
-      "open_to_public_contributors": true,
+      "open_to_public_contributors": false,
       "type_mapping": {
         "Conceptual": "Content",
         "ManagedReference": "Content",
@@ -200,7 +200,7 @@
       "locale": "en-us",
       "monikers": [],
       "moniker_ranges": [],
-      "open_to_public_contributors": true,
+      "open_to_public_contributors": false,
       "type_mapping": {
         "Conceptual": "Content",
         "ManagedReference": "Content",
@@ -232,7 +232,7 @@
       "locale": "en-us",
       "monikers": [],
       "moniker_ranges": [],
-      "open_to_public_contributors": true,
+      "open_to_public_contributors": false,
       "type_mapping": {
         "Conceptual": "Content",
         "ManagedReference": "Content",
@@ -280,7 +280,7 @@
       "locale": "en-us",
       "monikers": [],
       "moniker_ranges": [],
-      "open_to_public_contributors": true,
+      "open_to_public_contributors": false,
       "type_mapping": {
         "Conceptual": "Content",
         "ManagedReference": "Content",
@@ -481,4 +481,4 @@
   },
   "need_generate_pdf": false,
   "need_generate_intellisense": false
-}
+}

.openpublishing.redirection.json

@@ -6036,6 +6036,11 @@
     "redirect_url": "/hololens/hololens-recovery",
     "redirect_document_id": false
 },
+{
+    "source_path": "devices/hololens/holographic-photos-and-video.md",
+    "redirect_url": "/hololens/holographic-photos-and-videos",
+    "redirect_document_id": false
+},
 {
 "source_path": "devices/surface-hub/provisioning-packages-for-certificates-surface-hub.md",
 "redirect_url": "https://docs.microsoft.com/surface-hub/provisioning-packages-for-surface-hub",
@@ -15330,6 +15335,81 @@
 "source_path": "windows/security/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard.md",
 "redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/exploit-protection",
 "redirect_document_id": false
+},
+{
+"source_path": "windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md",
+"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create",
+"redirect_document_id": false
+},
+{
+"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md",
+"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-whatsnew.md",
+"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew",
+"redirect_document_id": true
+},
+{
+"source_path": "windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md",
+"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md",
+"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md",
+"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md",
+"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-install-manually",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md",
+"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-updates",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-exclusions.md",
+"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-preferences.md",
+"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-preferences",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-pua.md",
+"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-pua",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-support-perf.md",
+"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-support-perf",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-support-kext.md",
+"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-support-kext",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-privacy.md",
+"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-privacy",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md",
+"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-resources",
+"redirect_document_id": true
 }
 ]
 }

browsers/edge/docfx.json

@@ -35,6 +35,7 @@
       "manager": "laurawi",
       "ms.prod": "edge",
       "feedback_system": "None",
+      "hideEdit": true,
       "_op_documentIdPathDepotMapping": {
         "./": {
           "depot_name": "Win.microsoft-edge",

browsers/internet-explorer/docfx.json

@@ -31,6 +31,7 @@
       "manager": "laurawi",
       "ms.date": "04/05/2017",
       "feedback_system": "None",
+      "hideEdit": true,
       "_op_documentIdPathDepotMapping": {
         "./": {
           "depot_name": "Win.internet-explorer",

devices/hololens/TOC.md

@@ -23,16 +23,16 @@
 ## [Set up ring based updates for HoloLens](hololens-updates.md)
 ## [Enable Bitlocker device encryption for HoloLens](hololens-encryption.md)
 
-# User management and access management
-## [Share your HoloLens with multiple people](hololens-multiple-users.md)
-## [Set up HoloLens as a kiosk (single application access)](hololens-kiosk.md)
-## [Set up limited application access](hololens-kiosk.md)
-
 # Navigating Windows Holographic
 ## [Start menu and mixed reality home](holographic-home.md)
 ## [Use your voice with HoloLens](hololens-cortana.md)
 ## [Find and save files](hololens-find-and-save-files.md)
-## [Create, share, and view photos and video](holographic-photos-and-video.md)
+## [Create, share, and view photos and video](holographic-photos-and-videos.md)
+
+# User management and access management
+## [Share your HoloLens with multiple people](hololens-multiple-users.md)
+## [Set up HoloLens as a kiosk (single application access)](hololens-kiosk.md)
+## [Set up limited application access](hololens-kiosk.md)
 
 # Holographic Applications
 ## [Try 3D Viewer](holographic-3d-viewer-beta.md)

devices/hololens/docfx.json

@@ -43,8 +43,9 @@
         "./": {
           "depot_name": "Win.itpro-hololens",
           "folder_relative_path_in_docset": "./"
+        } 
+          
         }
-      }
     },
     "fileMetadata": {},
     "template": [
@@ -52,5 +53,15 @@
     ],
     "dest": "devices/hololens",
     "markdownEngineName": "markdig"
-  }
+  },
+    "contributors_to_exclude": [ 
+    "rjagiewich", 
+    "traya1", 
+    "rmca14", 
+    "claydetels19", 
+    "Kellylorenebaker",
+    "jborsecnik",
+    "tiburd",
+    "garycentric"
+    ]
 }

devices/hololens/holographic-photos-and-video.md

@@ -1,53 +0,0 @@
----
-title: Create, share, and view photos and video
-description: Create, share, and view photos and video
-ms.assetid: 1b636ec3-6186-4fbb-81b2-71155aef0593
-keywords: hololens
-ms.prod: hololens
-ms.sitesec: library
-author: Teresa-Motiv
-ms.author: v-tea
-ms.topic: article
-ms.localizationpriority: high
-ms.date: 8/12/19
-ms.reviewer: 
-manager: jarrettr
-appliesto:
-- HoloLens (1st gen)
-- HoloLens 2
----
-
-# Create, share, and view photos and video
-
-Use your HoloLens to take photos and videos that capture the holograms you've placed in your world.
-
-To sync your photos and videos to OneDrive, open the OneDrive app and select **Settings** > **Camera upload**, and then turn on **Camera upload**.
-
-## Take a photo on HoloLens (1st gen)
-
-Use the open the **Start** menu, and then select the Photos app.
-
-Use gaze to position the photo frame, then air tap to take the picture. The picture will be saved to your collection in the Photos app.</p>
-
-Want to snap a quick picture? Press the [volume up and volume down buttons](hololens1-hardware.md#hololens-components) at the same time.
-
-## Take a video on HoloLens (1st gen)
-
-Use the bloom gesture to go to **Start**, then select **Video**. Use gaze to position the video frame, then air tap to start recording. To stop recording, use bloom once. The video will be saved to your collection in the Photos app.
-
-To start recording more quickly, press and hold the volume up and volume down buttons simultaneously until a three-second countdown begins. To stop recording, tap both buttons.
-
-> [!TIP]
-> You can always have Cortana take a photo or a video for you. Just say "Hey Cortana, take a photo" or "Hey Cortana, take a video." [What else can I say to Cortana?](hololens-cortana.md)
-
-## Find your photos and videos
-
-To see your photos from OneDrive, select **More** > **Settings**, and then turn on **Show my cloud-only content from OneDrive**. (You'll need to sign in to the Photos app with your Microsoft account, if you haven't already.)
-
-To pin a photo or video in your world, open it, then select **Place in mixed world**. Use tap and hold to move it to where you want it.
-
-## Share photos and videos
-
-To share images to a social network, in the Collection view, tap and hold the photo you want to share, then select **Share**. Select **Share Assistant**, then select the app that you want to share to.
-
-You can also share directly from the camera app right after you take a photo&mdash;at the top of the image, select **Share**.

devices/hololens/holographic-photos-and-videos.md

@@ -0,0 +1,150 @@
+---
+title: Capture and manage mixed reality photos and videos
+description: Learn how to capture, view, and share mixed reality photos and videos, using HoloLens.
+keywords: hololens, photo, video, capture, mrc, mixed reality capture, photos, camera, stream, livestream, demo
+ms.assetid: 1b636ec3-6186-4fbb-81b2-71155aef0593
+ms.prod: hololens
+ms.sitesec: library
+author: mattzmsft
+ms.author: mazeller
+ms.topic: article
+audience: ITPro
+ms.localizationpriority: medium
+ms.date: 10/28/2019
+manager: jarrettr
+appliesto:
+- HoloLens (1st gen)
+- HoloLens 2
+---
+
+# Create mixed reality photos and videos
+
+HoloLens gives users the experience of mixing the real world with the digital world.  Mixed reality capture (MRC) lets you capture that experience as a photo or video, or share what you see with others in real-time.
+
+Mixed reality capture uses a first-person point of view so other people can see holograms as you see them. For a third-person point of view, use [spectator view](https://docs.microsoft.com/windows/mixed-reality/spectator-view). Spectator view is especially useful for demos.
+
+While it's fun to share videos amongst friends and colleagues, videos can also help teach other people to use an app or to communicate problems with apps and experiences.
+
+> [!NOTE]
+> If you can't launch mixed reality capture experiences and your HoloLens is a work device, check with your system administrator. Access to the camera can be restricted through company policy.
+
+## Capture a mixed reality photo
+
+There are several ways to take a photo of mixed reality on HoloLens; you can use hardware buttons, voice, or the Start menu.
+
+### Hardware buttons to take photos
+
+To take a quick photo of your current view, press the volume up and volume down buttons at the same time.  This is a bit like the HoloLens version of a screenshot or print screen.
+
+- [Button locations on HoloLens 2](hololens2-hardware.md)
+- [Button locations on HoloLens (1st gen)](hololens1-hardware.md#hololens-components)
+
+> [!NOTE]
+> Holding the **volume up** and **volume down** buttons for three seconds will start recording a video rather than taking a photo. To stop recording, tap both **volume up** and **volume down** buttons simultaneously.
+
+### Voice commands to take photos
+
+Cortana can also take a picture. Say: "Hey Cortana, take a picture."
+
+### Start menu to take photos
+
+Use the Start gesture to go to **Start**, then select the **camera** icon.
+
+Point your head in the direction of what you want to capture, then [air tap](hololens2-basic-usage.md#touch-holograms-near-you) to take a photo. You can continue to air tap and capture additional photos. Any photos you capture will be saved to your device.
+
+Use the Start gesture again to end photo capture.  
+
+## Capture a mixed reality video
+
+There are several ways to record a video of mixed reality on HoloLens; you can use hardware buttons, voice, or the Start menu.
+
+### Hardware buttons to record videos
+
+The quickest way to record a video is to press and hold the **volume up** and **volume down** buttons simultaneously until a three-second countdown begins. To stop recording, tap both buttons simultaneously.
+
+> [!NOTE]
+> Quickly pressing the **volume up** and **volume down** buttons at the same time will take a photo rather than recording a video.
+
+### Voice to record videos
+
+Cortana can also record a video. Say: "Hey Cortana, start recording." To stop a video, say "Hey Cortana, stop recording."
+
+### Start menu to record videos
+
+Use the Start gesture to go to **Start**, then select the **video** icon. Point your head in the direction of what you want to capture, then [air tap](hololens2-basic-usage.md#touch-holograms-near-you) to start recording. There will be a three second countdown and your recording will begin.
+
+To stop recording, use the Start gesture and select the highlighted **video** icon. The video will be saved to your device.
+
+> [!NOTE]
+> **Applies to HoloLens (1st gen) only**  
+> The [Windows 10 October 2018 Update](https://docs.microsoft.com/windows/mixed-reality/release-notes-october-2018) changes how the Start gesture and Windows button behave on HoloLens (1st gen). Before the update, the Start gesture or Windows button would stop a video recording. After the update, however, the Start gesture or Windows button opens the **Start** menu (or the **quick actions menu** if you are in an immersive app), from which you can select the highlighted **video** icon to stop recording.
+
+## Share what you see in real-time
+
+You can share what you see in HoloLens with friends and colleagues in real-time. There are a few methods available:
+
+1. Connecting to a Miracast-enabled device or adapter to watch on a TV.
+1. Using [Windows Device Portal](https://docs.microsoft.com/windows/mixed-reality/using-the-windows-device-portal) to watch on a PC
+1. Using the [Microsoft HoloLens companion app](https://www.microsoft.com/store/productId/9NBLGGH4QWNX) to watch on a PC.
+1. Deploying the [Microsoft Dynamics 365 Remote Assist](https://dynamics.microsoft.com/en-us/mixed-reality/remote-assist) app, which enables front-line workers to stream what they see to a remote expert. The remote expert can then guide the front-line worker verbally or by annotating in their world.
+
+> [!NOTE]
+> Sharing what you see via Windows Device Portal or Microsoft HoloLens companion app requires your HoloLens to be in [Developer mode](https://docs.microsoft.com/windows/mixed-reality/using-the-windows-device-portal#setting-up-hololens-to-use-windows-device-portal).
+
+### Stream video with Miracast
+
+Use the Start gesture to go to **Start**, then select the **connect** icon. From the picker that appears, select the Miracast-enabled device or adapter to which you want to connect.
+
+To stop sharing, use the Start gesture and select the highlighted **connect** icon. Because you were streaming, nothing will be saved to your device.
+
+> [!NOTE]
+> Miracast support was enabled on HoloLens (1st gen) beginning with the [Windows 10 October 2018 Update](https://docs.microsoft.com/windows/mixed-reality/release-notes-october-2018).
+
+### Real time video with Windows Device Portal
+
+Because sharing via Windows Device Portal requires Developer mode to be enabled on HoloLens, follow the instructions in our developer documentation to [set up Developer mode and navigate Windows Device Portal](https://docs.microsoft.com/windows/mixed-reality/using-the-windows-device-portal).
+
+### Microsoft HoloLens companion app
+
+Because sharing via the Microsoft HoloLens companion app requires Developer mode to be enabled on HoloLens, follow the instructions in our developer documentation to [set up Developer mode](https://docs.microsoft.com/windows/mixed-reality/using-the-windows-device-portal). Then, download the [Microsoft HoloLens companion app](https://www.microsoft.com/store/productId/9NBLGGH4QWNX) and follow the instructions within the app to connect to your HoloLens.
+
+Once the app is set up with your HoloLens, select the **Live stream** option from the app's main menu.
+
+## View your mixed reality photos and videos
+
+Mixed reality photos and videos are saved to the device's "Camera Roll". You can browse the contents of this folder on your HoloLens with the File Explorer app (navigate to Pictures > Camera Roll).
+
+You can also view your mixed reality photos and videos in the Photos app, which is pre-installed on HoloLens. To pin a photo in your world, select it in the Photos app and choose **Place in mixed world**. You can move the photo around your world after it's been placed.
+
+To view and/or save your mixed reality photos and videos on a PC connected to HoloLens, you can use [Windows Device Portal](https://docs.microsoft.com/windows/mixed-reality/using-the-windows-device-portal#mixed-reality-capture) or your [PC's File Explorer via MTP](https://docs.microsoft.com/windows/mixed-reality/release-notes-april-2018#new-features-for-hololens).
+
+## Share your mixed reality photos and videos
+
+After capturing a mixed reality photo or video, a preview will appear. Select the **share** icon above the preview to bring up the share assistant. From there, you can select the end point to which you'd like to share that photo or video.
+
+You can also share mixed reality photos and videos from OneDrive, by automatically uploading your mixed reality photos and videos. Open the OneDrive app on HoloLens and sign in with a personal [Microsoft account](https://account.microsoft.com) if you haven't already. Select the **settings** icon and choose **Camera upload**. Turn Camera upload on. Your mixed reality photos and videos will now be uploaded to OneDrive each time you launch the app on HoloLens.
+
+> [!NOTE]
+> You can only enable camera upload in OneDrive if you’re signed into OneDrive with a personal Microsoft account. If you set up HoloLens with a work or school account, you can add a personal Microsoft account in the OneDrive app to enable this feature.
+
+## Limitations of mixed reality capture
+
+- While using mixed reality capture, the framerate of HoloLens will be halved to 30 Hz.
+- Videos have a maximum length of five minutes.
+- The resolution of photos and videos may be reduced if the photo/video camera is already in use by another application, while live streaming, or when system resources are low.
+
+## Default file format and resolution
+
+### Default photo format and resolution
+
+|  Device  |  Format  |  Extension  |  Resolution  |
+|----------|----------|----------|----------|
+| HoloLens 2 | [JPEG](https://en.wikipedia.org/wiki/JPEG) | .jpg | 3904x2196px |
+| HoloLens (1st gen) | [JPEG](https://en.wikipedia.org/wiki/JPEG) | .jpg | 1408x792px |
+
+### Recorded video format and resolution
+
+| Device | Format | Extension | Resolution | Speed | Audio |
+|----------|----------|----------|----------|----------|----------|
+| HoloLens 2 | [MPEG-4](https://en.wikipedia.org/wiki/MPEG-4) | .mp4 | 1920x1080px | 30fps | 48kHz Stereo |
+| HoloLens (1st gen) |  [MPEG-4](https://en.wikipedia.org/wiki/MPEG-4) | .mp4 | 1216x684px | 24fps | 48kHz Stereo |

devices/hololens/hololens2-basic-usage.md

@@ -28,7 +28,7 @@ This guide provides an intro to:
 
 On HoloLens, holograms blend the digital world with your physical environment to look and sound like they're part of your world. Even when holograms are all around you, you can always see your surroundings, move freely, and interact with people and objects. We call this experience "mixed reality".
 
-The holographic frame positions your holograms where your eyes are most sensitive to detail and the see-through lenses leave your peripheral vision unobscured. With spatial sound, you can pinpoint a hologram by listening, even if it’s behind you. And, because HoloLens understands your physical environment, you can place holograms on and around real objects such as tables and walls.
+The holographic frame positions your holograms where your eyes are most sensitive to detail and the see-through lenses leave your peripheral vision clear. With spatial sound, you can pinpoint a hologram by listening, even if it’s behind you. And, because HoloLens understands your physical environment, you can place holograms on and around real objects such as tables and walls.
 
 Getting around HoloLens is a lot like using your smart phone. You can use your hands to touch and manipulate holographic windows, menus, and buttons.  
 
@@ -54,6 +54,8 @@ To bring up a **context menu**, like the ones you'll find on an app tile in the
 
 ## Use hand ray for holograms out of reach
 
+> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE3ZOum]
+
 When there are no holograms near your hands, the **touch cursor** will hide automatically and **hand rays** will appear from the palm of your hands. Hand rays allow you to interact with holograms from a distance.
 
 > [!TIP]
@@ -71,6 +73,8 @@ To select something using **hand ray**, follow these steps:
 
 ### Grab using air tap and hold
 
+> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE3Wxnh]
+
 To grab a hologram or scroll app window content using **hand ray**, start with an **air tap**, but keep your fingers together instead of releasing them.
 
 Use **air tap and hold** to perform the following actions with hand ray:
@@ -81,7 +85,9 @@ Use **air tap and hold** to perform the following actions with hand ray:
 
 ## Start gesture
 
-The Start gesture opens the **Start menu**.  To perform the Start gesture, hold out your hand with your palm facing you. You’ll see a **Start icon** appear over your inner wrist. Tap this icon using your other hand.  The Start menu will open **where you’re looking**. 
+> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE3Wxng]
+
+The Start gesture opens the **Start menu**.  To perform the Start gesture, hold out your hand with your palm facing you. You’ll see a **Start icon** appear over your inner wrist. Tap this icon using your other hand.  The Start menu will open **where you’re looking**.
 
 > [!TIP]
 >
@@ -135,6 +141,8 @@ Move a hologram or app by following these steps:
 
 ### Resizing holograms
 
+> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE3ZYIb]
+
 Grab and use the **resize handles** that appear on the corners of 3D holograms and app windows to resize them.
 
 For an app window, when resized this way the window content correspondingly increases in size and becomes easier to read.

devices/hololens/hololens2-setup.md

@@ -1,6 +1,7 @@
 ---
 title: Prepare a new HoloLens 2
 description: This guide walks through first time set up and hardware guide.
+keywords: hololens, lights, fit, comfort, parts
 ms.assetid: 02692dcf-aa22-4d1e-bd00-f89f51048e32
 ms.date: 9/17/2019
 keywords: hololens
@@ -68,14 +69,14 @@ Not sure what the indicator lights on your HoloLens mean? Want to know how HoloL
 
 ### Charging behavior
 
-| State of the Device	| Action	| HoloLens 2 will do this |
+| State of the Device | Action | HoloLens 2 will do this |
 | - | - | - |
-| OFF |	Plug in USB Cable	| Device transitions to ON with indicator lights showing battery level and device starts charging.
+| OFF | Plug in USB Cable | Device transitions to ON with indicator lights showing battery level and device starts charging.
-| ON	| Remove USB Cable	| Device stops charging
+| ON | Remove USB Cable | Device stops charging
-| ON	| Plug in USB Cable	| Device starts charging
+| ON | Plug in USB Cable | Device starts charging
-| SLEEP	| Plug in USB Cable	| Device starts charging
+| SLEEP | Plug in USB Cable | Device starts charging
-| SLEEP	| Remove USB Cable |	Device stops charging
+| SLEEP | Remove USB Cable | Device stops charging
-| ON with USB cable pluged in	| Turn off Device |	Device transitions to ON with indicator lights showing battery level and device will start charging |
+| ON with USB cable plugged in | Turn off Device | Device transitions to ON with indicator lights showing battery level and device will start charging |
 
 ### Lights that indicate the battery level
 
@@ -89,18 +90,19 @@ Not sure what the indicator lights on your HoloLens mean? Want to know how HoloL
 
 ### Sleep Behavior
 
-| State of the Device	| Action	| HoloLens 2 will do this |
+| State of the Device | Action | HoloLens 2 will do this |
 | - | - | - |
-| ON	| Single Power button press	| Device transitions to SLEEP and turns off all indicator lights |
+| ON | Single Power button press | Device transitions to SLEEP and turns off all indicator lights |
-| ON	| No movement for 3 minutes	| Device transition to SLEEP and turns off all indicator lights |
+| ON | No movement for 3 minutes | Device transition to SLEEP and turns off all indicator lights |
-| SLEEP	| Single Power button Press	| Device transitions to ON and turns on indicator lights |
+| SLEEP | Single Power button Press | Device transitions to ON and turns on indicator lights |
 
 ### Lights to indicate problems
 
 | When you do this | The lights do this | It means this |
 | - | - | - |
 | You press the Power button. | One light flashes five times, then turns off. | The HoloLens battery is critically low. Charge your HoloLens. |
-| You press the Power button. | All five lights flash five times, then turn off. |  HoloLens cannot start correctly and is in an error state. |
+| You press the Power button. | All five lights flash five times, then turn off. |  HoloLens cannot start correctly and is in an error state. [Reinstall the operating system](hololens-recovery.md) to recover your device. |
+| You press the Power button. | The 1st, 3rd, and 5th lights flash together continually. |  HoloLens may have a hardware failure. To be sure, [reinstall the OS](hololens-recovery.md#hololens-2), and try again. After reinstalling the OS, if the light-flash pattern persists, contact [support](https://support.microsoft.com/en-us/supportforbusiness/productselection?sapid=3ec35c62-022f-466b-3a1e-dbbb7b9a55fb). |
 
 ## Safety and comfort
 

devices/surface-hub/TOC.md

@@ -22,6 +22,8 @@
 
 ## Deploy
 ### [Surface Hub 2S adoption and training](surface-hub-2s-adoption-kit.md)
+### [Surface Hub 2S adoption videos](surface-hub-2s-adoption-videos.md)
+
 ### [First time setup for Surface Hub 2S](surface-hub-2s-setup.md)
 ### [Connect devices to Surface Hub 2S](surface-hub-2s-connect.md)
 ### [Surface Hub 2S deployment checklist](surface-hub-2s-deploy-checklist.md)

devices/surface-hub/surface-hub-2s-adoption-kit.md

@@ -9,7 +9,7 @@ ms.author: greglin
 manager: laurawi
 audience: Admin
 ms.topic: article
-ms.date: 08/22/2019
+ms.date: 11/04/2019
 ms.localizationpriority: Medium
 ---
 
@@ -17,6 +17,10 @@ ms.localizationpriority: Medium
 
 Whether you are a small or large business, a Surface Hub adoption plan is critical in generating the right use cases and helping your users become comfortable with the device. Check out these downloadable guides designed to help you deliver training across your organization.
 
+## On-demand training
+
+- [Surface Hub 2S adoption and training videos](surface-hub-2s-adoption-videos.md)
+
 ## Adoption toolkit
 
 - [Surface Hub adoption toolkit](downloads/SurfaceHubAdoptionToolKit.pdf)
@@ -28,7 +32,7 @@ Whether you are a small or large business, a Surface Hub adoption plan is critic
 - [Training guide – help desk](downloads/TrainingGuide-SurfaceHub2S-HelpDesk.pdf)
 - [Training guide – Microsoft Teams desktop](downloads/Guide-SurfaceHub2S-Teams.pptx)
 
-[Download all training guides](http://download.microsoft.com/download/2/2/3/2234F70E-E65A-4790-93DF-F4C373A75B8E/SurfaceHub2S-TrainerGuides-July2019.zip)
+[Download all training guides](https://download.microsoft.com/download/2/2/3/2234F70E-E65A-4790-93DF-F4C373A75B8E/SurfaceHub2S-TrainerGuides-July2019.zip)
 
 ## End user guides
 
@@ -37,7 +41,7 @@ Whether you are a small or large business, a Surface Hub adoption plan is critic
 - [Guide to Microsoft Whiteboard on Surface Hub](downloads/Guide-SurfaceHub2S-Whiteboard.pptx)
 - [Guide to Microsoft Teams on Surface Hub](downloads/Guide-SurfaceHub2S-Teams.pptx)
 
-[Download all end user guides](http://download.microsoft.com/download/E/7/F/E7FC6611-BB55-43E1-AF36-7BD5CE6E0FE0/SurfaceHub2S-EndUserGuides-July2019.zip)
+[Download all end user guides](https://download.microsoft.com/download/E/7/F/E7FC6611-BB55-43E1-AF36-7BD5CE6E0FE0/SurfaceHub2S-EndUserGuides-July2019.zip)
 
 ## Quick reference cards
 
@@ -52,4 +56,4 @@ Whether you are a small or large business, a Surface Hub adoption plan is critic
 - [Whiteboard advanced](downloads/QRCWhiteboardAdvanced.pdf)
 - [Whiteboard tools](downloads/QRCWhiteboardTools.pdf)
 
-[Download all quick reference cards](http://download.microsoft.com/download/E/7/F/E7FC6611-BB55-43E1-AF36-7BD5CE6E0FE0/SurfaceHub2S-EndUserGuides-July2019.zip)
+[Download all quick reference cards](https://download.microsoft.com/download/E/7/F/E7FC6611-BB55-43E1-AF36-7BD5CE6E0FE0/SurfaceHub2S-EndUserGuides-July2019.zip)

devices/surface-hub/surface-hub-2s-adoption-videos.md

@@ -0,0 +1,137 @@
+---
+title: "Surface Hub 2S on-demand adoption and training videos"
+description: "This page contains comprehensive training for Surface Hub 2S via on-demand streaming"
+keywords: separate values with commas
+ms.prod: surface-hub
+ms.sitesec: library
+author: greg-lindsay
+ms.author: greglin
+manager: laurawi
+audience: Admin
+ms.topic: article
+ms.date: 11/04/2019
+ms.localizationpriority: Medium
+---
+
+# Surface Hub 2S on-demand adoption and training videos
+
+This page contains comprehensive training for Surface Hub 2S, available on demand.
+
+## Chapter 1 - Training overview
+
+> ![VIDEO <https://www.microsoft.com/videoplayer/embed/RE46Jud>]<br>
+
+- Welcome and introduction
+- Training overview and agenda
+- Software and technology reference
+- Surface Hub messaging
+- Industries and user roles
+- Overview of training services
+- Training best practices
+
+## Chapter 2 - Getting started with Surface Hub
+
+> ![VIDEO <https://www.microsoft.com/videoplayer/embed/RE46Ejt>]<br>
+
+- What is Surface Hub?
+- Technical overview
+- Steelcase Roam and the mobility story
+- Surface Hub services
+- Getting started with Surface Hub
+- Gathering expectations
+
+## Chapter 3 - Navigating Surface Hub
+
+> ![VIDEO <https://www.microsoft.com/videoplayer/embed/RE46OFW>]<br>
+
+- Welcome screen
+- Start menu
+- Full screen
+- Clip to Whiteboard
+- Task bar menu
+- Teams/Skype
+- End Session
+
+## Chapter 4 - Whiteboarding and collaboration
+
+> ![VIDEO <https://www.microsoft.com/videoplayer/embed/RE46M4v>]<br>
+
+- Whiteboard introduction
+- Starting the Whiteboard
+- Whiteboard tools
+- Inserting pictures
+- Changing the background
+- Sharing the whiteboard
+- Export the Whiteboard	
+ 
+## Chapter 5 - Exploring Surface Hub apps
+
+> ![VIDEO <https://www.microsoft.com/videoplayer/embed/RE46Ejz>]<br>
+
+- Surface Hub apps introduction
+- PowerPoint overview
+- Microsoft Word
+- Microsoft Excel
+- Microsoft Edge
+
+## Chapter 6 - Advanced apps and Office 365
+
+> ![VIDEO <https://www.microsoft.com/videoplayer/embed/RE46EjA>]<br>
+
+- Advanced apps introduction
+- Microsoft Maps
+- Photos
+- Power BI
+- Sign in to Office 365
+- OneDrive
+- CoAuthor documents
+
+## Chapter 7 - Connecting devices
+
+> ![VIDEO <https://www.microsoft.com/videoplayer/embed/RE46M4w>]<br>
+
+- Connect introduction
+- Miracast overview
+- Touch and Pen Input
+- Wired connect overview
+- Line of Business app workflows
+- Troubleshooting Miracast and wired connect	
+ 
+## Chapter 8 - Skype for Business meetings
+
+> ![VIDEO <https://www.microsoft.com/videoplayer/embed/RE46M4x>]<br>
+
+- Introduction to Skype for Business
+-Scheduling Skype for Business meetings
+- Start a meeting
+- Start an ad hoc meeting
+- Join a meeting on your calendar
+- Managing a Skype for Business meeting
+- Present content
+	
+## Chapter 9 - Microsoft Teams meetings
+
+> ![VIDEO <https://www.microsoft.com/videoplayer/embed/RE46OFZ>]<br>
+
+- Introduction to Microsoft Teams
+- Scheduling Microsoft Teams meetings
+- Start a meeting
+- Start an ad hoc meeting
+- Join a meeting on your calendar
+- Managing a Microsoft Teams meeting
+- Present content
+- Conclusion
+
+## Chapter 10 - Basic troubleshooting
+
+> ![VIDEO <https://www.microsoft.com/videoplayer/embed/RE46z65>]<br>
+
+- Introduction to Surface Hub troubleshooting
+- Application troubleshooting
+- End Session
+- Restart the device
+- Power cycle the device
+- Factory reset
+- Settings
+- Manage Surface Hub
+- Conclusion

devices/surface/battery-limit.md

@@ -6,7 +6,7 @@ ms.mktglfcycl: manage
 ms.pagetype: surface, devices
 ms.sitesec: library
 author: dansimp
-ms.date: 10/02/2018
+ms.date: 10/31/2019
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
@@ -19,11 +19,13 @@ ms.audience: itpro
 
 Battery Limit option is a UEFI setting that changes how the Surface device battery is charged and may prolong its longevity. This setting is recommended in  cases  in which the device is continuously connected to power, for example when devices are integrated into kiosk solutions.  
 
-## Battery Limit information
+## How Battery Limit works
 
 Setting the device on Battery Limit changes the protocol for charging the device battery. When Battery Limit is enabled, the battery charge will be limited to 50% of its maximum capacity. The charge level reported in Windows will reflect this limit. Therefore, it will show that the battery is charged up to 50% and will not charge beyond  this limit. If you enable Battery Limit while the device is above 50% charge, the Battery icon will show that the device is plugged in but discharging until the device reaches 50% of its maximum charge capacity.  
 
-Adding the Battery Limit option to Surface UEFI requires a [Surface UEFI firmware update](update.md), available through Windows Update or via the MSI driver and firmware packages on the Microsoft Download Center. Check [Enable "Battery Limit" for Surface devices that have to be plugged in for extended periods of time](https://support.microsoft.com/help/4464941) for the specific Surface UEFI version required for each supported device. Currently, Battery Limit is supported on a subset of Surface devices and will be available in the future on other Surface device models. 
+## Supported devices
+The Battery Limit UEFI setting is built into the latest Surface devices including Surface Pro 7 and Surface Laptop 3. Earlier devices require a
+ [Surface UEFI firmware update](update.md), available through Windows Update or via the MSI driver and firmware packages on the [Surface Support site](https://support.microsoft.com/help/4023482/surface-download-drivers-and-firmware-for-surface). Check [Enable "Battery Limit" for Surface devices that have to be plugged in for extended periods of time](https://support.microsoft.com/help/4464941) for the specific Surface UEFI version required for each supported device. 
 
 ## Enabling Battery Limit in Surface UEFI (Surface Pro 4 and later)
 

devices/surface/enable-surface-keyboard-for-windows-pe-deployment.md

@@ -9,7 +9,7 @@ ms.sitesec: library
 author: Teresa-Motiv
 ms.author: v-tea
 ms.topic: article
-ms.date: 10/2/2019
+ms.date: 10/31/2019
 ms.reviewer: scottmca
 ms.localizationpriority: medium
 ms.audience: itpro
@@ -17,6 +17,7 @@ manager: jarrettr
 appliesto:
 - Surface Laptop (1st Gen)
 - Surface Laptop 2
+- Surface Laptop 3
 ---
 
 # How to enable the Surface Laptop keyboard during MDT deployment
@@ -32,44 +33,77 @@ On most types of Surface devices, the keyboard should work during Lite Touch Ins
 To add the keyboard drivers to the selection profile, follow these steps:
 
 1. Download the latest Surface Laptop MSI file from the appropriate locations:
-   - [Surface Laptop (1st Gen) Drivers and Firmware](https://www.microsoft.com/download/details.aspx?id=55489)
+    - [Surface Laptop (1st Gen) Drivers and Firmware](https://www.microsoft.com/download/details.aspx?id=55489)
-   - [Surface Laptop 2 Drivers and Firmware](https://www.microsoft.com/download/details.aspx?id=57515)
+    - [Surface Laptop 2 Drivers and Firmware](https://www.microsoft.com/download/details.aspx?id=57515)
+    - [Surface Laptop 3 with Intel Processor Drivers and Firmware](https://www.microsoft.com/download/details.aspx?id=100429)
 
-1. Extract the contents of the Surface Laptop MSI file to a folder that you can easily locate (for example, c:\surface_laptop_drivers). To extract the contents, open an elevated Command Prompt window and run the following command:
+2. Extract the contents of the Surface Laptop MSI file to a folder that you can easily locate (for example, c:\surface_laptop_drivers). To extract the contents, open an elevated Command Prompt window and run the command from the following example:
 
    ```cmd
    Msiexec.exe /a SurfaceLaptop_Win10_15063_1703008_1.msi targetdir=c:\surface_laptop_drivers /qn
    ```
 
-1. Open the Deployment Workbench and expand the **Deployment Shares** node and your deployment share, then navigate to the **WindowsPEX64** folder.
+3. Open the Deployment Workbench and expand the **Deployment Shares** node and your deployment share, then navigate to the **WindowsPEX64** folder.
 
    ![Image that shows the location of the WindowsPEX64 folder in the Deployment Workbench](./images/surface-laptop-keyboard-1.png)
 
-1. Right-click the **WindowsPEX64** folder and select **Import Drivers**.
+4. Right-click the **WindowsPEX64** folder and select **Import Drivers**.
-1. Follow the instructions in the Import Driver Wizard to import the driver folders into the WindowsPEX64 folder.  
+5. Follow the instructions in the Import Driver Wizard to import the driver folders into the WindowsPEX64 folder.  
-   
-   To support Surface Laptop (1st Gen), import the following folders:
-   - SurfacePlatformInstaller\Drivers\System\GPIO
-   - SurfacePlatformInstaller\Drivers\System\SurfaceHidMiniDriver
-   - SurfacePlatformInstaller\Drivers\System\SurfaceSerialHubDriver  
-   
-   To support Surface Laptop 2, import the following folders:
-   - SurfacePlatformInstaller\Drivers\System\GPIO
-   - SurfacePlatformInstaller\Drivers\System\SurfaceHIDMiniDriver
-   - SurfacePlatformInstaller\Drivers\System\SurfaceSerialHubDriver
-   - SurfacePlatformInstaller\Drivers\System\I2C
-   - SurfacePlatformInstaller\Drivers\System\SPI
-   - SurfacePlatformInstaller\Drivers\System\UART  
 
-1. Verify that the WindowsPEX64 folder now contains the imported drivers. The folder should resemble the following:  
+> [!NOTE]
+>  Check the downloaded MSI package to determine the format and directory structure.  The directory structure will start with either SurfacePlatformInstaller (older MSI files) or SurfaceUpdate (Newer MSI files) depending on when the MSI was released. 
+
+To support Surface Laptop (1st Gen), import the following folders:
+
+ - SurfacePlatformInstaller\Drivers\System\GPIO
+ - SurfacePlatformInstaller\Drivers\System\SurfaceHidMiniDriver
+ - SurfacePlatformInstaller\Drivers\System\SurfaceSerialHubDriver
+
+Or for newer MSI files beginning with "SurfaceUpdate", use:
+
+- SurfaceUpdate\SerialIOGPIO
+- SurfaceUpdate\SurfaceHidMiniDriver
+- SurfaceUpdate\SurfaceSerialHubDriver
+
+To support Surface Laptop 2, import the following folders:
+
+ - SurfacePlatformInstaller\Drivers\System\GPIO
+ - SurfacePlatformInstaller\Drivers\System\SurfaceHIDMiniDriver
+ - SurfacePlatformInstaller\Drivers\System\SurfaceSerialHubDriver
+ - SurfacePlatformInstaller\Drivers\System\I2C
+ - SurfacePlatformInstaller\Drivers\System\SPI
+ - SurfacePlatformInstaller\Drivers\System\UART
+
+Or for newer MSI files beginning with "SurfaceUpdate", use:
+
+- SurfaceUpdate\SerialIOGPIO
+- SurfaceUpdate\IclSerialIOI2C
+- SurfaceUpdate\IclSerialIOSPI
+- SurfaceUpdate\IclSerialIOUART
+- SurfaceUpdate\SurfaceHidMini
+- SurfaceUpdate\SurfaceSerialHub
+
+ 
+To support Surface Laptop 3 with Intel Processor, import the following folders:
+
+- SurfaceUpdate\IclSerialIOGPIO
+- SurfaceUpdate\IclSerialIOI2C
+- SurfaceUpdate\IclSerialIOSPI
+- SurfaceUpdate\IclSerialIOUART
+- SurfaceUpdate\SurfaceHidMini
+- SurfaceUpdate\SurfaceSerialHub
+- SurfaceUpdate\SurfaceHotPlug
+   
+
+6. Verify that the WindowsPEX64 folder now contains the imported drivers. The folder should resemble the following:  
 
    ![Image that shows the newly imported drivers in the WindowsPEX64 folder of the Deployment Workbench](./images/surface-laptop-keyboard-2.png)
 
-1. Configure a selection profile that uses the WindowsPEX64 folder. The selection profile should resemble the following:  
+7. Configure a selection profile that uses the WindowsPEX64 folder. The selection profile should resemble the following:  
 
    ![Image that shows the WindowsPEX64 folder selected as part of a selection profile](./images/surface-laptop-keyboard-3.png)
 
-1. Configure the Windows PE properties of the MDT deployment share to use the new selection profile, as follows:  
+8. Configure the Windows PE properties of the MDT deployment share to use the new selection profile, as follows:  
 
    - For **Platform**, select **x64**.
    - For **Selection profile**, select the new profile.
@@ -77,7 +111,7 @@ To add the keyboard drivers to the selection profile, follow these steps:
    
    ![Image that shows the Windows PE properties of the MDT Deployment Share](./images/surface-laptop-keyboard-4.png)
 
-1. Verify that you have configured the remaining Surface Laptop drivers by using either a selection profile or a **DriverGroup001** variable.  
+9. Verify that you have configured the remaining Surface Laptop drivers by using either a selection profile or a **DriverGroup001** variable.  
    - For Surface Laptop (1st Gen), the model is **Surface Laptop**. The remaining Surface Laptop drivers should reside in the \MDT Deployment Share\Out-of-Box Drivers\Windows10\X64\Surface Laptop folder as shown in the figure that follows this list.
    - For Surface Laptop 2, the model is **Surface Laptop 2**. The remaining Surface Laptop drivers should reside in the \MDT Deployment Share\Out-of-Box Drivers\Windows10\X64\Surface Laptop 2 folder.  
 

devices/surface/microsoft-surface-brightness-control.md

@@ -8,7 +8,7 @@ ms.sitesec: library
 author: dansimp
 ms.author: dansimp
 ms.topic: article
-ms.date: 1/15/2019
+ms.date: 10/31/2019
 ms.reviewer: hachidan
 manager: dansimp
 ms.localizationpriority: medium

devices/surface/microsoft-surface-deployment-accelerator.md

@@ -4,7 +4,7 @@ description: Microsoft Surface Deployment Accelerator provides a quick and simpl
 ms.assetid: E7991E90-4AAE-44B6-8822-58BFDE3EADE4
 ms.reviewer: hachidan
 manager: dansimp
-ms.date: 07/27/2017
+ms.date: 10/31/2019
 ms.localizationpriority: medium
 keywords: deploy, install, tool
 ms.prod: w10
@@ -19,7 +19,6 @@ ms.audience: itpro
 
 # Microsoft Surface Deployment Accelerator
 
-
 Microsoft Surface Deployment Accelerator (SDA) automates the creation and configuration of a Microsoft recommended deployment experience by using free Microsoft deployment tools. 
 
 > [!NOTE]

devices/surface/step-by-step-surface-deployment-accelerator.md

@@ -13,7 +13,7 @@ ms.sitesec: library
 author: dansimp
 ms.author: dansimp
 ms.topic: article
-ms.date: 07/27/2017
+ms.date: 10/31/2019
 ---
 
 # Step by step: Surface Deployment Accelerator

devices/surface/surface-diagnostic-toolkit-business.md

@@ -8,7 +8,7 @@ ms.sitesec: library
 author: dansimp
 ms.author: dansimp
 ms.topic: article
-ms.date: 09/27/2019
+ms.date: 10/31/2019
 ms.reviewer: hachidan
 manager: dansimp
 ms.audience: itpro

devices/surface/surface-diagnostic-toolkit-desktop-mode.md

@@ -7,7 +7,7 @@ ms.sitesec: library
 author: dansimp
 ms.author: dansimp
 ms.topic: article
-ms.date: 11/15/2018
+ms.date: 10/31/2019
 ms.reviewer: hachidan
 manager: dansimp
 ms.localizationpriority: medium
@@ -24,20 +24,17 @@ This topic explains how to use the Surface Diagnostic Toolkit (SDT) to help user
 2. Begin at the home page, which allows users to enter a description of the issue, and click **Continue**, as shown in figure 1.
 
     ![Start SDT in desktop mode](images/sdt-desk-1.png)
-
+*Figure 1. SDT in desktop mode*
-    *Figure 1. SDT in desktop mode*
 
 3. When SDT indicates the device has the latest updates, click **Continue** to advance to the catalog of available tests, as shown in figure 2.
 
     ![Select from SDT options](images/sdt-desk-2.png)
-
+*Figure 2. Select from SDT options*
-    *Figure 2. Select from SDT options*
 
 4. You can choose to run all the diagnostic tests. Or, if you already suspect a particular issue such as a faulty display or a power supply problem, click **Select** to choose from the available tests and click **Run Selected**, as shown in figure 3. See the following table for details of each test. 
 
     ![Select hardware tests](images/sdt-desk-3.png)
-
+*Figure 3. Select hardware tests*
-    *Figure 3. Select hardware tests*
 
     Hardware test | Description
     --- | ---
@@ -56,6 +53,7 @@ This topic explains how to use the Surface Diagnostic Toolkit (SDT) to help user
 
 
 <span id="multiple" />
+
 ## Running multiple hardware tests to troubleshoot issues
 
 SDT is designed as an interactive tool that runs a series of tests. For each test, SDT provides instructions summarizing  the nature of the test and what users should expect or look for in order for the test to be successful. For example, to diagnose if the display brightness is working properly, SDT starts at zero and increases the brightness to 100 percent, asking users to confirm – by answering **Yes** or **No** -- that brightness is functioning as expected, as shown in figure 4. 
@@ -63,7 +61,6 @@ SDT is designed as an interactive tool that runs a series of tests. For each tes
 For each test, if functionality does not work as expected and the user clicks **No**, SDT generates a report of the possible causes and ways to troubleshoot it. 
 
 ![Running hardware diagnostics](images/sdt-desk-4.png)
-
 *Figure 4. Running hardware diagnostics*
 
 1. If the brightness successfully adjusts from 0-100 percent as expected, direct the user to click **Yes** and then click **Continue**. 
@@ -76,24 +73,18 @@ For each test, if functionality does not work as expected and the user clicks **
 SDT enables you to diagnose and repair applications that may be causing issues, as shown in figure 5.
 
 ![Running repairs](images/sdt-desk-5.png)
-
 *Figure 5. Running repairs*
-
-
-
-
 <span id="logs" />
+
 ### Generating logs for analyzing issues 
 
 SDT provides extensive log-enabled diagnosis support across applications, drivers, hardware, and operating system issues, as shown in figure 6.
 
 ![Generating logs](images/sdt-desk-6.png)
-
 *Figure 6. Generating logs*
 
-
-
 <span id="detailed-report" />
+
 ### Generating detailed report comparing device vs. optimal configuration
 
 Based on the logs, SDT generates a report for software- and firmware-based issues that you can save to a preferred location.

devices/surface/surface-dock-firmware-update.md

@@ -8,7 +8,7 @@ ms.sitesec: library
 author: dansimp
 ms.author: dansimp
 ms.topic: article
-ms.date: 09/18/2019
+ms.date: 10/09/2019
 ms.reviewer: scottmca
 manager: dansimp
 ms.audience: itpro
@@ -47,8 +47,14 @@ You can use Windows Installer commands (Msiexec.exe) to deploy Surface Dock Firm
 
 - **Msiexec.exe /i <name of msi> /quiet /norestart**
 
+> [!NOTE]
+> A log file is not created by default. In order to create a log file, you will need to append "/l*v [path]"
+
 For more information, refer to [Command line options](https://docs.microsoft.com/windows/win32/msi/command-line-options) documentation.
 
+> [!IMPORTANT]
+> If you want to keep your Surface Dock updated using any other method, refer to [Update your Surface Dock](https://support.microsoft.com/help/4023478/surface-update-your-surface-dock) for details.
+
 ## Intune deployment
 You can use Intune to distribute Surface Dock Firmware Update to your devices. First you will need to convert the MSI file to the .intunewin format, as described in the following documentation: [Intune Standalone - Win32 app management](https://docs.microsoft.com/intune/apps/apps-win32-app-management).
 
@@ -84,8 +90,8 @@ Successful completion of Surface Dock Firmware Update results in new registry ke
 
 | Log                              | Location                               | Notes                                                                                                                                                                                                         |
 | -------------------------------- | -------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| Surface Dock Firmware Update log | /l*v %windir%\logs\Applications\SurfaceDockFWI.log | Earlier versions of this tool wrote events to Applications and Services Logs\Microsoft Surface Dock Updater.                                                                                                  |
+| Surface Dock Firmware Update log | Path needs to be specified (see note) | Earlier versions of this tool wrote events to Applications and Services Logs\Microsoft Surface Dock Updater.                                                                                                  |
-| Windows Device Install log       | %windir%\inf\ setupapi.dev.log         | For more information about using Device Install Log, refer [to SetupAPI Logging](https://docs.microsoft.com/windows-hardware/drivers/install/setupapi-logging--windows-vista-and-later-) documentation. |
+| Windows Device Install log       | %windir%\inf\setupapi.dev.log         | For more information about using Device Install Log, refer to [SetupAPI Logging](https://docs.microsoft.com/windows-hardware/drivers/install/setupapi-logging--windows-vista-and-later-). |
 
  
 **Table 2. Event log IDs for Surface Dock Firmware Update**
@@ -97,6 +103,10 @@ Successful completion of Surface Dock Firmware Update results in new registry ke
 | 2003     | Dock firmware update failed to get firmware version.                 |
 | 2004     | Querying the firmware version.                                       |
 | 2005     | Dock firmware failed to start update.                                |
+| 2006     | Failed to send offer/payload pairs.                                  |
+| 2007     | Firmware update finished.                                            |
+| 2008     | BEGIN dock telemetry.                                                |
+| 2011     | END dock telemetry.                                                  |
 
 ## Troubleshooting tips
 

devices/surface/surface-enterprise-management-mode.md

@@ -9,8 +9,8 @@ ms.sitesec: library
 author: dansimp
 ms.author: dansimp
 ms.topic: article
-ms.date: 01/06/2017
+ms.date: 10/31/2019
-ms.reviewer: 
+ms.reviewer: scottmca
 manager: dansimp
 ms.localizationpriority: medium
 ms.audience: itpro
@@ -66,9 +66,7 @@ After a device is enrolled in SEMM, the configuration file is read and the setti
 
 ### Enable or disable devices in Surface UEFI with SEMM
 
- The built in devices that appear in the UEFI Devices page may vary depending on your device or corporate environment; for example, LTE only appears on devices equipped with LTE support.
+The following list shows all the available devices you can manage in SEMM:
-
- The following list shows all the available devices you can manage in SEMM:
 
 * Docking USB Port
 * On-board Audio
@@ -82,6 +80,8 @@ After a device is enrolled in SEMM, the configuration file is read and the setti
 * Wi-Fi and Bluetooth
 * LTE
 
+ >[!NOTE]
+>The built-in devices that appear in the UEFI Devices page may vary depending on your device or corporate environment. For example, the UEFI Devices page is not supported on Surface Pro X; LTE only appears on LTE-equipped devices. 
 ### Configure advanced settings with SEMM
 **Table 1. Advanced settings**
 

devices/surface/surface-manage-dfci-guide.md

@@ -17,7 +17,7 @@ ms.audience: itpro
 
 ## Introduction
 
-The ability to manage devices from the cloud has dramatically simplified IT deployment and provisioning across the lifecycle. With Device Firmware Configuration Interface (DFCI) profiles built into Microsoft Intune (now available in public preview), Surface UEFI management extends the modern management stack down to the UEFI hardware level. DFCI supports zero-touch provisioning, eliminates BIOS passwords, provides control of security settings including boot options and built-in peripherals, and lays the groundwork for advanced security scenarios in the future.
+The ability to manage devices from the cloud has dramatically simplified IT deployment and provisioning across the lifecycle. With Device Firmware Configuration Interface (DFCI) profiles built into Microsoft Intune (now available in [public preview](https://docs.microsoft.com/intune/configuration/device-firmware-configuration-interface-windows)), Surface UEFI management extends the modern management stack down to the UEFI hardware level. DFCI supports zero-touch provisioning, eliminates BIOS passwords, provides control of security settings including boot options and built-in peripherals, and lays the groundwork for advanced security scenarios in the future. For answers to frequently asked questions, see [Ignite 2019: Announcing remote management of Surface UEFI settings from Intune](https://techcommunity.microsoft.com/t5/Surface-IT-Pro-Blog/Ignite-2019-Announcing-remote-management-of-Surface-UEFI/ba-p/978333).
 
 ### Background
 
@@ -167,6 +167,7 @@ If the original DFCI profile has been deleted, you can remove policy settings by
 6. Validate DFCI is removed from the device in the UEFI.
 
 ## Learn more
-- [Windows Autopilot](https://www.microsoft.com/microsoft-365/windows/windows-autopilot)
+- [Ignite 2019: Announcing remote management of Surface UEFI settings from Intune](https://techcommunity.microsoft.com/t5/Surface-IT-Pro-Blog/Ignite-2019-Announcing-remote-management-of-Surface-UEFI/ba-p/978333)
+[Windows Autopilot](https://www.microsoft.com/microsoft-365/windows/windows-autopilot)
 - [Windows Autopilot and Surface devices](windows-autopilot-and-surface-devices.md) 
 - [Use DFCI profiles on Windows devices in Microsoft Intune](https://docs.microsoft.com/intune/configuration/device-firmware-configuration-interface-windows)

devices/surface/surface-system-sku-reference.md

@@ -9,7 +9,7 @@ ms.sitesec: library
 author: dansimp
 ms.author: dansimp
 ms.topic: article
-ms.date: 03/20/2019
+ms.date: 10/31/2019
 ms.reviewer: 
 manager: dansimp
 ms.localizationpriority: medium
@@ -41,6 +41,11 @@ System Model and System SKU are variables that are stored in the System Manageme
 | Surface Pro 6 Commercial                                     | Surface Pro 6    | Surface_Pro_6_1796_Commercial    |
 | Surface Laptop 2 Consumer                                    | Surface Laptop 2 | Surface_Laptop_2_1769_Consumer   |
 | Surface Laptop 2 Commercial                                  | Surface Laptop 2 | Surface_Laptop_2_1769_Commercial |
+| Surface Pro 7                 | Surface Pro 7    | Surface_Pro_7_1866         |
+| Surface Pro X                 | Surface Pro X    | Surface_Pro_X_1876         |
+| Surface Laptop 3 13" Intel | Surface Laptop 3 | Surface_Laptop_3_1867:1868 |
+| Surface Laptop 3 15" Intel | Surface Laptop 3 | Surface_Laptop_3_1872      |
+| Surface Laptop 3 15" AMD   | Surface Laptop 3 | Surface_Laptop_3_1873      | 
 
 ## Examples 
 

devices/surface/surface-wireless-connect.md

@@ -9,13 +9,12 @@ ms.audience: itpro
 ms.localizationpriority: medium
 ms.author: dansimp
 ms.topic: article
-ms.date: 08/15/2019
+ms.date: 10/31/2019
 ms.reviewer: tokatz
 manager: dansimp
 ---
 # Optimize Wi-Fi connectivity for Surface devices
 
-## Introduction
 
 To stay connected with all-day battery life, Surface devices implement wireless connectivity settings that balance performance and power conservation. Outside of the most demanding mobility scenarios, users can maintain sufficient wireless connectivity without modifying default network adapter or related settings. 
 
@@ -32,7 +31,7 @@ If you’re managing a wireless network that’s typically accessed by many diff
 - **802.11r.** “**Fast BSS Transition”** accelerates connecting to new wireless access points by reducing the number of frames required before your device can access another AP as you move around with your device.
 - **802.11k.** **“Neighbor Reports”** provides devices with information on current conditions at neighboring access points. It can help your Surface device choose the best AP using criteria other than signal strength such as AP utilization.
 
-Surface Go devices can also use 802.11v “BSS Transition Management Frames,” which functions much like 802.11k in providing information on nearby candidate APs.
+Specific Surface devices can also use 802.11v “BSS Transition Management Frames,” which functions much like 802.11k in providing information on nearby candidate APs. These include Surface Go, Surface Pro 7, Surface Pro X, and Surface Laptop 3. 
 
 ## Managing user settings
 

devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md

@@ -9,7 +9,7 @@ ms.sitesec: library
 author: dansimp
 ms.author: dansimp
 ms.topic: article
-ms.date: 02/01/2017
+ms.date: 10/31/2019
 ms.reviewer: 
 manager: dansimp
 ms.localizationpriority: medium
@@ -384,7 +384,7 @@ To configure Surface UEFI settings or permissions for Surface UEFI settings, you
 
 The computer where ShowSettingsOptions.ps1 is run must have Microsoft Surface UEFI Manager installed, but the script does not require a Surface device.
 
-The following tables show the available settings for Surface Pro 4 and later including Surface Pro 7 and Surface Pro X; Surface Book, Surface Laptop 3, and Surface Go. 
+The following tables show the available settings for Surface Pro 4 and later including Surface Pro 7, Surface Book, Surface Laptop 3, and Surface Go. 
 
 *Table 1. Surface UEFI settings for Surface Pro 4*
 

education/developers.yml

@@ -8,7 +8,7 @@ metadata:
   description: Are you an app developer looking for information about developing solutions on Microsoft Education products? Start here.
   ms.service: help
   ms.topic: hub-page
-  author: v-lamoyn
+  author: LaurenMoynihan
   ms.author: v-lamoyn
   ms.date: 10/24/2019
 

education/docfx.json

@@ -33,6 +33,7 @@
       "breadcrumb_path": "/education/breadcrumb/toc.json",
       "ms.date": "05/09/2017",
       "feedback_system": "None",
+      "hideEdit": true,
       "_op_documentIdPathDepotMapping": {
         "./": {
           "depot_name": "Win.education",

education/index.yml

@@ -8,7 +8,7 @@ metadata:
   description: Learn about product documentation and resources available for school IT administrators, teachers, students, and education app developers.
   ms.service: help
   ms.topic: hub-page
-  author: v-lamoyn
+  author: LaurenMoynihan
   ms.author: v-lamoyn
   ms.date: 10/24/2019
 

education/itadmins.yml

@@ -8,26 +8,26 @@ metadata:
   description: M365 Education consists of Office 365 Education, Windows 10 Education, and security and management tools such as Intune for Education and School Data Sync.
   ms.service: help
   ms.topic: hub-page
-  author: v-lamoyn
+  author: LaurenMoynihan
   ms.author: v-lamoyn
   ms.date: 10/24/2019
 
 productDirectory:
-  summary: This guide is designed for IT admins looking for the simplest way to move their platform to the cloud. It does not capture all the necessary steps for large scale or complex deployments. Check out at https://edujourney.microsoft.com/. Find help now at https://docs.microsoft.com/en-us/microsoft-365/education/deploy/find-deployment-help.
+  summary: This guide is designed for IT admins looking for the simplest way to move their platform to the cloud. It does not capture all the necessary steps for large scale or complex deployments. Check out at https://edujourney.microsoft.com/. Find help now at https://docs.microsoft.com/microsoft-365/education/deploy/find-deployment-help.
   items:
     # Card    
     - title: Phase 1 - Cloud deployment
       imageSrc: ./images/EDU-Deploy.svg
       links:
-        - url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/create-your-office-365-tenant
+        - url: https://docs.microsoft.com/microsoft-365/education/deploy/create-your-office-365-tenant
           text: 1. Create your Office 365 tenant
-        - url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/secure-and-configure-your-network
+        - url: https://docs.microsoft.com/microsoft-365/education/deploy/secure-and-configure-your-network
           text: 2. Secure and configure your network
-        - url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/aad-connect-and-adfs
+        - url: https://docs.microsoft.com/microsoft-365/education/deploy/aad-connect-and-adfs
           text: 3. Sync your active directory
-        - url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/school-data-sync
+        - url: https://docs.microsoft.com/microsoft-365/education/deploy/school-data-sync
           text: 4. Sync you SIS using School Data Sync
-        - url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/license-users
+        - url: https://docs.microsoft.com/microsoft-365/education/deploy/license-users
           text: 5. License users
     # Card
     - title: Phase 2 - Device management
@@ -35,11 +35,11 @@ productDirectory:
       links:
         - url: https://docs.microsoft.com/en-us/education/windows/
           text: 1. Get started with Windows 10 for Education
-        - url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/set-up-windows-10-education-devices
+        - url: https://docs.microsoft.com/microsoft-365/education/deploy/set-up-windows-10-education-devices
           text: 2. Set up Windows 10 devices
-        - url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/intune-for-education
+        - url: https://docs.microsoft.com/microsoft-365/education/deploy/intune-for-education
           text: 3. Get started with Intune for Education
-        - url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/use-intune-for-education
+        - url: https://docs.microsoft.com/microsoft-365/education/deploy/use-intune-for-education
           text: 4. Use Intune to manage groups, apps, and settings
         - url: https://docs.microsoft.com/en-us/intune/enrollment/enrollment-autopilot
           text: 5. Enroll devices using Windows Autopilot
@@ -47,28 +47,28 @@ productDirectory:
     - title: Phase 3 - Apps management
       imageSrc: ./images/EDU-Apps-Mgmt.svg
       links:
-        - url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/configure-admin-settings
+        - url: https://docs.microsoft.com/microsoft-365/education/deploy/configure-admin-settings
           text: 1. Configure admin settings
-        - url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/set-up-teams-for-education
+        - url: https://docs.microsoft.com/microsoft-365/education/deploy/set-up-teams-for-education
           text: 2. Set up Teams for Education
-        - url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/deploy-office-365
+        - url: https://docs.microsoft.com/microsoft-365/education/deploy/deploy-office-365
           text: 3. Set up Office 365
-        - url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/microsoft-store-for-education     
+        - url: https://docs.microsoft.com/microsoft-365/education/deploy/microsoft-store-for-education     
           text: 4. Install apps from Microsoft Store for Education
-        - url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/minecraft-for-education
+        - url: https://docs.microsoft.com/microsoft-365/education/deploy/minecraft-for-education
           text: 5. Install Minecraft - Education Edition
     # Card    
     - title: Complete your deployment
       # imageSrc should be square in ratio with no whitespace
       imageSrc: ./images/EDU-Tasks.svg
       links:
-        - url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/deploy-exchange-online
+        - url: https://docs.microsoft.com/microsoft-365/education/deploy/deploy-exchange-online
           text: Deploy Exchange Online
-        - url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/deploy-sharepoint-online-and-onedrive
+        - url: https://docs.microsoft.com/microsoft-365/education/deploy/deploy-sharepoint-online-and-onedrive
           text: Deploy SharePoint Online and OneDrive
-        - url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/deploy-exchange-server-hybrid
+        - url: https://docs.microsoft.com/microsoft-365/education/deploy/deploy-exchange-server-hybrid
           text: Deploy Exchange Server hybrid
-        - url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/deploy-sharepoint-server-hybrid
+        - url: https://docs.microsoft.com/microsoft-365/education/deploy/deploy-sharepoint-server-hybrid
           text: Deploy SharePoint Server Hybrid
     # Card
     - title: Security & Compliance
@@ -80,9 +80,9 @@ productDirectory:
           text: Azure information protection deployment acceleration guide
         - url: https://docs.microsoft.com/en-us/cloud-app-security/getting-started-with-cloud-app-security
           text: Microsoft Cloud app security
-        - url: https://docs.microsoft.com/en-us/microsoft-365/compliance/create-test-tune-dlp-policy
+        - url: https://docs.microsoft.com/microsoft-365/compliance/create-test-tune-dlp-policy
           text: Office 365 data loss prevention
-        - url: https://docs.microsoft.com/en-us/microsoft-365/compliance/
+        - url: https://docs.microsoft.com/microsoft-365/compliance/
           text: Office 365 advanced compliance
         - url: https://social.technet.microsoft.com/wiki/contents/articles/35748.office-365-what-is-customer-lockbox-and-how-to-enable-it.aspx
           text: Deploying Lockbox

education/partners.yml

@@ -8,7 +8,7 @@ metadata:
   description: Looking for resources available to Microsoft Education partners? Start here.
   ms.service: help
   ms.topic: hub-page
-  author: v-lamoyn
+  author: LaurenMoynihan
   ms.author: v-lamoyn
   ms.date: 10/24/2019
 

smb/docfx.json

@@ -31,6 +31,7 @@
     "globalMetadata": {
       "breadcrumb_path": "/windows/smb/breadcrumb/toc.json",
       "feedback_system": "None",
+      "hideEdit": true,
       "_op_documentIdPathDepotMapping": {
         "./": {
           "depot_name": "TechNet.smb",

store-for-business/docfx.json

@@ -41,6 +41,7 @@
         "Store"
       ],
       "feedback_system": "None",
+      "hideEdit": true,
       "_op_documentIdPathDepotMapping": {
         "./": {
           "depot_name": "MSDN.store-for-business",

windows/client-management/mdm/win32-and-centennial-app-policy-configuration.md

@@ -25,7 +25,13 @@ manager: dansimp
 
 ## <a href="" id="overview"></a>Overview
 
-Starting in Windows 10, version 1703, you can import ADMX files (also called ADMX ingestion) and set those ADMX-backed policies for Win32 and Desktop Bridge apps by using Windows 10 Mobile Device Management (MDM) on desktop SKUs. The ADMX files that define policy information can be ingested to your device by using the Policy CSP URI, `./Device/Vendor/MSFT/Policy/ConfigOperations/ADMXInstall`. The ingested ADMX file is then processed into MDM policies.
+Starting in Windows 10, version 1703, you can import ADMX files (also called ADMX ingestion) and set those ADMX-backed policies for Win32 and Desktop Bridge apps by using Windows 10 Mobile Device Management (MDM) on desktop SKUs. The ADMX files that define policy information can be ingested to your device by using the Policy CSP URI, `./Device/Vendor/MSFT/Policy/ConfigOperations/ADMXInstall`. The ingested ADMX file is then processed into MDM policies. 
+
+NOTE: Starting from the following Windows 10 version Replace command is supported
+- Windows 10, version 1903 with KB4512941 and KB4517211 installed 
+- Windows 10, version 1809 with KB4512534 and KB installed 
+- Windows 10, version 1803 with KB4512509 and KB installed 
+- Windows 10, version 1709 with KB4516071 and KB installed 
 
 When the ADMX policies are imported, the registry keys to which each policy is written are checked so that known system registry keys, or registry keys that are used by existing inbox policies or system components, are not overwritten. This precaution helps to avoid security concerns over opening the entire registry. Currently, the ingested policies are not allowed to write to locations within the **System**, **Software\Microsoft**, and **Software\Policies\Microsoft** keys, except for the following locations:
 
@@ -48,6 +54,8 @@ When the ADMX policies are imported, the registry keys to which each policy is w
 - software\microsoft\exchange\
 - software\policies\microsoft\vba\security\
 - software\microsoft\onedrive 
+- software\Microsoft\Edge
+- Software\Microsoft\EdgeUpdate\
 
 > [!Warning]
 > Some operating system components have built in functionality to check devices for domain membership. MDM enforces the configured policy values only if the devices are domain joined, otherwise it does not. However, you can still import ADMX files and set ADMX-backed policies regardless of whether the device is domain joined or non-domain joined.

windows/configuration/docfx.json

@@ -36,6 +36,7 @@
       "audience": "ITPro",
       "ms.topic": "article",
       "feedback_system": "None",
+      "hideEdit": true,
       "_op_documentIdPathDepotMapping": {
         "./": {
           "depot_name": "MSDN.win-configuration",

windows/configure/docfx.json

@@ -31,6 +31,7 @@
     "externalReference": [],
     "globalMetadata": {
       "feedback_system": "None",
+      "hideEdit": true,
       "_op_documentIdPathDepotMapping": {
         "./": {
           "depot_name": "MSDN.windows-configure"

windows/deployment/update/windows-update-error-reference.md

@@ -137,7 +137,7 @@ The following errors map to `SOAP_ERROR_CODE`s from the `Atlsoap.h` file. These
 | 0x8024401E |          `WU_E_PT_HTTP_STATUS_GONE`          |                                                Same as HTTP status 410 - requested resource is no longer available at the server.                                                |
 | 0x8024401F |      `WU_E_PT_HTTP_STATUS_SERVER_ERROR`      |                                           Same as HTTP status 500 - an error internal to the server prevented fulfilling the request.                                            |
 | 0x80244020 |     `WU_E_PT_HTTP_STATUS_NOT_SUPPORTED`      |                                       Same as HTTP status 500 - server does not support the functionality required to fulfill the request.                                       |
-| 0x80244021 |      `WU_E_PT_HTTP_STATUS_BAD_GATEWAY`       | Same as HTTP status 502 - the server while acting as a gateway or a proxy received an invalid response from the upstream server it accessed in attempting to fulfil the request. |
+| 0x80244021 |      `WU_E_PT_HTTP_STATUS_BAD_GATEWAY`       | Same as HTTP status 502 - the server while acting as a gateway or a proxy received an invalid response from the upstream server it accessed in attempting to fulfill the request. |
 | 0x80244022 |    `WU_E_PT_HTTP_STATUS_SERVICE_UNAVAIL`     |                                                         Same as HTTP status 503 - the service is temporarily overloaded.                                                         |
 | 0x80244023 |    `WU_E_PT_HTTP_STATUS_GATEWAY_TIMEOUT`     |                                                    Same as HTTP status 503 - the request was timed out waiting for a gateway.                                                    |
 | 0x80244024 |    `WU_E_PT_HTTP_STATUS_VERSION_NOT_SUP`     |                                      Same as HTTP status 505 - the server does not support the HTTP protocol version used for the request.                                       |

windows/deployment/update/windows-update-troubleshooting.md

@@ -48,7 +48,7 @@ The update that is offered to a device depends on several factors. Some of the m
 
 If the update you're offered isn't the most current available, it might be because your device is being managed by a WSUS server, and you're being offered the updates available on that server. It's also possible, if your device is part of a Windows as a Service deployment ring, that your admin is intentionally slowing the rollout of updates. Since the WaaS rollout is slow and measured to begin with, all devices will not receive the update on the same day.  
  
-## My machine is frozen at scan. Why? 
+## My device is frozen at scan. Why? 
 The Settings UI is talking to the Update Orchestrator service which in turn is talking to Windows Update service. If these services stop unexpectedly then you might see this behavior. In such cases, do the following:  
 1. Close the Settings app and reopen it.  
 2. Launch Services.msc and check if the following services are running:  
@@ -145,7 +145,23 @@ Go to Services.msc and ensure that Windows Firewall Service is enabled. Stopping
 Windows Update provides a wide range configuration policies to control the behavior of WU service in a managed environment. While these policies let you configure the settings at a granular level, misconfiguration or setting conflicting polices may lead to unexpected behaviors. 
  
 See [How to configure automatic updates by using Group Policy or registry settings](https://support.microsoft.com/help/328010/how-to-configure-automatic-updates-by-using-group-policy-or-registry-s) for more information.
+
+## Device cannot access update files
+Check that your device can access these Windows Update endpoints:
+
+- http://windowsupdate.microsoft.com
+- http://*.windowsupdate.microsoft.com
+- https://*.windowsupdate.microsoft.com
+- http://*.update.microsoft.com
+- https://*.update.microsoft.com
+- http://*.windowsupdate.com
+- http://download.windowsupdate.com
+- https://download.microsoft.com
+- http://*.download.windowsupdate.com
+- http://wustat.windows.com
+- http://ntservicepack.microsoft.com
  
+ Whitelist these endpoints for future use.
  
 ## Updates aren't downloading from the intranet endpoint (WSUS/SCCM) 
 Windows 10 devices can receive updates from a variety of sources, including Windows Update online, a Windows Server Update Services server, and others. To determine the source of Windows Updates currently being used on a device, follow these steps:  

windows/deployment/upgrade/log-files.md

@@ -9,7 +9,8 @@ ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: deploy
-audience: itpro
author: greg-lindsay
+audience: itpro
+author: greg-lindsay
 ms.localizationpriority: medium
 ms.topic: article
 ---
@@ -159,6 +160,93 @@ Therefore, Windows Setup failed because it was not able to migrate the corrupt f
 27:08, Error           SP     SPDoFrameworkGather: Gather operation failed. Error: 0x0000002C
 </pre>
 
+<br><B>setupapi.dev.log</B> content:
+
+<pre style="font-size: 10px; overflow-y: visible">
+>>>  [Device Install (UpdateDriverForPlugAndPlayDevices) - PCI\VEN_8086&DEV_8C4F]
+>>>  Section start 2019/09/26 20:13:01.623
+      cmd: rundll32.exe "C:\WINDOWS\Installer\MSI6E4C.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_95972906 484 ChipsetWiX.CustomAction!Intel.Deployment.ChipsetWiX.CustomActions.InstallDrivers
+     ndv: INF path: C:\WINDOWS\TEMP\{15B1CD41-69F5-48EA-9F45-0560A40FE2D8}\Drivers\lynxpoint\LynxPointSystem.inf
+     ndv: Install flags: 0x00000000
+     ndv: {Update Device Driver - PCI\VEN_8086&DEV_8C4F&SUBSYS_05BE1028&REV_04\3&11583659&0&F8}
+     ndv:      Search options: 0x00000081
+     ndv:      Searching single INF 'C:\WINDOWS\TEMP\{15B1CD41-69F5-48EA-9F45-0560A40FE2D8}\Drivers\lynxpoint\LynxPointSystem.inf'
+     dvi:      {Build Driver List} 20:13:01.643
+     dvi:           Searching for hardware ID(s):
+     dvi:                pci\ven_8086&dev_8c4f&subsys_05be1028&rev_04
+     dvi:                pci\ven_8086&dev_8c4f&subsys_05be1028
+     dvi:                pci\ven_8086&dev_8c4f&cc_060100
+     dvi:                pci\ven_8086&dev_8c4f&cc_0601
+     dvi:           Searching for compatible ID(s):
+     dvi:                pci\ven_8086&dev_8c4f&rev_04
+     dvi:                pci\ven_8086&dev_8c4f
+     dvi:                pci\ven_8086&cc_060100
+     dvi:                pci\ven_8086&cc_0601
+     dvi:                pci\ven_8086
+     dvi:                pci\cc_060100
+     dvi:                pci\cc_0601
+     sig:           {_VERIFY_FILE_SIGNATURE} 20:13:01.667
+     sig:                Key      = lynxpointsystem.inf
+     sig:                FilePath = c:\windows\temp\{15b1cd41-69f5-48ea-9f45-0560a40fe2d8}\drivers\lynxpoint\lynxpointsystem.inf
+     sig:                Catalog  = c:\windows\temp\{15b1cd41-69f5-48ea-9f45-0560a40fe2d8}\drivers\lynxpoint\LynxPoint.cat
+     sig:                Success: File is signed in catalog.
+     sig:           {_VERIFY_FILE_SIGNATURE exit(0x00000000)} 20:13:01.683
+     dvi:           Created Driver Node:
+     dvi:                HardwareID   - PCI\VEN_8086&DEV_8C4F
+     dvi:                InfName      - c:\windows\temp\{15b1cd41-69f5-48ea-9f45-0560a40fe2d8}\drivers\lynxpoint\lynxpointsystem.inf
+     dvi:                DevDesc      - Intel(R) QM87 LPC Controller - 8C4F
+     dvi:                Section      - Needs_ISAPNP_DRV
+     dvi:                Rank         - 0x00ff2001
+     dvi:                Signer Score - WHQL
+     dvi:                DrvDate      - 04/04/2016
+     dvi:                Version      - 10.1.1.18
+     dvi:      {Build Driver List - exit(0x00000000)} 20:13:01.699
+     ndv:      Searching currently installed INF
+     dvi:      {Build Driver List} 20:13:01.699
+     dvi:           Searching for hardware ID(s):
+     dvi:                pci\ven_8086&dev_8c4f&subsys_05be1028&rev_04
+     dvi:                pci\ven_8086&dev_8c4f&subsys_05be1028
+     dvi:                pci\ven_8086&dev_8c4f&cc_060100
+     dvi:                pci\ven_8086&dev_8c4f&cc_0601
+     dvi:           Searching for compatible ID(s):
+     dvi:                pci\ven_8086&dev_8c4f&rev_04
+     dvi:                pci\ven_8086&dev_8c4f
+     dvi:                pci\ven_8086&cc_060100
+     dvi:                pci\ven_8086&cc_0601
+     dvi:                pci\ven_8086
+     dvi:                pci\cc_060100
+     dvi:                pci\cc_0601
+     dvi:           Created Driver Node:
+     dvi:                HardwareID   - PCI\VEN_8086&DEV_8C4F
+     dvi:                InfName      - C:\WINDOWS\System32\DriverStore\FileRepository\lynxpointsystem.inf_amd64_cd1e518d883ecdfe\lynxpointsystem.inf
+     dvi:                DevDesc      - Intel(R) QM87 LPC Controller - 8C4F
+     dvi:                Section      - Needs_ISAPNP_DRV
+     dvi:                Rank         - 0x00ff2001
+     dvi:                Signer Score - WHQL
+     dvi:                DrvDate      - 10/03/2016
+     dvi:                Version      - 10.1.1.38
+     dvi:      {Build Driver List - exit(0x00000000)} 20:13:01.731
+     dvi:      {DIF_SELECTBESTCOMPATDRV} 20:13:01.731
+     dvi:           Default installer: Enter 20:13:01.735
+     dvi:                {Select Best Driver}
+     dvi:                     Class GUID of device changed to: {4d36e97d-e325-11ce-bfc1-08002be10318}.
+     dvi:                     Selected Driver:
+     dvi:                          Description - Intel(R) QM87 LPC Controller - 8C4F
+     dvi:                          InfFile     - c:\windows\system32\driverstore\filerepository\lynxpointsystem.inf_amd64_cd1e518d883ecdfe\lynxpointsystem.inf
+     dvi:                          Section     - Needs_ISAPNP_DRV
+     dvi:                {Select Best Driver - exit(0x00000000)}
+     dvi:           Default installer: Exit
+     dvi:      {DIF_SELECTBESTCOMPATDRV - exit(0x00000000)} 20:13:01.743
+     ndv:      Currently Installed Driver:
+     ndv:           Inf Name       - oem1.inf
+     ndv:           Driver Date    - 10/03/2016
+     ndv:           Driver Version - 10.1.1.38
+     ndv: {Update Device Driver - exit(00000103)}
+!    ndv: No better matching drivers found for device 'PCI\VEN_8086&DEV_8C4F&SUBSYS_05BE1028&REV_04\3&11583659&0&F8'.
+!    ndv: No devices were updated.
+<<<  Section end 2019/09/26 20:13:01.759
+<<<  [Exit status: FAILURE(0xC1900101)]
+</pre>
 
 <br>This analysis indicates that the Windows upgrade error can be resolved by deleting the C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\[CN] file. Note: In this example, the full, unshortened file name is  C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\be8228fb2d3cb6c6b0ccd9ad51b320b4_a43d512c-69f2-42de-aef9-7a88fabdaa3f. 
 

windows/deployment/upgrade/resolution-procedures.md

@@ -9,7 +9,8 @@ ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: deploy
-audience: itpro
author: greg-lindsay
+audience: itpro
+author: greg-lindsay
 ms.localizationpriority: medium
 ms.topic: article
 ---
@@ -294,7 +295,7 @@ This error has more than one possible cause. Attempt [quick fixes](quick-fixes.m
 <tr><td style='padding:0in 4pt 0in 4pt;border:dotted #FFFFFF 0.0pt;'>
 
 0x80073BC3 - 0x20009<br>
-0x8007002 - 0x20009<br>
+0x80070002 - 0x20009<br>
 0x80073B92 - 0x20009
 
 </table>
@@ -593,7 +594,7 @@ Download and run the media creation tool. See <a href="https://www.microsoft.com
 <tr>
 <td>0x80240FFF </td>
 <td>Occurs when update synchronization fails. It can occur when you are using Windows Server Update Services on its own or when it is integrated with System Center Configuration Manager. If you enable update synchronization before you install <a href="https://support.microsoft.com/help/3095113/en-us">hotfix 3095113</a>, WSUS doesn&#39;t recognize the Upgrades classification and instead treats the upgrade like a regular update.</td>
-<td> You can prevent this by installing <a href="http://blogs.technet.com/b/wsus/archive/2015/12/04/important-update-for-wsus-4-0-kb-3095113.aspx">hotfix 3095113</a> before you enable update synchronization. However, if you have already run into this problem, do the following:
+<td> You can prevent this by installing <a href="https://blogs.technet.com/b/wsus/archive/2015/12/04/important-update-for-wsus-4-0-kb-3095113.aspx">hotfix 3095113</a> before you enable update synchronization. However, if you have already run into this problem, do the following:
 
 <ol>
 <li>Disable the Upgrades classification.</li>
@@ -602,7 +603,7 @@ Download and run the media creation tool. See <a href="https://www.microsoft.com
 <li>Enable the Upgrades classification.</li>
 <li>Perform a full synch.</li>
 </ol>
-<br>For detailed information on how to run these steps check out <a href="http://blogs.technet.com/b/wsus/archive/2016/01/30/quot-help-i-synched-upgrades-too-soon-quot.aspx">How to delete upgrades in WSUS</a>.</p>
+<br>For detailed information on how to run these steps check out <a href="https://blogs.technet.com/b/wsus/archive/2016/01/30/quot-help-i-synched-upgrades-too-soon-quot.aspx">How to delete upgrades in WSUS</a>.</p>
 </td>
 </tr>
 
@@ -698,12 +699,12 @@ Also see the following sequential list of modern setup (mosetup) error codes wit
 | 0XC1900105 | MOSETUP_E_TEST_MODE | The installation process is being used in a test environment. |
 | 0XC1900106 | MOSETUP_E_TERMINATE_PROCESS | The installation process was terminated. |
 | 0XC1900107 | MOSETUP_E_CLEANUP_PENDING | A cleanup operation from a previous installation attempt is still pending. A system reboot is required. |
-| 0XC1900108 | MOSETUP_E_REPORTING | An error has occured and the result value must be consolidated for telemetry purposes. |
+| 0XC1900108 | MOSETUP_E_REPORTING | An error has occurred and the result value must be consolidated for telemetry purposes. |
 | 0XC1900109 | MOSETUP_E_COMPAT_TERMINATE | The installation process was terminated during the actionable compatibility phase. |
-| 0XC190010a | MOSETUP_E_UNKNOWN_CMD_LINE | The installation process was launched with an unknown command line argument. |
+| 0XC190010a | MOSETUP_E_UNKNOWN_CMD_LINE | The installation process was launched with an unknown command-line argument. |
 | 0XC190010b | MOSETUP_E_INSTALL_IMAGE_NOT_FOUND | The installation image was not found. |
 | 0XC190010c | MOSETUP_E_AUTOMATION_INVALID | The provided automation information was invalid. |
-| 0XC190010d | MOSETUP_E_INVALID_CMD_LINE | The installation process was launched with an invalid command line argument. |
+| 0XC190010d | MOSETUP_E_INVALID_CMD_LINE | The installation process was launched with an invalid command-line argument. |
 | 0XC190010e | MOSETUP_E_EULA_ACCEPT_REQUIRED | The installation process requires that the user accept the license agreement. |
 | 0XC1900110 | MOSETUP_E_EULA_CANCEL | The user has chosen to cancel for license agreement. |
 | 0XC1900111 | MOSETUP_E_ADVERTISE_CANCEL | The user has chosen to cancel for advertisement. |

windows/deployment/windows-autopilot/add-devices.md

@@ -27,7 +27,7 @@ Before deploying a device using Windows Autopilot, the device must be registered
 
 ## OEM registration
 
-When you purchase devices directly from an OEM, that OEM can automatically register the devices with the Windows Autopilot deployment service.  For the list of OEMs that currently support this, see the "Participant device manufacturers" section of the [Windows Autopilot information page](https://www.microsoft.com/windowsforbusiness/windows-autopilot).
+When you purchase devices directly from an OEM, that OEM can automatically register the devices with the Windows Autopilot deployment service.  For the list of OEMs that currently support this, see the "Participant device manufacturers and resellers" section of the [Windows Autopilot information page](https://aka.ms/windowsautopilot).
 
 Before an OEM can register devices on behalf of an organization, the organization must grant the OEM permission to do so.  This process is initiated by the OEM, with approval granted by an Azure AD global administrator from the organization.  See the "Customer Consent" section of the [Customer consent page](https://docs.microsoft.com/windows/deployment/windows-autopilot/registration-auth#oem-authorization).
 

windows/docfx.json

@@ -20,7 +20,17 @@
 		"_op_documentIdPathDepotMapping": {
 			"./": {
 			  "depot_name": "Win.windows"
-			}
+      },
+      "contributors_to_exclude": [ 
+        "rjagiewich", 
+        "traya1", 
+        "rmca14", 
+        "claydetels19", 
+        "Kellylorenebaker",
+        "jborsecnik",
+        "tiburd",
+        "garycentric"
+     ], 
 		}
     },
     "externalReference": [

windows/release-information/index.md

@@ -3,7 +3,7 @@ title: Windows 10 - release information
 description: Learn release information for Windows 10 releases
 keywords: ["Windows 10", "Windows 10 October 2018 Update"]
 ms.prod: w10
-layout: LandingPage  
+layout: LandingPage
 ms.topic: landing-page
 ms.mktglfcycl: deploy
 ms.sitesec: library
@@ -11,6 +11,7 @@ author: lizap
 ms.author: elizapo
 ms.localizationpriority: high
 ---
+
 # Windows 10 release information
 
 Feature updates for Windows 10 are released twice a year, around March and September, via the Semi-Annual Channel. They will be serviced with monthly quality updates for 18 or 30 months from the date of the release, depending on the lifecycle policy.
@@ -19,14 +20,11 @@ We recommend that you begin deployment of each Semi-Annual Channel release immed
 
 For information about servicing timelines, see the [Windows lifecycle fact sheet](https://support.microsoft.com/help/13853).
 
->[!NOTE]
+> [!NOTE]
->Beginning with Windows 10, version 1903, this page will no longer list Semi-Annual Channel (Targeted) information for version 1903 and future feature updates. Instead, you will find a single entry for each Semi-Annual Channel release. For more information, see [this blog post](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-Update-for-Business-and-the-retirement-of-SAC-T/ba-p/339523).
+> Beginning with Windows 10, version 1903, you will find a [single entry for each SAC release](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-Update-for-Business-and-the-retirement-of-SAC-T/ba-p/339523).
-
 
 <div class="m-rich-content-block" data-grid="col-12">
     <div id="winrelinfo" xmlns="http://www.w3.org/1999/xhtml"><iframe width="100%" height="866px" id="winrelinfo_iframe" src="https://winreleaseinfoprod.blob.core.windows.net/winreleaseinfoprod/en-US.html" frameborder="0" marginwidth="0" marginheight="0" scrolling="auto"></iframe></div>
     <script src="https://winreleaseinfoprod.blob.core.windows.net/winreleaseinfoprod/iframe.js" xmlns="http://www.w3.org/1999/xhtml"></script>
     <script xmlns="http://www.w3.org/1999/xhtml">/*<![CDATA[*/winrelinfo_setup("https://winreleaseinfoprod.blob.core.windows.net/winreleaseinfoprod/en-US.html")/*]]>*/</script>
 </div>
-
-

windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml

@@ -54,7 +54,6 @@ sections:
       <tr><td><div id='215msg'></div><b>Zone transfers over TCP may fail</b><br>Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail.<br><br><a href = '#215msgdesc'>See details ></a></td><td>OS Build 17763.475<br><br>May 03, 2019<br><a href ='https://support.microsoft.com/help/4495667' target='_blank'>KB4495667</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4494441' target='_blank'>KB4494441</a></td><td>May 14, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='212msg'></div><b>Latest cumulative update (KB 4495667) installs automatically</b><br>Reports that the optional cumulative update (KB 4495667) installs automatically.<br><br><a href = '#212msgdesc'>See details ></a></td><td>OS Build 17763.475<br><br>May 03, 2019<br><a href ='https://support.microsoft.com/help/4495667' target='_blank'>KB4495667</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>May 08, 2019 <br>03:37 PM PT</td></tr>
       <tr><td><div id='198msg'></div><b>System may be unresponsive after restart if ArcaBit antivirus software installed</b><br>After further investigation ArcaBit has confirmed this issue is not applicable to Windows 10, version 1809<br><br><a href = '#198msgdesc'>See details ></a></td><td>OS Build 17763.437<br><br>April 09, 2019<br><a href ='https://support.microsoft.com/help/4493509' target='_blank'>KB4493509</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>May 08, 2019 <br>03:30 PM PT</td></tr>
-      <tr><td><div id='49msg'></div><b>Custom URI schemes may not start corresponding application</b><br>Custom URI schemes for application protocol handlers may not start the corresponding application.<br><br><a href = '#49msgdesc'>See details ></a></td><td>OS Build 17763.379<br><br>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489899' target='_blank'>KB4489899</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4495667' target='_blank'>KB4495667</a></td><td>May 03, 2019 <br>10:00 AM PT</td></tr>
       </table>
       "
 
@@ -140,7 +139,6 @@ sections:
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='88msgdesc'></div><b>Issue using PXE to start a device from WDS</b><div>After installing <a href=\"https://support.microsoft.com/help/4489899\" target=\"_blank\">KB4489899</a>, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.&nbsp;</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1</li><li>Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in <a href='https://support.microsoft.com/help/4503327' target='_blank'>KB4503327</a>.</div><br><a href ='#88msg'>Back to top</a></td><td>OS Build 17763.379<br><br>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489899' target='_blank'>KB4489899</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503327' target='_blank'>KB4503327</a></td><td>Resolved:<br>June 11, 2019 <br>10:00 AM PT<br><br>Opened:<br>March 12, 2019 <br>10:00 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='49msgdesc'></div><b>Custom URI schemes may not start corresponding application</b><div>After installing <a href=\"https://support.microsoft.com/help/4489899\" target=\"_blank\">KB4489899</a>, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1&nbsp;</li><li>Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Workaround:</strong> Right-click the URL link to open it in a new window or tab, or enable Protected Mode in Internet Explorer for local intranet and trusted sites</div><ol><li>Go to <strong>Tools &gt; Internet options </strong>&gt;<strong> Security</strong>.</li><li>Within <strong>Select a zone to view of change security settings</strong>, select <strong>Local intranet</strong> and then select <strong>Enable Protected Mode</strong>.</li><li>Select <strong>Trusted Sites</strong> and then select <strong>Enable Protected Mode</strong>.&nbsp;</li><li>Select&nbsp;<strong>OK</strong>.</li></ol><div>You must restart the browser after making these changes.</div><div><br></div><div><strong>Resolution:</strong> This issue is resolved in <a href=\"https://support.microsoft.com/help/4495667\" target=\"_blank\">KB4495667</a>.</div><br><a href ='#49msg'>Back to top</a></td><td>OS Build 17763.379<br><br>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489899' target='_blank'>KB4489899</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4495667' target='_blank'>KB4495667</a></td><td>Resolved:<br>May 03, 2019 <br>10:00 AM PT<br><br>Opened:<br>March 12, 2019 <br>10:00 AM PT</td></tr>
       </table>
       "
 

windows/release-information/status-windows-10-1507.yml

@@ -60,6 +60,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
+      <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 10240.18368<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520011' target='_blank'>KB4520011</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>OS Build 10240.18334<br><br>September 23, 2019<br><a href ='https://support.microsoft.com/help/4522009' target='_blank'>KB4522009</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520011' target='_blank'>KB4520011</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='196msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#196msgdesc'>See details ></a></td><td>OS Build 10240.18094<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480962' target='_blank'>KB4480962</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
       </table>
@@ -72,6 +73,15 @@ sections:
         <div>
         </div> 
       "
+- title: November 2019
+- items:
+  - type: markdown
+    text: "
+      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>OS Build 10240.18368<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520011' target='_blank'>KB4520011</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
+      </table>
+      "
+
 - title: September 2019
 - items:
   - type: markdown

windows/release-information/status-windows-10-1607-and-windows-server-2016.yml

@@ -60,6 +60,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
+      <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 14393.3274<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519998' target='_blank'>KB4519998</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>OS Build 14393.3206<br><br>September 23, 2019<br><a href ='https://support.microsoft.com/help/4522010' target='_blank'>KB4522010</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519998' target='_blank'>KB4519998</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='195msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#195msgdesc'>See details ></a></td><td>OS Build 14393.2724<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480961' target='_blank'>KB4480961</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
       <tr><td><div id='61msg'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><br>Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.<br><br><a href = '#61msgdesc'>See details ></a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>February 19, 2019 <br>10:00 AM PT</td></tr>
@@ -74,6 +75,15 @@ sections:
         <div>
         </div> 
       "
+- title: November 2019
+- items:
+  - type: markdown
+    text: "
+      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>OS Build 14393.3274<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519998' target='_blank'>KB4519998</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
+      </table>
+      "
+
 - title: September 2019
 - items:
   - type: markdown

windows/release-information/status-windows-10-1709.yml

@@ -60,6 +60,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
+      <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 16299.1451<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520004' target='_blank'>KB4520004</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 16299.1387<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516066' target='_blank'>KB4516066</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>October 29, 2019 <br>05:15 PM PT</td></tr>
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>OS Build 16299.1392<br><br>September 23, 2019<br><a href ='https://support.microsoft.com/help/4522012' target='_blank'>KB4522012</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520004' target='_blank'>KB4520004</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='193msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#193msgdesc'>See details ></a></td><td>OS Build 16299.904<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480978' target='_blank'>KB4480978</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
@@ -73,6 +74,15 @@ sections:
         <div>
         </div> 
       "
+- title: November 2019
+- items:
+  - type: markdown
+    text: "
+      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>OS Build 16299.1451<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520004' target='_blank'>KB4520004</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
+      </table>
+      "
+
 - title: October 2019
 - items:
   - type: markdown

windows/release-information/status-windows-10-1803.yml

@@ -64,6 +64,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
+      <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 17134.1069<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520008' target='_blank'>KB4520008</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 17134.1006<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516058' target='_blank'>KB4516058</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>October 29, 2019 <br>05:15 PM PT</td></tr>
       <tr><td><div id='330msg'></div><b>Windows Mixed Reality Portal users may intermittently receive a 15-5 error code</b><br>You may receive a 15-5 error code in Windows Mixed Reality Portal and your headset may not wake up from sleep.<br><br><a href = '#330msgdesc'>See details ></a></td><td>OS Build 17134.950<br><br>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512501' target='_blank'>KB4512501</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519978' target='_blank'>KB4519978</a></td><td>October 15, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='244msg'></div><b>Startup to a black screen after installing updates</b><br>Your device may startup to a black screen during the first logon after installing updates.<br><br><a href = '#244msgdesc'>See details ></a></td><td>OS Build 17134.829<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503286' target='_blank'>KB4503286</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519978' target='_blank'>KB4519978</a></td><td>October 15, 2019 <br>10:00 AM PT</td></tr>
@@ -79,6 +80,15 @@ sections:
         <div>
         </div> 
       "
+- title: November 2019
+- items:
+  - type: markdown
+    text: "
+      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>OS Build 17134.1069<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520008' target='_blank'>KB4520008</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
+      </table>
+      "
+
 - title: October 2019
 - items:
   - type: markdown

windows/release-information/status-windows-10-1809-and-windows-server-2019.yml

@@ -64,6 +64,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
+      <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 17763.805<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519338' target='_blank'>KB4519338</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 17763.737<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4512578' target='_blank'>KB4512578</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>October 29, 2019 <br>05:15 PM PT</td></tr>
       <tr><td><div id='360msg'></div><b>Microsoft Defender Advanced Threat Protection might stop running</b><br>The Microsoft Defender ATP service might stop running and might fail to send reporting data.<br><br><a href = '#360msgdesc'>See details ></a></td><td>OS Build 17763.832<br><br>October 15, 2019<br><a href ='https://support.microsoft.com/help/4520062' target='_blank'>KB4520062</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>October 18, 2019 <br>04:23 PM PT</td></tr>
       <tr><td><div id='330msg'></div><b>Windows Mixed Reality Portal users may intermittently receive a 15-5 error code</b><br>You may receive a 15-5 error code in Windows Mixed Reality Portal and your headset may not wake up from sleep.<br><br><a href = '#330msgdesc'>See details ></a></td><td>OS Build 17763.678<br><br>August 13, 2019<br><a href ='https://support.microsoft.com/help/4511553' target='_blank'>KB4511553</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520062' target='_blank'>KB4520062</a></td><td>October 15, 2019 <br>10:00 AM PT</td></tr>
@@ -81,6 +82,15 @@ sections:
         <div>
         </div> 
       "
+- title: November 2019
+- items:
+  - type: markdown
+    text: "
+      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>OS Build 17763.805<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519338' target='_blank'>KB4519338</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
+      </table>
+      "
+
 - title: October 2019
 - items:
   - type: markdown

windows/release-information/status-windows-10-1903.yml

@@ -64,6 +64,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
+      <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 18362.418<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4517389' target='_blank'>KB4517389</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 18362.356<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4515384' target='_blank'>KB4515384</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>October 29, 2019 <br>05:15 PM PT</td></tr>
       <tr><td><div id='229msg'></div><b>Cannot launch Camera app </b><br>Microsoft and Intel have identified an issue affecting Intel RealSense SR300 or Intel RealSense S200 camera apps.<br><br><a href = '#229msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4501375' target='_blank'>KB4501375</a></td><td>June 27, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='358msg'></div><b>Unable to discover or connect to Bluetooth devices using some Qualcomm adapters</b><br>Microsoft has identified compatibility issues with some versions of Qualcomm Bluetooth radio drivers.<br><br><a href = '#358msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4517389' target='_blank'>KB4517389</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
@@ -73,7 +74,7 @@ sections:
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>OS Build 18362.357<br><br>September 23, 2019<br><a href ='https://support.microsoft.com/help/4522016' target='_blank'>KB4522016</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4517389' target='_blank'>KB4517389</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='317msg'></div><b>Updates may fail to install and you may receive Error 0x80073701</b><br>Installation of updates may fail and you may receive error code 0x80073701.<br><br><a href = '#317msgdesc'>See details ></a></td><td>OS Build 18362.145<br><br>May 29, 2019<br><a href ='https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>August 16, 2019 <br>04:28 PM PT</td></tr>
       <tr><td><div id='231msg'></div><b>Intermittent loss of Wi-Fi connectivity</b><br>Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. <br><br><a href = '#231msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated External<br></td><td>August 01, 2019 <br>08:44 PM PT</td></tr>
-      <tr><td><div id='226msg'></div><b>Gamma ramps, color profiles, and night light settings do not apply in some cases</b><br>Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.<br><br><a href = '#226msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>August 01, 2019 <br>06:27 PM PT</td></tr>
+      <tr><td><div id='226msg'></div><b>Gamma ramps, color profiles, and night light settings do not apply in some cases</b><br>Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.<br><br><a href = '#226msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = 'https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a></td><td>August 01, 2019 <br>06:27 PM PT</td></tr>
       <tr><td><div id='228msg'></div><b>Intel Audio displays an intcdaud.sys notification</b><br>Devices with a range of Intel Display Audio device drivers may experience battery drain.<br><br><a href = '#228msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:47 PM PT</td></tr>
       </table>
       "
@@ -85,6 +86,15 @@ sections:
         <div>
         </div> 
       "
+- title: November 2019
+- items:
+  - type: markdown
+    text: "
+      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>OS Build 18362.418<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4517389' target='_blank'>KB4517389</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
+      </table>
+      "
+
 - title: October 2019
 - items:
   - type: markdown
@@ -131,7 +141,7 @@ sections:
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='229msgdesc'></div><b>Cannot launch Camera app </b><div>Microsoft and Intel have identified an issue affecting Intel RealSense SR300 and Intel RealSense S200 cameras when using the Camera app. After updating to the Windows 10 May 2019 Update and launching the Camera app, you may get an error message stating:</div><div class=\"ql-indent-1\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;\"Close other apps, error code: 0XA00F4243.”</div><div><br></div><div>To safeguard your update experience, we have applied a protective hold on machines with Intel RealSense SR300 or Intel RealSense S200 cameras installed from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Resolution:&nbsp;</strong>This issue was resolved in&nbsp;<a href='https://support.microsoft.com/help/4501375' target='_blank'>KB4501375</a> and the safeguard hold has been removed.</div><br><a href ='#229msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4501375' target='_blank'>KB4501375</a></td><td>Resolved:<br>June 27, 2019 <br>10:00 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:20 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='225msgdesc'></div><b>Unable to discover or connect to Bluetooth devices using some Realtek adapters</b><div>Microsoft has identified compatibility issues with some driver versions for Bluetooth radios made by Realtek. To safeguard your update experience, we have applied a compatibility hold on devices with affected driver versions for Realtek Bluetooth radios from being offered Windows 10, version 1903 or Windows Server, version 1903 until the driver has been updated.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li><li>Server: Windows Server, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Check with your device manufacturer (OEM) to see if an updated driver is available and install it. You will need to install a Realtek driver version greater than 1.5.1011.0.</div><div><br></div><div><strong>Note</strong> Until an updated driver has been installed, we recommend you do not attempt to manually update using the<strong> Update now </strong>button or the Media Creation Tool.&nbsp;</div><div><br></div><div><strong>Next steps:&nbsp;</strong>Microsoft is working with Realtek to release new drivers for all affected system via Windows Update.</div><div><br></div><div><strong>October 25, 2019 note</strong> This issue was previously grouped with the Qualcomm radio issue, which is now resolved. There is no change to this issue except to remove reference to Qualcomm.</div><br><a href ='#225msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>October 25, 2019 <br>04:21 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:29 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='231msgdesc'></div><b>Intermittent loss of Wi-Fi connectivity</b><div>Some older computers may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available from your device manufacturer (OEM).</div><div><br></div><div>To safeguard your upgrade experience, we have applied a hold on devices with this Qualcomm driver from being offered Windows 10, version 1903, until&nbsp;the updated driver is installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Before updating to Windows 10, version 1903, you will need to download and install an updated Wi-Fi driver from your device manufacturer (OEM).</div><div>&nbsp;</div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.</div><br><a href ='#231msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated External<br></td><td>Last updated:<br>August 01, 2019 <br>08:44 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:13 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='226msgdesc'></div><b>Gamma ramps, color profiles, and night light settings do not apply in some cases</b><div>Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.</div><div><br></div><div>Microsoft has identified some scenarios in which these features may have issues or stop working, for example:</div><ul><li>Connecting to (or disconnecting from) an external monitor, dock, or projector</li><li>Rotating the screen</li><li>Updating display drivers or making other display mode changes</li><li>Closing full screen applications</li><li>Applying custom color profiles</li><li>Running applications that rely on custom gamma ramps</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>If you find that your night light has stopped working, try turning the night light off and on, or restarting your computer.&nbsp;For other color setting issues, restart your computer to correct the issue.</div><div><br></div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#226msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>August 01, 2019 <br>06:27 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:28 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='226msgdesc'></div><b>Gamma ramps, color profiles, and night light settings do not apply in some cases</b><div>Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.</div><div><br></div><div>Microsoft has identified some scenarios in which these features may have issues or stop working, for example:</div><ul><li>Connecting to (or disconnecting from) an external monitor, dock, or projector</li><li>Rotating the screen</li><li>Updating display drivers or making other display mode changes</li><li>Closing full screen applications</li><li>Applying custom color profiles</li><li>Running applications that rely on custom gamma ramps</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>If you find that your night light has stopped working, try turning the night light off and on, or restarting your computer.&nbsp;For other color setting issues, restart your computer to correct the issue.</div><div><br></div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#226msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = 'https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a></td><td>Last updated:<br>August 01, 2019 <br>06:27 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:28 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='228msgdesc'></div><b>Intel Audio displays an intcdaud.sys notification</b><div>Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in higher than normal battery drain.&nbsp;If you see an <strong>intcdaud.sys</strong> notification or “What needs your attention” notification when trying to update to Windows 10, version 1903, you have an affected Intel Audio Display device driver installed on your machine (intcdaud.sys, versions 10.25.0.3 through 10.25.0.8).</div><div>&nbsp;&nbsp;</div><div>To safeguard your update experience, we have applied a compatibility hold on devices with drivers from being offered Windows 10, version 1903 until&nbsp;updated device drivers have been installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809</li></ul><div></div><div><strong>Workaround:</strong></div><div>On the “What needs your attention\" notification, click the <strong>Back </strong>button to remain on your current version of Windows 10. (Do not click <strong>Confirm</strong> as this will proceed with the update and you may experience compatibility issues.)&nbsp;Affected devices will automatically revert to the previous working configuration.</div><div><br></div><div>For more information, see <a href=\"https://www.intel.com/content/www/us/en/support/articles/000030792/graphics-drivers.html\" target=\"_blank\" style=\"\">Intel's customer support guidance</a> and the Microsoft knowledge base article <a href=\"https://support.microsoft.com/help/4465877\" target=\"_blank\" style=\"\">KB4465877</a>.</div><div><br></div><div><strong>Note</strong> We recommend you do not attempt to update your devices until newer device drivers are installed.</div><div><br></div><div><strong>Next steps: </strong>You can opt to wait for newer drivers to be installed automatically through Windows Update or check with the computer manufacturer for the latest device driver software availability and installation procedures.</div><br><a href ='#228msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:47 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:22 AM PT</td></tr>
       </table>
       "

windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml

@@ -60,6 +60,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
+      <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>September 24, 2019<br><a href ='https://support.microsoft.com/help/4516048' target='_blank'>KB4516048</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='310msg'></div><b>IA64 and x64 devices may fail to start after installing updates</b><br>After installing updates released on or after August 13, 2019, IA64 and x64 devices using EFI Boot may fail to start.<br><br><a href = '#310msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>August 17, 2019 <br>12:59 PM PT</td></tr>
       </table>
@@ -72,6 +73,15 @@ sections:
         <div>
         </div> 
       "
+- title: November 2019
+- items:
+  - type: markdown
+    text: "
+      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
+      </table>
+      "
+
 - title: September 2019
 - items:
   - type: markdown

windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml

@@ -60,6 +60,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
+      <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520005' target='_blank'>KB4520005</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>September 24, 2019<br><a href ='https://support.microsoft.com/help/4516041' target='_blank'>KB4516041</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520005' target='_blank'>KB4520005</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='217msg'></div><b>Japanese IME doesn't show the new Japanese Era name as a text input option</b><br>With previous dictionary updates installed, the Japanese IME doesn't show the new Japanese Era name as an input option.<br><br><a href = '#217msgdesc'>See details ></a></td><td>April 25, 2019<br><a href ='https://support.microsoft.com/help/4493443' target='_blank'>KB4493443</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 15, 2019 <br>05:53 PM PT</td></tr>
       <tr><td><div id='161msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#161msgdesc'>See details ></a></td><td>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480963' target='_blank'>KB4480963</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
@@ -73,6 +74,15 @@ sections:
         <div>
         </div> 
       "
+- title: November 2019
+- items:
+  - type: markdown
+    text: "
+      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520005' target='_blank'>KB4520005</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
+      </table>
+      "
+
 - title: September 2019
 - items:
   - type: markdown

windows/release-information/status-windows-server-2008-sp2.yml

@@ -60,6 +60,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
+      <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520002' target='_blank'>KB4520002</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='327msg'></div><b>Issues manually installing updates by double-clicking the .msu file</b><br>You may encounter issues manually installing updates by double-clicking the .msu file and may receive an error.<br><br><a href = '#327msgdesc'>See details ></a></td><td>September 10, 2019<br><a href ='https://support.microsoft.com/help/4474419' target='_blank'>KB4474419</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4474419' target='_blank'>KB4474419</a></td><td>September 23, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>September 24, 2019<br><a href ='https://support.microsoft.com/help/4516030' target='_blank'>KB4516030</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520002' target='_blank'>KB4520002</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       </table>
@@ -72,6 +73,15 @@ sections:
         <div>
         </div> 
       "
+- title: November 2019
+- items:
+  - type: markdown
+    text: "
+      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520002' target='_blank'>KB4520002</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
+      </table>
+      "
+
 - title: September 2019
 - items:
   - type: markdown

windows/release-information/status-windows-server-2012.yml

@@ -60,6 +60,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
+      <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520007' target='_blank'>KB4520007</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
       <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>September 24, 2019<br><a href ='https://support.microsoft.com/help/4516069' target='_blank'>KB4516069</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520007' target='_blank'>KB4520007</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='217msg'></div><b>Japanese IME doesn't show the new Japanese Era name as a text input option</b><br>With previous dictionary updates installed, the Japanese IME doesn't show the new Japanese Era name as an input option.<br><br><a href = '#217msgdesc'>See details ></a></td><td>April 25, 2019<br><a href ='https://support.microsoft.com/help/4493462' target='_blank'>KB4493462</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 15, 2019 <br>05:53 PM PT</td></tr>
       <tr><td><div id='187msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#187msgdesc'>See details ></a></td><td>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480975' target='_blank'>KB4480975</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
@@ -73,6 +74,15 @@ sections:
         <div>
         </div> 
       "
+- title: November 2019
+- items:
+  - type: markdown
+    text: "
+      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520007' target='_blank'>KB4520007</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
+      </table>
+      "
+
 - title: September 2019
 - items:
   - type: markdown

windows/security/identity-protection/hello-for-business/hello-identity-verification.md

@@ -23,19 +23,21 @@ In Windows 10, Windows Hello for Business replaces passwords with strong two-fa
 Windows Hello for Business lets user authenticate to an Active Directory or Azure Active Directory account.
 
 Windows Hello addresses the following problems with passwords:
--   Strong passwords can be difficult to remember, and users often reuse passwords on multiple sites.
+
--   Server breaches can expose symmetric network credentials (passwords).
+- Strong passwords can be difficult to remember, and users often reuse passwords on multiple sites.
--   Passwords are subject to [replay attacks](https://go.microsoft.com/fwlink/p/?LinkId=615673).
+- Server breaches can expose symmetric network credentials (passwords).
--   Users can inadvertently expose their passwords due to [phishing attacks](https://docs.microsoft.com/windows/security/threat-protection/intelligence/phishing).
+- Passwords are subject to [replay attacks](https://go.microsoft.com/fwlink/p/?LinkId=615673).
+- Users can inadvertently expose their passwords due to [phishing attacks](https://docs.microsoft.com/windows/security/threat-protection/intelligence/phishing).
 
 >[!div class="mx-tdBreakAll"]
 >| | | |
 >| :---: | :---: | :---: |
 >| [![Overview Icon](images/hello_filter.png)](hello-overview.md)</br>[Overview](hello-overview.md) | [![Why a PIN is better than a password Icon](images/hello_lock.png)](hello-why-pin-is-better-than-password.md)</br>[Why PIN is better than a password](hello-why-pin-is-better-than-password.md) | [![Manage Hello Icon](images/hello_gear.png)](hello-manage-in-organization.md)</br>[Manage Windows Hello in your Organization](hello-manage-in-organization.md) |
 
-## Prerequisites 
+## Prerequisites
 
 ### Cloud Only Deployment
+
 * Windows 10, version 1511 or later
 * Microsoft Azure Account
 * Azure Active Directory
@@ -44,6 +46,7 @@ Windows Hello addresses the following problems with passwords:
 * Azure AD Premium subscription - *optional*, needed for automatic MDM enrollment when the device joins Azure Active Directory
 
 ### Hybrid Deployments
+
 The table shows the minimum requirements for each deployment. For key trust in a multi-domain/multi-forest deployment, the following requirements are applicable for each domain/forest that hosts Windows Hello for business components or is involved in the Kerberos referral process. 
 
 | Key trust</br>Group Policy managed | Certificate trust</br>Mixed managed | Key trust</br>Modern managed | Certificate trust</br>Modern managed | 
@@ -54,25 +57,26 @@ The table shows the minimum requirements for each deployment. For key trust in a
 | Windows Server 2016 or later Domain Controllers | Windows Server 2008 R2 or later Domain Controllers | Windows Server 2016 or later Domain Controllers | Windows Server 2008 R2 or later Domain Controllers | 
 | Windows Server 2012 or later Certificate Authority | Windows Server 2012 or later Certificate Authority | Windows Server 2012 or later Certificate Authority | Windows Server 2012 or later Certificate Authority |
 | N/A | Windows Server 2016 AD FS with [KB4088889 update](https://support.microsoft.com/help/4088889) (hybrid Azure AD joined clients),<br> and</br>Windows Server 2012 or later Network Device Enrollment Service (Azure AD joined) | N/A | Windows Server 2012 or later Network Device Enrollment Service |
-| Azure MFA tenant, or</br>AD FS w/Azure MFA adapter, or</br>AD FS w/Azure MFA Server adapter, or</br>AD FS w/3rd Party MFA Adapter.| Azure MFA tenant, or</br>AD FS w/Azure MFA adapter, or</br>AD FS w/Azure MFA Server adapter, or</br>AD FS w/3rd Party MFA Adapter | Azure MFA tenant, or</br>AD FS w/Azure MFA adapter, or</br>AD FS w/Azure MFA Server adapter, or</br>AD FS w/3rd Party MFA Adapter | Azure MFA tenant, or</br>AD FS w/Azure MFA adapter, or</br>AD FS w/Azure MFA Server adapter, or</br>AD FS w/3rd Party MFA Adapter. This is for **Azure AD Joined** devices. |
+| Azure MFA tenant, or</br>AD FS w/Azure MFA adapter, or</br>AD FS w/Azure MFA Server adapter, or</br>AD FS w/3rd Party MFA Adapter.| Azure MFA tenant, or</br>AD FS w/Azure MFA adapter, or</br>AD FS w/Azure MFA Server adapter, or</br>AD FS w/3rd Party MFA Adapter | Azure MFA tenant, or</br>AD FS w/Azure MFA adapter, or</br>AD FS w/Azure MFA Server adapter, or</br>AD FS w/3rd Party MFA Adapter | Azure MFA tenant, or</br>AD FS w/Azure MFA adapter, or</br>AD FS w/Azure MFA Server adapter, or</br>AD FS w/3rd Party MFA Adapter.
 | Azure Account | Azure Account | Azure Account | Azure Account |
 | Azure Active Directory | Azure Active Directory | Azure Active Directory | Azure Active Directory |
 | Azure AD Connect | Azure AD Connect | Azure AD Connect | Azure AD Connect | 
 | Azure AD Premium, optional | Azure AD Premium, needed for device write-back | Azure AD Premium, optional for automatic MDM enrollment | Azure AD Premium, optional for automatic MDM enrollment |
 
-### On-premises Deployments 
+### On-premises Deployments
+
 The table shows the minimum requirements for each deployment.
 
 | Key trust </br> Group Policy managed | Certificate trust </br> Group Policy managed|
-| --- | --- | 
+| --- | --- |
 | Windows 10, version 1703 or later | Windows 10, version 1703 or later |
 | Windows Server 2016 Schema | Windows Server 2016 Schema|
 | Windows Server 2008 R2 Domain/Forest functional level | Windows Server 2008 R2 Domain/Forest functional level |
 | Windows Server 2016 or later Domain Controllers | Windows Server 2008 R2 or later Domain Controllers |
 | Windows Server 2012 or later Certificate Authority | Windows Server 2012 or later Certificate Authority |
 | Windows Server 2016 AD FS with [KB4088889 update](https://support.microsoft.com/help/4088889) | Windows Server 2016 AD FS with [KB4088889 update](https://support.microsoft.com/help/4088889) |
-| AD FS with Azure MFA Server, or</br>AD FS with 3rd Party MFA Adapter | AD FS with Azure MFA Server, or</br>AD FS with 3rd Party MFA Adapter |
+| AD FS with 3rd Party MFA Adapter | AD FS with 3rd Party MFA Adapter |
 | Azure Account, optional for Azure MFA billing | Azure Account, optional for Azure MFA billing |
 
 >[!IMPORTANT]
-> For Windows Hello for Business deployment, if you have several domains, at least one Windows Server Domain Controller 2016 is required for each domain. For more information, see the [planning guide](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-adequate-domain-controllers).
+> For Windows Hello for Business key trust deployments, if you have several domains, at least one Windows Server Domain Controller 2016 or newer is required for each domain. For more information, see the [planning guide](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-adequate-domain-controllers).

windows/security/identity-protection/smart-cards/smart-card-events.md

@@ -97,14 +97,14 @@ The smart card reader device name is constructed in the form <*VendorName*&gt
 | 607          | Reader object failed to start monitor thread:  %1        | This is an internal, unrecoverable error that indicates a failure in the smart card service. The most common cause is limited computer resources. Restarting the computer may resolve the issue.<br>%1 = Windows error code             |
 | 608          | Reader monitor failed to create power down timer: %1     | This is an internal, unrecoverable error that indicates a failure in the smart card service. The most common cause is limited computer resources. Restarting the computer may resolve the issue.<br>%1 = Windows error code             |
 | 609          | Reader monitor failed to create overlapped event:  %1    | This is an internal, unrecoverable error that indicates a failure in the smart card service. The most common cause is limited computer resources. Restarting the computer may resolve the issue.<br>%1 = Windows error code             |
-| 610          | Smart Card Reader '%2' rejected IOCTL %3: %1  If this error persists, your smart card or reader may not be functioning correctly.%n%nCommand Header: %4 | The reader cannot successfully transmit the indicated IOCTL to the smart card. This can indicate hardware failure, but this error can also occur if a smart card or smart card reader is removed from the system while an operation is in progress.<br>%1 = Windows error code<br>%2 = Name of the smart card reader<br>%3 = IOCTL that was sent<br>%4 = First 4 bytes of the command sent to the smart card |
+| 610          | Smart Card Reader '%2' rejected IOCTL %3: %1 If this error persists, your smart card or reader may not be functioning correctly.%n%nCommand Header: %4 | The reader cannot successfully transmit the indicated IOCTL to the smart card. This is a benign error that does not affect end use of a smart card and can be ignored.<br>%1 = Windows error code<br>%2 = Name of the smart card reader<br>%3 = IOCTL that was sent<br>%4 = First 4 bytes of the command sent to the smart card |
 | 611          | Smart Card Reader initialization failed                  | This is an internal, unrecoverable error that indicates a failure in the smart card service. The most common cause is limited computer resources. Restarting the computer may resolve this issue.   |
 | 612          | Reader insertion monitor error retry threshold reached:  %1                 | This occurs when a smart card reader fails several times to respond properly to the IOCTL, which indicates whether a smart card is present in the reader. The smart card reader is marked as defective, and it is not recognized by the service until it is removed from the computer and reinserted or until the computer is restarted.<br>%1 = Windows error code          |
 | 615          | Reader removal monitor error retry threshold reached:  %1                   | This occurs when a smart card reader fails several times to respond properly to the IOCTL, which indicates whether a smart card is present in the reader. The smart card reader is marked as defective, and it is not recognized by the service until it is removed from the computer and reinserted or until the computer is restarted.<br>%1 = Windows error code          |
 | 616          | Reader monitor '%2' received uncaught error code:  %1    | This occurs when a smart card reader fails several times to respond properly to the IOCTL, which indicates whether a smart card is present in the reader. The smart card reader is marked as defective, and it is not recognized by the service until it is removed from the computer and reinserted or until the computer is restarted.<br>%1 = Windows error code<br>%2 = Reader name       |
 | 617          | Reader monitor '%1' exception -- exiting thread          | An unknown error occurred while monitoring a smart card reader for smart card insertions and removals. The smart card reader is marked as defective, and it is not recognized by the service until it is removed from the computer and reinserted or until the computer is restarted.<br>%1 = Smart card reader name                   |
 | 618          | Smart Card Resource Manager encountered an unrecoverable internal error.    | This is an internal, unrecoverable error that indicates a failure in the smart card service. The most common cause is limited computer resources. Restarting the computer may resolve the issue.    |
-| 621          | Server Control failed to access start event: %1          | This is an internal, unrecoverable error that indicates a failure in the smart card service. The most common cause is limited computer resources. Restarting the computer may resolve the issue.<br>%1 = Windows error code             |
+| 621          | Server Control failed to access start event: %1          | This is an internal, unrecoverable error that indicates a failure in the smart card service. The most common cause is limited computer resources. Restarting the computer may resolve the issue. This error may also occur if the event is queried before the smart card service is ready. In this case the error is benign and can be ignored.<br>%1 = Windows error code              |
 | 622          | Server Control failed to access stop event: %1           | This is an internal, unrecoverable error that indicates a failure in the smart card service. The most common cause is limited computer resources. Restarting the computer may resolve the issue.<br>%1 = Windows error code             |
 
 ## Smart card Plug and Play events

windows/security/threat-protection/TOC.md

@@ -9,7 +9,7 @@
 #### [Exposure score](microsoft-defender-atp/tvm-exposure-score.md)
 #### [Configuration score](microsoft-defender-atp/configuration-score.md)
 #### [Security recommendation](microsoft-defender-atp/tvm-security-recommendation.md)
-#### [Remediation](microsoft-defender-atp/tvm-remediation.md)
+#### [Remediation and exception](microsoft-defender-atp/tvm-remediation.md)
 #### [Software inventory](microsoft-defender-atp/tvm-software-inventory.md)
 #### [Weaknesses](microsoft-defender-atp/tvm-weaknesses.md)
 #### [Scenarios](microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md)
@@ -311,21 +311,23 @@
 ##### [Use the mpcmdrun.exe command line tool to manage next generation protection](windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md)
 
 
-### [Microsoft Defender Advanced Threat Protection for Mac](windows-defender-antivirus/microsoft-defender-atp-mac.md)
+### [Microsoft Defender Advanced Threat Protection for Mac](microsoft-defender-atp/microsoft-defender-atp-mac.md)
-#### [What's New in Microsoft Defender ATP for Mac](windows-defender-antivirus/microsoft-defender-atp-mac-whatsnew.md)
+#### [What's New](microsoft-defender-atp/mac-whatsnew.md)
-#### [Deploy Microsoft Defender Advanced Threat Protection for Mac]()
+#### [Deploy]()
-##### [Microsoft Intune-based deployment](windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md)
+##### [Microsoft Intune-based deployment](microsoft-defender-atp/mac-install-with-intune.md)
-##### [JAMF-based deployment](windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md)
+##### [JAMF-based deployment](microsoft-defender-atp/mac-install-with-jamf.md)
-##### [Deployment with a different Mobile Device Management (MDM) system](windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md)
+##### [Deployment with a different Mobile Device Management (MDM) system](microsoft-defender-atp/mac-install-with-other-mdm.md)
-##### [Manual deployment](windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md)
+##### [Manual deployment](microsoft-defender-atp/mac-install-manually.md)
-#### [Update Microsoft Defender ATP for Mac](windows-defender-antivirus/microsoft-defender-atp-mac-updates.md)
+#### [Update](microsoft-defender-atp/mac-updates.md)
-#### [Configure Microsoft Defender ATP for Mac]()
+#### [Configure]()
-##### [Set preferences for Microsoft Defender ATP for Mac](windows-defender-antivirus/microsoft-defender-atp-mac-preferences.md)
+##### [Configure and validate exclusions](microsoft-defender-atp/mac-exclusions.md)
-##### [Detect and block Potentially Unwanted Applications](windows-defender-antivirus/microsoft-defender-atp-mac-pua.md)
+##### [Set preferences](microsoft-defender-atp/mac-preferences.md)
-#### [Privacy for Microsoft Defender ATP for Mac](windows-defender-antivirus/microsoft-defender-atp-mac-privacy.md)
+##### [Detect and block Potentially Unwanted Applications](microsoft-defender-atp/mac-pua.md)
-#### [Resources for Microsoft Defender ATP for Mac](windows-defender-antivirus/microsoft-defender-atp-mac-resources.md)
+#### [Troubleshoot]()
-
+##### [Troubleshoot performance issues](microsoft-defender-atp/mac-support-perf.md)
-
+##### [Troubleshoot kernel extension issues](microsoft-defender-atp/mac-support-kext.md)
+#### [Privacy](microsoft-defender-atp/mac-privacy.md)
+#### [Resources](microsoft-defender-atp/mac-resources.md)
 
 
 ### [Configure Secure score dashboard security controls](microsoft-defender-atp/secure-score-dashboard.md)

windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md

@@ -25,6 +25,8 @@ ms.date: 10/08/2019
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
+[!include[Prerelease information](prerelease.md)]
+
 The [Advanced hunting](advanced-hunting-overview.md) schema is made up of multiple tables that provide either event information or information about machines and other entities. To effectively build queries that span multiple tables, you need to understand the tables and the columns in the Advanced hunting schema.
 
 ## Schema tables
@@ -52,4 +54,4 @@ Table and column names are also listed within the Microsoft Defender Security Ce
 
 ## Related topics
 - [Advanced hunting overview](advanced-hunting-overview.md)
-- [Learn the query language](advanced-hunting-query-language.md)
+- [Learn the query language](advanced-hunting-query-language.md)

windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-tvm-configassessment-table.md

@@ -26,6 +26,8 @@ ms.date: 10/27/2019
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
+[!include[Prerelease information](prerelease.md)]
+
 Each row in the DeviceTvmSecureConfigurationAssessment table contains an assessment event for a specific security configuration. Use this reference to check the latest assessment results and determine whether device are compliant.
 
 For information on other tables in the Advanced hunting schema, see [the Advanced hunting reference](advanced-hunting-reference.md).
@@ -34,13 +36,13 @@ For information on other tables in the Advanced hunting schema, see [the Advance
 |-------------|-----------|-------------|
 | MachineId | string | Unique identifier for the machine in the service |
 | ComputerName | string | Fully qualified domain name (FQDN) of the machine |
-| OSPlatform | string | Platform of the operating system running on the machine. This indicates specific operating systems, including variations within the same family, such as Windows 10 and Windows 7.|| CveId | string | Unique identifier assigned to the security vulnerability under the Common Vulnerabilities and Exposures (CVE) system|
+| OSPlatform | string | Platform of the operating system running on the machine. This indicates specific operating systems, including variations within the same family, such as Windows 10 and Windows 7.|
 | Timestamp | datetime |Date and time when the record was generated|
 | ConfigurationId | string | Unique identifier for a specific configuration |
 | ConfigurationCategory | string | Category or grouping to which the configuration belongs: Application, OS, Network, Accounts, Security controls|
 | ConfigurationSubcategory | string |Subcategory or subgrouping to which the configuration belongs. In many cases, this describes specific capabilities or features. |
 | ConfigurationImpact | string | Rated impact of the configuration to the overall configuration score (1-10) |
-| IsCompliant | string | Indicates whether the configuration or policy is properly configured |
+| IsCompliant | boolean | Indicates whether the configuration or policy is properly configured |
 
 
 ## Related topics

windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-tvm-secureconfigkb-table.md

@@ -26,6 +26,8 @@ ms.date: 10/27/2019
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
+[!include[Prerelease information](prerelease.md)]
+
 The DeviceTvmSecureConfigurationAssessmentKB table in the Advanced hunting schema contains information about the various secure configuration TVM checks during assessments related to your organization. An example of a security configuration is to block JavaScript or VBScript from launching downloaded executable content to prevent accidentally downloading malicious files in your network. Use this reference to construct queries that return information from the table.
 
 For information on other tables in the Advanced hunting schema, see [the Advanced hunting reference](advanced-hunting-reference.md).

windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-tvm-softwareinventory-table.md

@@ -42,8 +42,8 @@ For information on other tables in the Advanced hunting schema, see [the Advance
 | OSArchitecture | string | Architecture of the operating system running on the machine|
 | SoftwareVendor | string | Severity level assigned to the security vulnerability based on the CVSS score and dynamic factors influenced by the threat landscape|
 | SoftwareName | string | Name of the software product|
-|SoftwareVersion | string | Unique identifier assigned to the security vulnerability under the Common Vulnerabilities and Exposures (CVE) system|
+|SoftwareVersion | string | Version number of the software product|
-| CveId | string | Severity level assigned to the security vulnerability based on the CVSS score and dynamic factors influenced by the threat landscape|
+| CveId | string | Unique identifier assigned to the security vulnerability under the Common Vulnerabilities and Exposures (CVE) system|
 | VulnerabilitySeverityLevel | string | Severity level assigned to the security vulnerability based on the CVSS score and dynamic factors influenced by the threat landscape|
 
 

windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-tvm-softwarevulnerability-table.md

@@ -26,6 +26,8 @@ ms.date: 10/27/2019
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
+[!include[Prerelease information](prerelease.md)]
+
 The DeviceTvmSoftwareInventoryVulnerabilities table in the Advanced hunting schema contains information about the vulnerabilities Threat & Vulnerability Management assesses devices for. Use this reference along with DeviceTvmSoftwareInventoryVulnerabilities to construct queries that return information on the metadata related to the vulnerabilities in your inventory.
 
 For information on other tables in the Advanced hunting schema, see [the Advanced hunting reference](advanced-hunting-reference.md).
@@ -34,7 +36,7 @@ For information on other tables in the Advanced hunting schema, see [the Advance
 |-------------|-----------|-------------|
 | CveId | string | Unique identifier assigned to the security vulnerability under the Common Vulnerabilities and Exposures (CVE) system|
 | CvssScore | string | Severity score assigned to the security vulnerability under th Common Vulnerability Scoring System (CVSS)|
-| IsExploitAvailable | string | Indicates whether exploit code for the vulnerability is publicly available|
+| IsExploitAvailable | boolean | Indicates whether exploit code for the vulnerability is publicly available|
 | VulnerabilitySeverityLevel | string | Severity level assigned to the security vulnerability based on the CVSS score and dynamic factors influenced by the threat landscape|
 | LastModifiedTime | datetime | Date and time the item or related metadata was last modified|
 | PublishedDate | datetime | Date vulnerability was disclosed to public|

windows/security/threat-protection/microsoft-defender-atp/configuration-score.md

@@ -60,7 +60,7 @@ See how you can [improve your security configuration](https://docs.microsoft.com
 >- RS3 customers | [KB 4516071](https://support.microsoft.com/help/4516071/windows-10-update-kb4516071)
 >
 >To download the security updates:
->1. Go to [Microsoft Update Catalog](http://www.catalog.update.microsoft.com/home.aspx).
+>1. Go to [Microsoft Update Catalog](https://www.catalog.update.microsoft.com/home.aspx).
 >2. Key-in the security update KB number that you need to download, then click **Search**.  
 
 ## Related topics
@@ -68,7 +68,7 @@ See how you can [improve your security configuration](https://docs.microsoft.com
 - [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md)
 - [Exposure score](tvm-exposure-score.md)
 - [Security recommendations](tvm-security-recommendation.md)
-- [Remediation](tvm-remediation.md)
+- [Remediation and exception](tvm-remediation.md)
 - [Software inventory](tvm-software-inventory.md)
 - [Weaknesses](tvm-weaknesses.md)
 - [Scenarios](threat-and-vuln-mgt-scenarios.md)

windows/security/threat-protection/microsoft-defender-atp/endpoint-detection-response-mac-preview.md

@@ -0,0 +1,154 @@
+---
+title: Microsoft Defender ATP for Mac
+ms.reviewer:
+description: Describes how to install and use Microsoft Defender ATP for Mac.
+keywords: microsoft, defender, atp, mac, installation, deploy, uninstallation, intune, jamf, macos, catalina, mojave, high sierra
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dansimp
+author: dansimp
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance
+ms.topic: conceptual
+---
+
+# Enable Microsoft Defender ATP Insider Machine
+
+The following instructions specify how to configure a macOS machine running Microsoft Defender ATP to be an "Insider" machine. For scale deployment we recommend using Jamf, or Intune.
+
+>[!IMPORTANT]
+>Make sure you have enabled [Microsoft Defender ATP for Mac](microsoft-defender-atp-mac.md#how-to-install-microsoft-defender-atp-for-mac), and pay attention to the “earlyPreview” flag. See documentation for [Jamf](mac-install-with-jamf.md), [Intune](mac-install-with-intune.md) and [manual deployment](mac-install-manually.md) instructions.
+
+## Enable the Insider program with Jamf
+
+a. Create configuration profile com.microsoft.wdav.plist with the following content:
+
+```XML
+    <?xml version="1.0" encoding="UTF-8"?>
+    <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+    <plist version="1.0">
+    <dict>
+        <key>edr</key>
+        <dict>
+            <key>earlyPreview</key>
+            <true/>
+        </dict>
+    </dict>
+    </plist>
+```
+
+b. From the JAMF console, navigate to **Computers > Configuration Profiles**, navigate to the configuration profile you'd like to use, then select **Custom Settings**.
+
+c. Create an entry with com.microsoft.wdav as the preference domain and upload the .plist created earlier.
+
+>[!WARNING]
+>You must enter the correct preference domain (com.microsoft.wdav), otherwise the preferences will not be recognized by the product
+
+## Enable the Insider program with Intune
+
+a. Create configuration profile com.microsoft.wdav.plist with the following content:
+
+ ```XML
+    <?xml version="1.0" encoding="utf-8"?>
+    <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+    <plist version="1">
+        <dict>
+            <key>PayloadUUID</key>
+            <string>C4E6A782-0C8D-44AB-A025-EB893987A295</string>
+            <key>PayloadType</key>
+            <string>Configuration</string>
+            <key>PayloadOrganization</key>
+            <string>Microsoft</string>
+            <key>PayloadIdentifier</key>
+            <string>com.microsoft.wdav</string>
+            <key>PayloadDisplayName</key>
+            <string>Microsoft Defender ATP settings</string>
+            <key>PayloadDescription</key>
+            <string>Microsoft Defender ATP configuration settings</string>
+            <key>PayloadVersion</key>
+            <integer>1</integer>
+            <key>PayloadEnabled</key>
+            <true/>
+            <key>PayloadRemovalDisallowed</key>
+            <true/>
+            <key>PayloadScope</key>
+            <string>System</string>
+            <key>PayloadContent</key>
+            <array>
+                <dict>
+                    <key>PayloadUUID</key>
+                    <string>99DBC2BC-3B3A-46A2-A413-C8F9BB9A7295</string>
+                    <key>PayloadType</key>
+                    <string>com.microsoft.wdav</string>
+                    <key>PayloadOrganization</key>
+                    <string>Microsoft</string>
+                    <key>PayloadIdentifier</key>
+                    <string>com.microsoft.wdav</string>
+                    <key>PayloadDisplayName</key>
+                    <string>Microsoft Defender ATP configuration settings</string>
+                    <key>PayloadDescription</key>
+                    <string/>
+                    <key>PayloadVersion</key>
+                    <integer>1</integer>
+                    <key>PayloadEnabled</key>
+                    <true/>
+                    <key>edr</key>
+                    <dict>
+                        <key>earlyPreview</key>
+                        <true/>
+                    </dict>
+                </dict>
+            </array>
+        </dict>
+    </plist>
+```
+
+b. Open **Manage > Device configuration**. Select **Manage > Profiles > Create Profile**.
+
+c. Choose a name for the profile. Change **Platform=macOS** to **Profile type=Custom**. Select **Configure**.
+
+d. Save the .plist created earlier as com.microsoft.wdav.xml.
+
+e. Enter com.microsoft.wdav as the custom configuration profile name.
+
+f. Open the configuration profile and upload com.microsoft.wdav.xml. This file was created in step 1.
+
+g. Select **OK**.
+
+h. Select **Manage > Assignments**. In the **Include** tab, select **Assign to All Users & All devices**.
+
+>[!WARNING]
+>You must enter the correct custom configuration profile name, otherwise these preferences will not be recognized by the product.
+
+## Enable the Insider program manually on a single machine
+
+In the command prompt, run:
+
+```bash
+    mdatp --edr --early-preview true
+ ```
+
+## Troubleshooting
+
+### Verify you are running the correct version
+
+To verify you are running the correct version, run ‘mdatp --health’ on the machine.
+
+* The required version is 100.72.15 or later.
+* If the version is not as expected, verify that Microsoft Auto Update is set to automatically download and install updates by running ‘defaults read com.microsoft.autoupdate2’ from terminal.
+* To change update settings use documentation in Update Office for Mac automatically.
+* If you are not using Office for Mac, download and run the AutoUpdate tool.
+
+### A machine still does not appear on Microsoft Defender Security Center
+
+After a successful deployment and onboarding of the correct version, check that the machine has connectivity to the cloud service by running ‘mdatp --connectivity-test’.
+
+* Check that you enabled the early preview flag. In terminal run “mdatp –health” and look for the value of “edrEarlyPreviewEnabled”. It should be “Enabled”.
+
+If you followed the manual deployment instructions, you were prompted to enable Kernel Extensions. Pay attention to the “System Extension note” in the manual deployment documentation and use the “Manual Deployment” section in the troubleshoot kernel extension documentation.

windows/security/threat-protection/microsoft-defender-atp/import-export-exploit-protection-emet-xml.md

@@ -53,6 +53,9 @@ When you have configured exploit protection to your desired state (including bot
 
 3. At the bottom of the **Exploit protection** section, click **Export settings** and then choose the location and name of the XML file where you want the configuration to be saved.
 
+> [!IMPORTANT]
+> If you want to use Default configuration, use the settings "On by default" instead of "Use Default (On)" to get the settings exported correctly on the XML file.
+
 ![Highlight of the Export Settings option](../images/wdsc-exp-prot-export.png)
 
 > [!NOTE]

windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md

@@ -0,0 +1,81 @@
+---
+title: Configure and validate exclusions for Microsoft Defender ATP for Mac
+description: Provide and validate exclusions for Microsoft Defender ATP for Mac. Exclusions can be set for files, folders, and processes.
+keywords: microsoft, defender, atp, mac, exclusions, scans, antivirus
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dansimp
+author: dansimp
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: conceptual
+---
+
+# Configure and validate exclusions for Microsoft Defender ATP for Mac
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md)
+
+This article provides information on how to define exclusions that apply to on-demand scans, and real-time protection and monitoring.
+
+>[!IMPORTANT]
+>The exclusions described in this article don't apply to other Microsoft Defender ATP for Mac capabilities, including endpoint detection and response (EDR). Files that you exclude using the methods described in this article can still trigger EDR alerts and other detections.
+
+You can exclude certain files, folders, processes, and process-opened files from Microsoft Defender ATP for Mac scans.
+
+Exclusions can be useful to avoid incorrect detections on files or software that are unique or customized to your organization. They can also be useful for mitigating performance issues caused by Microsoft Defender ATP for Mac.
+
+>[!WARNING]
+>Defining exclusions lowers the protection offered by Microsoft Defender ATP for Mac. You should always evaluate the risks that are associated with implementing exclusions, and you should only exclude files that you are confident are not malicious.
+
+## Supported exclusion types
+
+The follow table shows the exclusion types supported by Microsoft Defender ATP for Mac.
+
+Exclusion | Definition | Examples
+---|---|---
+File extension | All files with the extension, anywhere on the machine | .test
+File | A specific file identified by the full path | /var/log/test.log
+Folder | All files under the specified folder | /var/log/
+Process | A specific process (specified either by the full path or file name) and all files opened by it | /bin/cat<br/>cat
+
+## How to configure the list of exclusions
+
+### From the management console
+
+For more information on how to configure exclusions from JAMF, Intune, or another management console, see [Set preferences for Microsoft Defender ATP for Mac](mac-preferences.md).
+
+### From the user interface
+
+Open the Microsoft Defender ATP application and navigate to **Manage settings** > **Add or Remove Exclusion...**, as shown in the following screenshot:
+
+![[Manage exclusions screenshot](../windows-defender-antivirus/images/mdatp-37-exclusions.png)
+
+Select the type of exclusion that you wish to add and follow the prompts.
+
+## Validate exclusions lists with the EICAR test file
+
+You can validate that your exclusion lists are working by using `curl` to download a test file.
+
+In the following Bash snippet, replace *test.txt* with a file that conforms to your exclusion rules. For example, if you have excluded the *.testing extension*, replace *test.txt* with *test.testing*. If you are testing a path, ensure that you run the command within that path.
+
+```bash
+$ curl -o test.txt http://www.eicar.org/download/eicar.com.txt
+```
+
+If Microsoft Defender ATP for Mac reports malware, then the rule is not working. If there is no report of malware, and the downloaded file exists, then the exclusion is working. You can open the file to confirm that the contents are the same as what is described on the [EICAR test file website](http://2016.eicar.org/86-0-Intended-use.html).
+
+If you do not have internet access, you can create your own EICAR test file. Write the EICAR string to a new text file with the following Bash command:
+
+```bash
+echo 'X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*' > test.txt
+```
+
+You can also copy the string into a blank text file and attempt to save it with the file name or in the folder you are attempting to exclude.

windows/security/threat-protection/microsoft-defender-atp/mac-install-manually.md

@@ -1,7 +1,6 @@
 ---
-title: Installing Microsoft Defender ATP for Mac manually
+title: Manual deployment for Microsoft Defender ATP for Mac
-ms.reviewer: 
+description: Install Microsoft Defender ATP for Mac manually, from the command line.
-description: Describes how to install Microsoft Defender ATP for Mac manually, from the command line.
 keywords: microsoft, defender, atp, mac, installation, deploy, uninstallation, intune, jamf, macos, catalina, mojave, high sierra
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -18,7 +17,7 @@ ms.collection: M365-security-compliance
 ms.topic: conceptual
 ---
 
-# Manual deployment
+# Manual deployment for Microsoft Defender ATP for Mac
 
 **Applies to:**
 
@@ -42,7 +41,7 @@ Download the installation and onboarding packages from Windows Defender Security
 3. In Section 2 of the page, select **Download installation package**. Save it as wdav.pkg to a local directory.
 4. In Section 2 of the page, select **Download onboarding package**. Save it as WindowsDefenderATPOnboardingPackage.zip to the same directory.
 
-    ![Windows Defender Security Center screenshot](images/ATP_Portal_Onboarding_page.png)
+    ![Windows Defender Security Center screenshot](../windows-defender-antivirus/images/ATP-Portal-Onboarding-page.png)
 
 5. From a command prompt, verify that you have the two files.
     Extract the contents of the .zip files:
@@ -63,83 +62,28 @@ To complete this process, you must have admin privileges on the machine.
 
 1. Navigate to the downloaded wdav.pkg in Finder and open it.
 
-    ![App install screenshot](images/MDATP_28_AppInstall.png)
+    ![App install screenshot](../windows-defender-antivirus/images/MDATP-28-AppInstall.png)
 
 2. Select **Continue**, agree with the License terms, and enter the password when prompted.
 
-    ![App install screenshot](images/MDATP_29_AppInstallLogin.png)
+    ![App install screenshot](../windows-defender-antivirus/images/MDATP-29-AppInstallLogin.png)
 
    > [!IMPORTANT]
    > You will be prompted to allow a driver from Microsoft to be installed (either "System Extension Blocked" or "Installation is on hold" or both. The driver must be allowed to be installed.
 
-   ![App install screenshot](images/MDATP_30_SystemExtension.png)
+   ![App install screenshot](../windows-defender-antivirus/images/MDATP-30-SystemExtension.png)
 
 3. Select **Open Security Preferences**  or **Open System Preferences > Security & Privacy**. Select **Allow**:
 
-    ![Security and privacy window screenshot](images/MDATP_31_SecurityPrivacySettings.png)
+    ![Security and privacy window screenshot](../windows-defender-antivirus/images/MDATP-31-SecurityPrivacySettings.png)
 
 The installation proceeds.
 
-> [!NOTE]
+> [!CAUTION]
-> If you don't select **Allow**, the installation will proceed after 5 minutes. Defender ATP will be loaded, but real-time protection will be disabled.
+> If you don't select **Allow**, the installation will proceed after 5 minutes. Defender ATP will be loaded, but some features, such as real-time protection, will be disabled. See [Troubleshoot kernel extension issues](mac-support-kext.md) for information on how to resolve this.
 
 > [!NOTE]
-> macOS may request to reboot the machine upon the first installation of Microsoft Defender. Real-Time Protection will not be available until the machine is rebooted.
+> macOS may request to reboot the machine upon the first installation of Microsoft Defender. Real-time protection will not be available until the machine is rebooted.
-
-### Fixing disabled Real-Time Protection
-
-If you did not enable Microsoft's driver during installation, then the application displays a banner prompting you to enable it:
-
-   ![RTP disabled screenshot](images/MDATP_32_Main_App_Fix.png)
-
-You can also run ```mdatp --health```. It reports if Real-Time Protection is enabled but not available:
-
-```bash
-$ mdatp --health
-...
-realTimeProtectionAvailable             : false
-realTimeProtectionEnabled               : true
-...
-```
-
-> [!NOTE]
-> You have a 30 minute window to enable Real-Time Protection from the warning banner, immediately following installation.
-
-The warning banner contains a **Fix** button, which allows you to quickly enable Real-Time Protection, without having to open a command prompt. Select the **Fix** button. It prompts the **Security & Privacy** system window, where you have to **Allow** system software from developers "Microsoft Corporation".
-
-If you don't see a prompt, it means that 30 or more minutes have already passed, and Real-Time Protection has still not been enabled:
-
-![Security and privacy window after prompt expired screenshot](images/MDATP_33_SecurityPrivacySettings_NoPrompt.png)
-
-In this case, you need to perform the following steps to enable Real-Time Protection instead.
-
-1. In Terminal, attempt to install the driver. (The operation will fail)
-    ```bash
-    $ sudo kextutil /Library/Extensions/wdavkext.kext
-    Kext rejected due to system policy: <OSKext 0x7fc34d528390 [0x7fffa74aa8e0]> { URL = "file:///Library/StagedExtensions/Library/Extensions/wdavkext.kext/", ID = "com.microsoft.wdavkext" }
-    Kext rejected due to system policy: <OSKext 0x7fc34d528390 [0x7fffa74aa8e0]> { URL = "file:///Library/StagedExtensions/Library/Extensions/wdavkext.kext/", ID = "com.microsoft.wdavkext" }
-    Diagnostics for /Library/Extensions/wdavkext.kext:
-    ```
-
-2. Open **System Preferences...** > **Security & Privacy** from the menu. (Close it first, if it's opened.)
-
-3. **Allow** system software from developers "Microsoft Corporation"
-
-4. In Terminal, install the driver again. This time the operation will succeed:
-
-```bash
-$ sudo kextutil /Library/Extensions/wdavkext.kext
-```
-
-The banner should disappear from the Defender application, and ```mdatp --health``` should now report that Real-Time Protection is both enabled and available:
-
-```bash
-$ mdatp --health
-...
-realTimeProtectionAvailable             : true
-realTimeProtectionEnabled               : true
-...
-```
 
 ## Client configuration
 
@@ -167,7 +111,7 @@ realTimeProtectionEnabled               : true
 
 After installation, you'll see the Microsoft Defender icon in the macOS status bar in the top-right corner.
 
-   ![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png)
+   ![Microsoft Defender icon in status bar screenshot](../windows-defender-antivirus/images/MDATP-Icon-Bar.png)
 
 ## How to Allow Full Disk Access
 
@@ -178,8 +122,8 @@ To grant consent, open System Preferences -> Security & Privacy -> Privacy -> Fu
 
 ## Logging installation issues
 
-See [Logging installation issues](microsoft-defender-atp-mac-resources.md#logging-installation-issues) for more information on how to find the automatically generated log that is created by the installer when an error occurs.
+See [Logging installation issues](mac-resources.md#logging-installation-issues) for more information on how to find the automatically generated log that is created by the installer when an error occurs.
 
 ## Uninstallation
 
-See [Uninstalling](microsoft-defender-atp-mac-resources.md#uninstalling) for details on how to remove Microsoft Defender ATP for Mac from client devices.
+See [Uninstalling](mac-resources.md#uninstalling) for details on how to remove Microsoft Defender ATP for Mac from client devices.

windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md

@@ -1,7 +1,6 @@
 ---
-title: Installing Microsoft Defender ATP for Mac with Microsoft Intune
+title: Intune-based deployment for Microsoft Defender ATP for Mac
-ms.reviewer: 
+description: Install Microsoft Defender ATP for Mac, using Microsoft Intune.
-description: Describes how to install Microsoft Defender ATP for Mac, using Microsoft Intune.
 keywords: microsoft, defender, atp, mac, installation, deploy, uninstallation, intune, jamf, macos, catalina, mojave, high sierra
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -18,7 +17,7 @@ ms.collection: M365-security-compliance
 ms.topic: conceptual
 ---
 
-# Microsoft Intune-based deployment
+# Intune-based deployment for Microsoft Defender ATP for Mac
 
 **Applies to:**
 
@@ -44,7 +43,7 @@ Download the installation and onboarding packages from Microsoft Defender Securi
 4. In Section 2 of the page, select **Download onboarding package**. Save it as _WindowsDefenderATPOnboardingPackage.zip_ to the same directory.
 5. Download **IntuneAppUtil** from [https://docs.microsoft.com/intune/lob-apps-macos](https://docs.microsoft.com/intune/lob-apps-macos).
 
-    ![Windows Defender Security Center screenshot](images/MDATP_2_DownloadPackages.png)
+    ![Windows Defender Security Center screenshot](../windows-defender-antivirus/images/MDATP-2-DownloadPackages.png)
 
 6. From a command prompt, verify that you have the three files.
     Extract the contents of the .zip files:
@@ -91,11 +90,11 @@ You need no special provisioning for a Mac device beyond a standard [Company Por
 
 1. You are asked to confirm device management.
 
-![Confirm device management screenshot](images/MDATP_3_ConfirmDeviceMgmt.png)
+![Confirm device management screenshot](../windows-defender-antivirus/images/MDATP-3-ConfirmDeviceMgmt.png)
 
 Select **Open System Preferences**, locate **Management Profile** on the list, and select **Approve...**. Your Management Profile would be displayed as **Verified**:
 
-![Management profile screenshot](images/MDATP_4_ManagementProfile.png)
+![Management profile screenshot](../windows-defender-antivirus/images/MDATP-4-ManagementProfile.png)
 
 2. Select **Continue** and complete the enrollment.
 
@@ -103,7 +102,7 @@ You may now enroll more devices. You can also enroll them later, after you have
 
 3. In Intune, open **Manage** > **Devices** > **All devices**. Here you can see your device among those listed:
 
-![Add Devices screenshot](images/MDATP_5_allDevices.png)
+![Add Devices screenshot](../windows-defender-antivirus/images/MDATP-5-allDevices.png)
 
 ## Create System Configuration profiles
 
@@ -112,7 +111,7 @@ You may now enroll more devices. You can also enroll them later, after you have
 3. Open the configuration profile and upload intune/kext.xml. This file was created in one of the preceding sections.
 4. Select **OK**.
 
-    ![System configuration profiles screenshot](images/MDATP_6_SystemConfigurationProfiles.png)
+    ![System configuration profiles screenshot](../windows-defender-antivirus/images/MDATP-6-SystemConfigurationProfiles.png)
 
 5. Select **Manage** > **Assignments**. In the **Include** tab, select **Assign to All Users & All devices**.
 6. Repeat steps 1 through 5 for more profiles.
@@ -287,7 +286,7 @@ You may now enroll more devices. You can also enroll them later, after you have
 
 Once the Intune changes are propagated to the enrolled devices, you can see them listed under **Monitor** > **Device status**:
 
-![System configuration profiles screenshot](images/MDATP_7_DeviceStatusBlade.png)
+![System configuration profiles screenshot](../windows-defender-antivirus/images/MDATP-7-DeviceStatusBlade.png)
 
 ## Publish application
 
@@ -298,40 +297,40 @@ Once the Intune changes are propagated to the enrolled devices, you can see them
 5. Use **macOS High Sierra 10.13** as the minimum OS and set *Ignore app version* to **Yes**. Other settings can be any arbitrary value.
 
     > [!CAUTION]
-    > Failure to set *Ignore app version* to **Yes** impacts the ability of the application to receive updates through Microsoft AutoUpdate. See [Deploy updates for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-updates.md) for additional information about how the product is updated.
+    > Failure to set *Ignore app version* to **Yes** impacts the ability of the application to receive updates through Microsoft AutoUpdate. See [Deploy updates for Microsoft Defender ATP for Mac](mac-updates.md) for additional information about how the product is updated.
 
-    ![Device status blade screenshot](images/MDATP_8_IntuneAppInfo.png)
+    ![Device status blade screenshot](../windows-defender-antivirus/images/MDATP-8-IntuneAppInfo.png)
 
 6. Select **OK** and **Add**.
 
-    ![Device status blade screenshot](images/MDATP_9_IntunePkgInfo.png)
+    ![Device status blade screenshot](../windows-defender-antivirus/images/MDATP-9-IntunePkgInfo.png)
 
 7. It may take a few moments to upload the package. After it's done, select the package from the list and go to **Assignments** and **Add group**.
 
-    ![Client apps screenshot](images/MDATP_10_ClientApps.png)
+    ![Client apps screenshot](../windows-defender-antivirus/images/MDATP-10-ClientApps.png)
 
 8. Change **Assignment type** to **Required**.
 9. Select **Included Groups**. Select **Make this app required for all devices=Yes**. Click **Select group to include** and add a group that contains the users you want to target. Select **OK** and **Save**.
 
-    ![Intune assignments info screenshot](images/MDATP_11_Assignments.png)
+    ![Intune assignments info screenshot](../windows-defender-antivirus/images/MDATP-11-Assignments.png)
 
 10. After some time the application will be published to all enrolled devices. You can see it listed in **Monitor** > **Device**, under **Device install status**:
 
-    ![Intune device status screenshot](images/MDATP_12_DeviceInstall.png)
+    ![Intune device status screenshot](../windows-defender-antivirus/images/MDATP-12-DeviceInstall.png)
 
 ## Verify client device state
 
 1. After the configuration profiles are deployed to your devices, open **System Preferences** > **Profiles** on your Mac device.
 
-    ![System Preferences screenshot](images/MDATP_13_SystemPreferences.png)
+    ![System Preferences screenshot](../windows-defender-antivirus/images/MDATP-13-SystemPreferences.png)<br/>
-    ![System Preferences Profiles screenshot](images/MDATP_14_SystemPreferencesProfiles.png)
+    ![System Preferences Profiles screenshot](../windows-defender-antivirus/images/MDATP-14-SystemPreferencesProfiles.png)
 
 2. Verify that the following configuration profiles are present and installed. The **Management Profile** should be the Intune system profile. _Wdav-config_ and _wdav-kext_ are system configuration profiles that were added in Intune:
-    ![Profiles screenshot](images/MDATP_15_ManagementProfileConfig.png)
+    ![Profiles screenshot](../windows-defender-antivirus/images/MDATP-15-ManagementProfileConfig.png)
 
 3. You should also see the Microsoft Defender icon in the top-right corner:
 
-    ![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png)
+    ![Microsoft Defender icon in status bar screenshot](../windows-defender-antivirus/images/MDATP-Icon-Bar.png)
 
 ## Troubleshooting
 
@@ -341,8 +340,8 @@ Solution: Follow the steps above to create a device profile using WindowsDefende
 
 ## Logging installation issues
 
-For more information on how to find the automatically generated log that is created by the installer when an error occurs, see [Logging installation issues](microsoft-defender-atp-mac-resources.md#logging-installation-issues) .
+For more information on how to find the automatically generated log that is created by the installer when an error occurs, see [Logging installation issues](mac-resources.md#logging-installation-issues) .
 
 ## Uninstallation
 
-See [Uninstalling](microsoft-defender-atp-mac-resources.md#uninstalling) for details on how to remove Microsoft Defender ATP for Mac from client devices.
+See [Uninstalling](mac-resources.md#uninstalling) for details on how to remove Microsoft Defender ATP for Mac from client devices.

windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf.md

@@ -1,7 +1,6 @@
 ---
-title: Installing Microsoft Defender ATP for Mac with JAMF
+title: JAMF-based deployment for Microsoft Defender ATP for Mac
-ms.reviewer: 
+description: Install Microsoft Defender ATP for Mac, using JAMF.
-description: Describes how to install Microsoft Defender ATP for Mac, using JAMF.
 keywords: microsoft, defender, atp, mac, installation, deploy, uninstallation, intune, jamf, macos, catalina, mojave, high sierra
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -18,7 +17,7 @@ ms.collection: M365-security-compliance
 ms.topic: conceptual
 ---
 
-# JAMF-based deployment
+# JAMF-based deployment for Microsoft Defender ATP for Mac
 
 **Applies to:**
 
@@ -46,7 +45,7 @@ Download the installation and onboarding packages from Windows Defender Security
 3. In Section 2 of the page, select **Download installation package**. Save it as _wdav.pkg_ to a local directory.
 4. In Section 2 of the page, select **Download onboarding package**. Save it as _WindowsDefenderATPOnboardingPackage.zip_ to the same directory.
 
-    ![Windows Defender Security Center screenshot](images/MDATP_2_DownloadPackages.png)
+    ![Windows Defender Security Center screenshot](../windows-defender-antivirus/images/MDATP-2-DownloadPackages.png)
 
 5. From the command prompt, verify that you have the two files. Extract the contents of the .zip files like so:
 
@@ -79,7 +78,7 @@ To set the onboarding information, add a property list file with the name, _jamf
   >[!IMPORTANT]
   > You must set the Preference Domain as "com.microsoft.wdav.atp"
 
-![Configuration profile screenshot](images/MDATP_16_PreferenceDomain.png)
+![Configuration profile screenshot](../windows-defender-antivirus/images/MDATP-16-PreferenceDomain.png)
 
 ### Approved Kernel Extension
 
@@ -88,7 +87,7 @@ To approve the kernel extension:
 1. In **Computers > Configuration Profiles** select **Options > Approved Kernel Extensions**.
 2. Use **UBF8T346G9** for Team Id.
 
-![Approved kernel extensions screenshot](images/MDATP_17_approvedKernelExtensions.png)
+![Approved kernel extensions screenshot](../windows-defender-antivirus/images/MDATP-17-approvedKernelExtensions.png)
 
 ### Privacy Preferences Policy Control
 
@@ -104,7 +103,7 @@ Add the following JAMF policy to grant Full Disk Access to Microsoft Defender AT
 3. Set Code Requirement to `identifier "com.microsoft.wdav" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9`.
 4. Set app or service to SystemPolicyAllFiles and access to Allow.
 
-![Privacy Preferences Policy Control](images/MDATP_35_JAMF_PrivacyPreferences.png)
+![Privacy Preferences Policy Control](../windows-defender-antivirus/images/MDATP-35-JAMF-PrivacyPreferences.png)
 
 #### Configuration Profile's Scope
 
@@ -112,7 +111,7 @@ Configure the appropriate scope to specify the devices that will receive the con
 
 Open **Computers** > **Configuration Profiles**, and select **Scope > Targets**. From there, select the devices you want to target.
 
-![Configuration profile scope screenshot](images/MDATP_18_ConfigurationProfilesScope.png)
+![Configuration profile scope screenshot](../windows-defender-antivirus/images/MDATP-18-ConfigurationProfilesScope.png)
 
 Save the **Configuration Profile**.
 
@@ -132,7 +131,7 @@ Starting in macOS 10.15 (Catalina) a user must manually allow to display notific
 
 1. Create a package in **Settings > Computer Management > Packages**.
 
-    ![Computer management packages screenshot](images/MDATP_19_MicrosoftDefenderWDAVPKG.png)
+    ![Computer management packages screenshot](../windows-defender-antivirus/images/MDATP-19-MicrosoftDefenderWDAVPKG.png)
 
 2. Upload the package to the Distribution Point.
 3. In the **filename** field, enter the name of the package. For example, _wdav.pkg_.
@@ -141,7 +140,7 @@ Starting in macOS 10.15 (Catalina) a user must manually allow to display notific
 
 Your policy should contain a single package for Microsoft Defender.
 
-![Microsoft Defender packages screenshot](images/MDATP_20_MicrosoftDefenderPackages.png)
+![Microsoft Defender packages screenshot](../windows-defender-antivirus/images/MDATP-20-MicrosoftDefenderPackages.png)
 
 Configure the appropriate scope to specify the computers that will receive this policy.
 
@@ -156,12 +155,12 @@ You'll need no special provisioning for a macOS computer, beyond the standard JA
 
 1. Open **Device Profiles**, from the **General** tab, and make sure that **User Approved MDM** is set to **Yes**. If it's currently set to No, the user needs to open **System Preferences > Profiles** and select **Approve** on the MDM Profile.
 
-![MDM approve button screenshot](images/MDATP_21_MDMProfile1.png)
+![MDM approve button screenshot](../windows-defender-antivirus/images/MDATP-21-MDMProfile1.png)<br/>
-![MDM screenshot](images/MDATP_22_MDMProfileApproved.png)
+![MDM screenshot](../windows-defender-antivirus/images/MDATP-22-MDMProfileApproved.png)
 
 After a moment, the device's User Approved MDM status will change to **Yes**.
 
-![MDM status screenshot](images/MDATP_23_MDMStatus.png)
+![MDM status screenshot](../windows-defender-antivirus/images/MDATP-23-MDMStatus.png)
 
 You may now enroll additional devices. You may also enroll them later, after you have finished provisioning system configuration and application packages.
 
@@ -176,17 +175,17 @@ You can monitor deployment status in the **Logs** tab:
 - **Pending** means that the deployment is scheduled but has not yet happened
 - **Completed** means that the deployment succeeded and is no longer scheduled
 
-![Status on server screenshot](images/MDATP_24_StatusOnServer.png)
+![Status on server screenshot](../windows-defender-antivirus/images/MDATP-24-StatusOnServer.png)
 
 ### Status on client device
 
 After the Configuration Profile is deployed, you'll see the profile for the device in  **System Preferences** > **Profiles >**.
 
-![Status on client screenshot](images/MDATP_25_StatusOnClient.png)
+![Status on client screenshot](../windows-defender-antivirus/images/MDATP-25-StatusOnClient.png)
 
 Once the policy is applied, you'll see the Microsoft Defender ATP icon in the macOS status bar in the top-right corner.
 
-![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png)
+![Microsoft Defender icon in status bar screenshot](../windows-defender-antivirus/images/MDATP-Icon-Bar.png)
 
 You can monitor policy installation on a device by following the JAMF log file:
 
@@ -231,11 +230,11 @@ If the product is not healthy, the exit code (which can be checked through `echo
 
 ## Logging installation issues
 
-See [Logging installation issues](microsoft-defender-atp-mac-resources.md#logging-installation-issues) for more information on how to find the automatically generated log that is created by the installer when an error occurs.
+See [Logging installation issues](mac-resources.md#logging-installation-issues) for more information on how to find the automatically generated log that is created by the installer when an error occurs.
 
 ## Uninstallation
 
-This method is based on the script described in [Uninstalling](microsoft-defender-atp-mac-resources.md#uninstalling).
+This method is based on the script described in [Uninstalling](mac-resources.md#uninstalling).
 
 ### Script
 
@@ -258,12 +257,12 @@ This script removes Microsoft Defender ATP from the /Applications directory:
    echo "Done!"
 ```
 
-![Microsoft Defender uninstall screenshot](images/MDATP_26_Uninstall.png)
+![Microsoft Defender uninstall screenshot](../windows-defender-antivirus/images/MDATP-26-Uninstall.png)
 
 ### Policy
 
 Your policy should contain a single script:
 
-![Microsoft Defender uninstall script screenshot](images/MDATP_27_UninstallScript.png)
+![Microsoft Defender uninstall script screenshot](../windows-defender-antivirus/images/MDATP-27-UninstallScript.png)
 
 Configure the appropriate scope in the **Scope** tab to specify the machines that will receive this policy.

windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md

@@ -1,6 +1,6 @@
 ---
-title: Installing Microsoft Defender ATP for Mac with different MDM product
+title: Deployment with a different Mobile Device Management (MDM) system for Microsoft Defender ATP for Mac
-description: Describes how to install Microsoft Defender ATP for Mac on other management solutions.
+description: Install Microsoft Defender ATP for Mac on other management solutions.
 keywords: microsoft, defender, atp, mac, installation, deploy, macos, catalina, mojave, high sierra
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -17,7 +17,7 @@ ms.collection: M365-security-compliance
 ms.topic: conceptual
 ---
 
-# Deployment with a different Mobile Device Management (MDM) system
+# Deployment with a different Mobile Device Management (MDM) system for Microsoft Defender ATP for Mac
 
 **Applies to:**
 
@@ -49,21 +49,21 @@ You can deploy Defender without the last requirement from the preceding list, ho
 
 ## Deployment
 
-Most MDM solutions use the same model for managing macOS machines, with similar terminology. Use [JAMF-based deployment](microsoft-defender-atp-mac-install-with-jamf.md) as a template.
+Most MDM solutions use the same model for managing macOS machines, with similar terminology. Use [JAMF-based deployment](mac-install-with-jamf.md) as a template.
 
 ### Package
 
-Configure deployment of a [required application package](microsoft-defender-atp-mac-install-with-jamf.md#package), 
+Configure deployment of a [required application package](mac-install-with-jamf.md#package), 
-with the installation package (wdav.pkg) downloaded from [Microsoft Defender Security Center](microsoft-defender-atp-mac-install-with-jamf.md#download-installation-and-onboarding-packages).
+with the installation package (wdav.pkg) downloaded from [Microsoft Defender Security Center](mac-install-with-jamf.md#download-installation-and-onboarding-packages).
 
 In order to deploy the package to your enterprise, use the instructions associated with your MDM solution.
 
 ### License settings
 
-Set up [a system configuration profile](microsoft-defender-atp-mac-install-with-jamf.md#configuration-profile). 
+Set up [a system configuration profile](mac-install-with-jamf.md#configuration-profile). 
 Your MDM solution may call it something like "Custom Settings Profile", as Microsoft Defender ATP for Mac is not part of macOS.
 
-Use the property list, jamf/WindowsDefenderATPOnboarding.plist, which can be extracted from an onboarding package downloaded from [Microsoft Defender Security Center](microsoft-defender-atp-mac-install-with-jamf.md#download-installation-and-onboarding-packages).
+Use the property list, jamf/WindowsDefenderATPOnboarding.plist, which can be extracted from an onboarding package downloaded from [Microsoft Defender Security Center](mac-install-with-jamf.md#download-installation-and-onboarding-packages).
 Your system may support an arbitrary property list in XML format. You can upload the jamf/WindowsDefenderATPOnboarding.plist file as-is in that case.
 Alternatively, it may require you to convert the property list to a different format first.
 
@@ -76,4 +76,4 @@ Set up a KEXT or kernel extension policy. Use team identifier **UBF8T346G9** to
 
 ## Check installation status
 
-Run [mdatp](microsoft-defender-atp-mac-install-with-jamf.md#check-onboarding-status) on a client machine to check the onboarding status.
+Run [mdatp](mac-install-with-jamf.md#check-onboarding-status) on a client machine to check the onboarding status.

windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md

@@ -1,7 +1,6 @@
 ---
 title: Set preferences for Microsoft Defender ATP for Mac
-ms.reviewer: 
+description: Configure Microsoft Defender ATP for Mac in enterprises.
-description: Describes how to configure Microsoft Defender ATP for Mac in enterprises.
 keywords: microsoft, defender, atp, mac, management, preferences, enterprise, intune, jamf, macos, catalina, mojave, high sierra
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -25,7 +24,7 @@ ms.topic: conceptual
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md)
 
 >[!IMPORTANT]
->This topic contains instructions for how to set preferences for Microsoft Defender ATP for Mac in enterprise environments. If you are interested in configuring the product on a device from the command-line, please refer to the [Resources](microsoft-defender-atp-mac-resources.md#configuring-from-the-command-line) page.
+>This topic contains instructions for how to set preferences for Microsoft Defender ATP for Mac in enterprise environments. If you are interested in configuring the product on a device from the command-line, please refer to the [Resources](mac-resources.md#configuring-from-the-command-line) page.
 
 In enterprise environments, Microsoft Defender ATP for Mac can be managed through a configuration profile. This profile is deployed from management tool of your choice. Preferences managed by the enterprise take precedence over the ones set locally on the device. In other words, users in your enterprise are not able to change preferences that are set through this configuration profile.
 
@@ -262,6 +261,28 @@ Whether the status menu icon (shown in the top-right corner of the screen) is hi
 | **Data type** | Boolean |
 | **Possible values** | false (default) <br/> true |
 
+### EDR preferences
+
+The *edr* section of the configuration profile is used to manage the preferences of the EDR component of the product.
+
+|||
+|:---|:---|
+| **Domain** | com.microsoft.wdav |
+| **Key** | edr |
+| **Data type** | Dictionary (nested preference) |
+| **Comments** | See the following sections for a description of the dictionary contents. |
+
+#### Enable / disable early preview
+
+Whether EDR early preview features are enabled or not.
+
+|||
+|:---|:---|
+| **Domain** | com.microsoft.wdav |
+| **Key** | earlyPreview |
+| **Data type** | Boolean |
+| **Possible values** | true (default) <br/> false |
+
 ## Recommended configuration profile
 
 To get started, we recommend the following configuration profile for your enterprise to take advantage of all protection features that Microsoft Defender ATP provides.

windows/security/threat-protection/microsoft-defender-atp/mac-privacy.md

@@ -1,7 +1,6 @@
 ---
 title: Privacy for Microsoft Defender ATP for Mac
-ms.reviewer: 
+description: Privacy controls, how to configure policy settings that impact privacy and information about the diagnostic data collected in Microsoft Defender ATP for Mac.
-description: Describes privacy controls, how to configure policy settings that impact privacy and information about the diagnostic data collected in Microsoft Defender ATP for Mac.
 keywords: microsoft, defender, atp, mac, privacy, diagnostic
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -62,7 +61,7 @@ When this feature is enabled and the sample that is collected is likely to conta
 
 If you're an IT administrator, you might want to configure these controls at the enterprise level. 
 
-The privacy controls for the various types of data described in the preceding section are described in detail in [Set preferences for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-preferences.md).
+The privacy controls for the various types of data described in the preceding section are described in detail in [Set preferences for Microsoft Defender ATP for Mac](mac-preferences.md).
 
 As with any new policy settings, you should carefully test them out in a limited, controlled environment to ensure the settings that you configure have the desired effect before you implement the policy settings more widely in your organization.
 

windows/security/threat-protection/microsoft-defender-atp/mac-pua.md

@@ -1,7 +1,6 @@
 ---
-title: Detect and block potentially unwanted applications
+title: Detect and block potentially unwanted applications with Microsoft Defender ATP for Mac
-ms.reviewer:
+description: Detect and block Potentially Unwanted Applications (PUA) using Microsoft Defender ATP for Mac.
-description: Describes how to detect and block Potentially Unwanted Applications (PUA) using Microsoft Defender ATP for Mac.
 keywords: microsoft, defender, atp, mac, pua, pus
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -18,7 +17,7 @@ ms.collection: M365-security-compliance
 ms.topic: conceptual
 ---
 
-# Detect and block potentially unwanted applications
+# Detect and block potentially unwanted applications with Microsoft Defender ATP for Mac
 
 **Applies to:**
 
@@ -59,8 +58,8 @@ $ mdatp --threat --type-handling potentially_unwanted_application [off|audit|blo
 
 ### Use the management console to configure PUA protection:
 
-In your enterprise, you can configure PUA protection from a management console, such as JAMF or Intune, similarly to how other product settings are configured. For more information, see the [Threat type settings](microsoft-defender-atp-mac-preferences.md#threat-type-settings) section of the [Set preferences for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-preferences.md) topic.
+In your enterprise, you can configure PUA protection from a management console, such as JAMF or Intune, similarly to how other product settings are configured. For more information, see the [Threat type settings](mac-preferences.md#threat-type-settings) section of the [Set preferences for Microsoft Defender ATP for Mac](mac-preferences.md) topic.
 
 ## Related topics
 
-- [Set preferences for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-preferences.md)
+- [Set preferences for Microsoft Defender ATP for Mac](mac-preferences.md)

windows/security/threat-protection/microsoft-defender-atp/mac-resources.md

@@ -1,7 +1,6 @@
 ---
-title: Microsoft Defender ATP for Mac Resources
+title: Resources for Microsoft Defender ATP for Mac
-ms.reviewer: 
+description: Resources for Microsoft Defender ATP for Mac, including how to uninstall it, how to collect diagnostic logs, CLI commands, and known issues with the product.
-description: Describes resources for Microsoft Defender ATP for Mac, including how to uninstall it, how to collect diagnostic logs, CLI commands, and known issues with the product.
 keywords: microsoft, defender, atp, mac, installation, deploy, uninstallation, intune, jamf, macos, catalina, mojave, high sierra
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -18,7 +17,7 @@ ms.collection: M365-security-compliance
 ms.topic: conceptual
 ---
 
-# Resources
+# Resources for Microsoft Defender ATP for Mac
 
 **Applies to:**
 
@@ -95,18 +94,24 @@ Important tasks, such as controlling product settings and triggering on-demand s
 |Protection   |Do a full scan                             |`mdatp --scan --full`                                                  |
 |Protection   |Cancel an ongoing on-demand scan           |`mdatp --scan --cancel`                                                |
 |Protection   |Request a security intelligence update     |`mdatp --definition-update`                                            |
+|EDR          |Turn on/off EDR preview for Mac            |`mdatp --early-preview [true/false]`                                   |
+|EDR          |Add group tag to machine. EDR tags are used for managing machine groups. For more information, please visit https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/machine-groups |`mdatp --set-tag GROUP [name]` |
+|EDR          |Remove group tag from machine              |`mdatp --remove-tag [name]`                                            |
 
 ## Microsoft Defender ATP portal information
 
-In the Microsoft Defender ATP portal, you'll see two categories of information:
+In the Microsoft Defender ATP portal, you'll see two categories of information.
+
+Antivirus alerts, including:
 
-- Antivirus alerts, including:
   - Severity
   - Scan type
   - Device information (hostname, machine identifier, tenant identifier, app version, and OS type)
   - File information (name, path, size, and hash)
   - Threat information (name, type, and state)
-- Device information, including:
+
+Device information, including:
+
   - Machine identifier
   - Tenant identifier
   - App version

windows/security/threat-protection/microsoft-defender-atp/mac-support-kext.md

@@ -0,0 +1,90 @@
+---
+title: Troubleshoot kernel extension issues in Microsoft Defender ATP for Mac
+description: Troubleshoot kernel extension-related issues in Microsoft Defender ATP for Mac.
+keywords: microsoft, defender, atp, mac, kernel, extension
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dansimp
+author: dansimp
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: conceptual
+---
+
+# Troubleshoot kernel extension issues in Microsoft Defender ATP for Mac
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md)
+
+This topic provides information on how to troubleshoot issues with the kernel extension that is installed as part of Microsoft Defender ATP for Mac.
+
+Starting with macOS High Sierra (10.13), macOS requires all kernel extensions to be explicitly approved before they are allowed to run on the device.
+
+If you did not approve the kernel extension during the deployment / installation of Microsoft Defender ATP for Mac, then the application displays a banner prompting you to enable it:
+
+   ![RTP disabled screenshot](../windows-defender-antivirus/images/MDATP-32-Main-App-Fix.png)
+
+You can also run ```mdatp --health```. It reports if real-time protection is enabled but not available. This is an indication that the kernel extension is not approved to run on your device.
+
+```bash
+$ mdatp --health
+...
+realTimeProtectionAvailable             : false
+realTimeProtectionEnabled               : true
+...
+```
+
+The following sections provide guidance on how to address this issue, depending on the method that you used to deploy Microsoft Defender ATP for Mac.
+
+## Managed deployment
+
+See the instructions corresponding to the management tool that you used to deploy the product:
+
+- [JAMF-based deployment](mac-install-with-jamf.md#configuration-profile)
+- [Microsoft Intune-based deployment](mac-install-with-intune.md#create-system-configuration-profiles)
+
+## Manual deployment
+
+If less than 30 minutes have passed since the product was installed, navigate to **System Preferences** > **Security & Privacy**, where you have to **Allow** system software from developers "Microsoft Corporation".
+
+If you don't see this prompt, it means that 30 or more minutes have passed, and the kernel extension still not been approved to run on your device:
+
+![Security and privacy window after prompt expired screenshot](../windows-defender-antivirus/images/MDATP-33-SecurityPrivacySettings-NoPrompt.png)
+
+In this case, you need to perform the following steps to trigger the approval flow again.
+
+1. In Terminal, attempt to install the driver. The following operation will fail, because the kernel extension was not approved to run on the device, however it will trigger the approval flow again.
+
+    ```bash
+    $ sudo kextutil /Library/Extensions/wdavkext.kext
+    Kext rejected due to system policy: <OSKext 0x7fc34d528390 [0x7fffa74aa8e0]> { URL = "file:///Library/StagedExtensions/Library/Extensions/wdavkext.kext/", ID = "com.microsoft.wdavkext" }
+    Kext rejected due to system policy: <OSKext 0x7fc34d528390 [0x7fffa74aa8e0]> { URL = "file:///Library/StagedExtensions/Library/Extensions/wdavkext.kext/", ID = "com.microsoft.wdavkext" }
+    Diagnostics for /Library/Extensions/wdavkext.kext:
+    ```
+
+2. Open **System Preferences** > **Security & Privacy** from the menu. (Close it first, if it's opened.)
+
+3. **Allow** system software from developers "Microsoft Corporation"
+
+4. In Terminal, install the driver again. This time the operation will succeed:
+
+```bash
+$ sudo kextutil /Library/Extensions/wdavkext.kext
+```
+
+The banner should disappear from the Defender application, and ```mdatp --health``` should now report that real-time protection is both enabled and available:
+
+```bash
+$ mdatp --health
+...
+realTimeProtectionAvailable             : true
+realTimeProtectionEnabled               : true
+...
+```

windows/security/threat-protection/microsoft-defender-atp/mac-support-perf.md

@@ -0,0 +1,54 @@
+---
+title: Troubleshoot performance issues for Microsoft Defender ATP for Mac
+description: Troubleshoot performance issues in Microsoft Defender ATP for Mac.
+keywords: microsoft, defender, atp, mac, performance
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dansimp
+author: dansimp
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: conceptual
+---
+
+# Troubleshoot performance issues for Microsoft Defender ATP for Mac
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md)
+
+This topic provides some general steps that can be used to narrow down performance issues related to Microsoft Defender ATP for Mac.
+
+Real-time protection (RTP) is a feature of Microsoft Defender ATP for Mac that continuously monitors and protects your device against threats. It consists of file and process monitoring and other heuristics.
+
+Depending on the applications that you are running and your device characteristics, you may experience suboptimal performance when running Microsoft Defender ATP for Mac. In particular, applications or system processes that access many resources over a short timespan can lead to performance issues in Microsoft Defender ATP for Mac.
+
+The following steps can be used to troubleshoot and mitigate these issues:
+
+1. Disable real-time protection using one of the following methods and observe whether the performance improves. This approach helps narrow down whether Microsoft Defender ATP for Mac is contributing to the performance issues.
+
+    If your device is not managed by your organization, real-time protection can be disabled using one of the following options:
+
+    - From the user interface. Open Microsoft Defender ATP for Mac and navigate to **Manage settings**.
+
+    ![Manage real-time protection screenshot](../windows-defender-antivirus/images/mdatp-36-rtp.png)
+
+    - From the Terminal. For security purposes, this operation requires elevation.
+
+    ```bash
+    $ mdatp --config realTimeProtectionEnabled false
+    ```
+
+    If your device is managed by your organization, real-time protection can be disabled by your administrator using the instructions in [Set preferences for Microsoft Defender ATP for Mac](mac-preferences.md).
+
+2. Open Finder and navigate to **Applications** > **Utilities**. Open **Activity Monitor** and analyze which applications are using the resources on your system. Typical examples include software updaters and compilers.
+
+3. Configure Microsoft Defender ATP for Mac with exclusions for the processes or disk locations that contribute to the performance issues and re-enable real-time protection.
+
+    See [Configure and validate exclusions for Microsoft Defender ATP for Mac](mac-exclusions.md) for details.

windows/security/threat-protection/microsoft-defender-atp/mac-updates.md

@@ -1,7 +1,6 @@
 ---
 title: Deploy updates for Microsoft Defender ATP for Mac
-ms.reviewer: 
+description: Control updates for Microsoft Defender ATP for Mac in enterprise environments.
-description: Describes how to control updates for Microsoft Defender ATP for Mac in enterprise environments.
 keywords: microsoft, defender, atp, mac, updates, deploy
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -28,7 +27,7 @@ Microsoft regularly publishes software updates to improve performance, security,
 
 To update Microsoft Defender ATP for Mac, a program named Microsoft AutoUpdate (MAU) is used. By default, MAU automatically checks for updates daily, but you can change that to weekly, monthly, or manually.
 
-![MAU screenshot](images/MDATP_34_MAU.png)
+![MAU screenshot](../windows-defender-antivirus/images/MDATP-34-MAU.png)
 
 If you decide to deploy updates by using your software distribution tools, you should configure MAU to manually check for software updates. You can deploy preferences to configure how and when MAU checks for updates for the Macs in your organization.
 

windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md

@@ -1,6 +1,5 @@
 ---
-title: Microsoft Defender ATP for Mac What's New
+title: What's new in Microsoft Defender Advanced Threat Protection for Mac
-ms.reviewer: 
 description: List of major changes for Microsoft Defender ATP for Mac.
 keywords: microsoft, defender, atp, mac, installation, macos, whatsnew
 search.product: eADQiWindows 10XVcnh
@@ -30,7 +29,7 @@ ms.topic: conceptual
 
 ## 100.68.99
 
-- Added the ability to configure the antivirus functionality to run in [passive mode](microsoft-defender-atp-mac-preferences.md#enable--disable-passive-mode)
+- Added the ability to configure the antivirus functionality to run in [passive mode](mac-preferences.md#enable--disable-passive-mode)
 - Performance improvements & bug fixes
 
 ## 100.65.28
@@ -42,7 +41,7 @@ ms.topic: conceptual
 >
 > The mechanism for granting this consent depends on how you deployed Microsoft Defender ATP:
 >
-> - For manual deployments, see the updated instructions in the [Manual deployment](microsoft-defender-atp-mac-install-manually.md#how-to-allow-full-disk-access) topic.
+> - For manual deployments, see the updated instructions in the [Manual deployment](mac-install-manually.md#how-to-allow-full-disk-access) topic.
-> - For managed deployments, see the updated instructions in the [JAMF-based deployment](microsoft-defender-atp-mac-install-with-jamf.md#privacy-preferences-policy-control) and [Microsoft Intune-based deployment](microsoft-defender-atp-mac-install-with-intune.md#create-system-configuration-profiles) topics.
+> - For managed deployments, see the updated instructions in the [JAMF-based deployment](mac-install-with-jamf.md#privacy-preferences-policy-control) and [Microsoft Intune-based deployment](mac-install-with-intune.md#create-system-configuration-profiles) topics.
 
 - Performance improvements & bug fixes

windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md

@@ -1,6 +1,6 @@
 ---
 title: Microsoft Defender ATP for Mac
-ms.reviewer: 
+ms.reviewer:
 description: Describes how to install and use Microsoft Defender ATP for Mac.
 keywords: microsoft, defender, atp, mac, installation, deploy, uninstallation, intune, jamf, macos, catalina, mojave, high sierra
 search.product: eADQiWindows 10XVcnh
@@ -14,7 +14,7 @@ author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
-ms.collection: M365-security-compliance 
+ms.collection: M365-security-compliance
 ms.topic: conceptual
 ---
 
@@ -27,38 +27,53 @@ This topic describes how to install, configure, update, and use Microsoft Defend
 
 ## What’s new in the latest release
 
-[What's new](microsoft-defender-atp-mac-whatsnew.md)
+[What's new](mac-whatsnew.md)
 
 If you have any feedback that you would like to share, submit it by opening Microsoft Defender ATP for Mac on your device and navigating to **Help** > **Send feedback**.
 
+To learn how to configure a macOS machine running Microsoft Defender ATP to be an "Insider" machine, go to [Enable Microsoft Defender ATP Insider Machine](endpoint-detection-response-mac-preview.md)
+
 ## How to install Microsoft Defender ATP for Mac
 
 ### Prerequisites
 
-- Access to the Microsoft Defender Security Center portal
+- A Microsoft Defender ATP subscription and access to the Microsoft Defender Security Center portal
 - Beginner-level experience in macOS and BASH scripting
 - Administrative privileges on the device (in case of manual deployment)
 
+### Installation instructions
+
+There are several methods and deployment tools that you can use to install and configure Microsoft Defender ATP for Mac.
+
+* Third-party management tools:
+    * [Microsoft Intune-based deployment](mac-install-with-intune.md)
+    * [JAMF-based deployment](mac-install-with-jamf.md)
+    * [Other MDM products](mac-install-with-other-mdm.md)
+
+* Command-line tool:
+    * [Manual deployment](mac-install-manually.md)
+
 ### System requirements
 
-> [!CAUTION]
+The three most recent major releases of macOS are supported.
-> The three most recent major releases of macOS are supported. Beta versions of macOS are not supported.
->
-> macOS Sierra (10.12) support will end on January 1, 2020.
 
-- Supported macOS versions: 10.15 (Catalina), 10.14 (Mojave), 10.13 (High Sierra)
+- 10.15 (Catalina), 10.14 (Mojave), 10.13 (High Sierra)
 - Disk space: 650 MB
 
+Beta versions of macOS are not supported. macOS Sierra (10.12) support will end on January 1, 2020.
+
 After you've enabled the service, you may need to configure your network or firewall to allow outbound connections between it and your endpoints.
 
+### Network connections
+
 The following table lists the services and their associated URLs that your network must be able to connect to. You should ensure that there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an *allow* rule specifically for them.
 
 | Service location                         | DNS record              |
 | ---------------------------------------- | ----------------------- |
-| Common URLs for all locations            |  x.cp.wd.microsoft.com <br/> cdn.x.cp.wd.microsoft.com <br/> eu-cdn.x.cp.wd.microsoft.com <br/> wu-cdn.x.cp.wd.microsoft.com <br/> *.blob.core.windows.net <br/> officecdn-microsoft-com.akamaized.net |
+| Common URLs for all locations            |  x.cp.wd.microsoft.com <br/> cdn.x.cp.wd.microsoft.com <br/> eu-cdn.x.cp.wd.microsoft.com <br/> wu-cdn.x.cp.wd.microsoft.com <br/> *.blob.core.windows.net <br/> officecdn-microsoft-com.akamaized.net <br/> crl.microsoft.com <br/>  events.data.microsoft.com |
-| European Union                           | europe.x.cp.wd.microsoft.com |
+| European Union                           | europe.x.cp.wd.microsoft.com <br/> eu-v20.events.data.microsoft.com |
-| United Kingdom                           | unitedkingdom.x.cp.wd.microsoft.com |
+| United Kingdom                           | unitedkingdom.x.cp.wd.microsoft.com <br/> uk-v20.events.data.microsoft.com |
-| United States                            | unitedstates.x.cp.wd.microsoft.com |
+| United States                            | unitedstates.x.cp.wd.microsoft.com  <br/> us-v20.events.data.microsoft.com |
 
 Microsoft Defender ATP can discover a proxy server by using the following discovery methods:
 - Web Proxy Auto-discovery Protocol (WPAD)
@@ -83,33 +98,23 @@ The output from this command should be similar to the following:
 > [!CAUTION]
 > We recommend that you keep [System Integrity Protection](https://support.apple.com/en-us/HT204899) (SIP) enabled on client machines. SIP is a built-in macOS security feature that prevents low-level tampering with the OS, and is enabled by default.
 
-### Installation instructions
+Once Microsoft Defender ATP is installed, connectivity can be validated by running the following command in Terminal:
-
+```bash
-There are several methods and deployment tools that you can use to install and configure Microsoft Defender ATP for Mac.
+$ mdatp --connectivity-test
-
+```
-In general you need to take the following steps:
-
-- Ensure that you have a Microsoft Defender ATP subscription and have access to the Microsoft Defender ATP Portal
-- Deploy Microsoft Defender ATP for Mac using one of the following deployment methods:
-  - Via third-party management tools:
-    - [Microsoft Intune-based deployment](microsoft-defender-atp-mac-install-with-intune.md)
-    - [JAMF-based deployment](microsoft-defender-atp-mac-install-with-jamf.md)
-    - [Other MDM products](microsoft-defender-atp-mac-install-with-other-mdm.md)
-  - Via the command-line tool:
-    - [Manual deployment](microsoft-defender-atp-mac-install-manually.md)
 
 ## How to update Microsoft Defender ATP for Mac
 
 Microsoft regularly publishes software updates to improve performance, security, and to deliver new features. To update Microsoft Defender ATP for Mac, a program named Microsoft AutoUpdate (MAU) is used.
 
-To read more on how to configure MAU in enterprise environments, refer to [Deploy updates for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-updates.md)
+To read more on how to configure MAU in enterprise environments, refer to [Deploy updates for Microsoft Defender ATP for Mac](mac-updates.md)
 
 ## How to configure Microsoft Defender ATP for Mac
 
-Guidance for how to configure the product in enterprise environments is available in [Set preferences for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-preferences.md).
+Guidance for how to configure the product in enterprise environments is available in [Set preferences for Microsoft Defender ATP for Mac](mac-preferences.md).
 
 ## Resources
 
-- For more information about logging, uninstalling, or other topics, see the [Resources](microsoft-defender-atp-mac-resources.md) page.
+- For more information about logging, uninstalling, or other topics, see the [Resources](mac-resources.md) page.
 
-- [Privacy for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-privacy.md)
+- [Privacy for Microsoft Defender ATP for Mac](mac-privacy.md)

windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md

@@ -62,7 +62,7 @@ Microsoft Defender ATP’s Threat & Vulnerability Management allows security adm
 - [Exposure score](tvm-exposure-score.md)
 - [Configuration score](configuration-score.md)
 - [Security recommendations](tvm-security-recommendation.md)
-- [Remediation](tvm-remediation.md)
+- [Remediation and exception](tvm-remediation.md)
 - [Software inventory](tvm-software-inventory.md)
 - [Weaknesses](tvm-weaknesses.md)
 - [Scenarios](threat-and-vuln-mgt-scenarios.md)

windows/security/threat-protection/microsoft-defender-atp/preview.md

@@ -42,11 +42,11 @@ Turn on the preview experience setting to be among the first to try upcoming fea
 ## Preview features
 The following features are included in the preview release:
 
-- [Microsoft Defender ATP for Mac](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac) <BR> Microsoft Defender ATP for Mac brings the next-generation protection, and endpoint detection and response coverage to Mac devices. Core components of the unified endpoint security platform will now be available for Mac devices.
-
 - [Threat & Vulnerability Management Report inaccuracy](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation#report-inaccuracy) <BR> You can report a false positive when you see any vague, inaccurate, incomplete, or already remediated [security recommendation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation#report-inaccuracy), [software inventory](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory#report-inaccuracy), and [discovered vulnerabilities](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses#report-inaccuracy).  
  
 - [Threat & Vulnerability Management Advanced Hunting Schemas](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-registryevents-table) <BR> You can now use the Threat & Vulnerability Management tables in the Advanced hunting schema to query about software inventory, vulnerability knowledgebase, security configuration assessment, and security configuration knowledgebase. 
+ 
+ - [Threat & Vulnerability Management role-based access controls](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group) <BR> You can now use the new permissions to allow maximum flexibility to create SecOps-oriented roles, Threat & Vulnerability Management-oriented roles, or hybrid roles so only authorized users are accessing specific data to do their task. You can also achieve even further granularity by specifying whether a Threat & Vulnerability Management role can only view vulnerability-related data, or can create and manage remediation and exceptions.
 
 - [Threat & Vulnerability Management granular exploit details](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses) <BR> You can now see a comprehensive set of details on the vulnerabilities found in your machine to give you informed decision on your next steps. The threat insights icon now shows more granular details, such as if the exploit is a part of an exploit kit, connected to specific advanced persistent campaigns or activity groups for which, Threat Analytics report links are provided that you can read, has associated zero-day exploitation news, disclosures, or related security advisories.
 

windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md

@@ -143,12 +143,17 @@ When an exception is created for a recommendation, the recommendation is no long
 2. Click the top-most recommendation. A flyout panel opens with the recommendation details.
 
 3. Click **Exception options**.
+![Screenshot of the exception option in the remediation flyout pane](images/tvm-exception-option.png)
 
 4. Select your justification for the exception you need to file instead of remediating the security recommendation in question. Fill out the justification context, then set the exception duration.
 
+> ![Screenshot of exception flyout page which details justification and context](images/tvm-exception-flyout.png)
+
 5. Click **Submit**. A confirmation message at the top of the page indicates that the exception has been created.
+![Screenshot of exception confirmation message](images/tvm-exception-confirmation.png)
 
 6. Navigate to the **Remediation** page under the **Threat & Vulnerability Management** menu and click the **Exceptions** tab to view all your exceptions (current and past). 
+![Screenshot of exception list of exceptions in the Remediation page](images/tvm-exception-list.png) 
 
 ## Use Advanced hunting query to search for machines with High active alerts or critical CVE public exploit 
 
@@ -179,7 +184,7 @@ ComputerName=any(ComputerName) by MachineId, AlertId
 - [Exposure score](tvm-exposure-score.md)
 - [Configuration score](configuration-score.md)
 - [Security recommendations](tvm-security-recommendation.md)
-- [Remediation](tvm-remediation.md)
+- [Remediation and exception](tvm-remediation.md)
 - [Software inventory](tvm-software-inventory.md)
 - [Weaknesses](tvm-weaknesses.md)
 - [Advanced hunting overview](overview-hunting.md)

windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md

@@ -53,7 +53,7 @@ Area | Description
 (2) Threat & Vulnerability Management navigation pane | Use the navigation pane to move across the **Threat and Vulnerability Management Dashboard**, **Security recommendations**, **Remediation**, **Software inventory**, and **Weaknesses**.
 **Dashboards**	| Get a high-level view of the organization exposure score, organization configuration score, machine exposure distribution, top security recommendations, top vulnerable software, top remediation activities, and top exposed machines data.
 **Security recommendations** | See the list of security recommendations, their related components, insights, number or exposed devices, impact, and request for remediation. You can click each item on the list, a flyout panel opens with vulnerability details, open the software page, see the remediation, and exception options. You can also open a ticket in Intune if your machines are joined through Azure Active Directory and you have enabled your Intune connections in Microsoft Defender ATP. See [Security recommendations](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation) for more information.
-**Remediation** | See the remediation activity, related component, remediation type, status, due date, option to export the remediation and process data to CSV, and active exceptions. See [Remediation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation) for more information.
+**Remediation** | See the remediation activity, related component, remediation type, status, due date, option to export the remediation and process data to CSV, and active exceptions. See [Remediation and exception](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation) for more information.
 **Software inventory** | See the list of applications, versions, weaknesses, whether there’s an exploit found on the application, prevalence in the organization, how many were installed, how many exposed devices are there, and the numerical value of the impact. You can select each item in the list and opt to open the software page which shows the associated vulnerabilities, misconfigurations, affected machine, version distribution details, and missing KBs or security updates. See [Software inventory](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory) for more information.
 **Weaknesses** | See the list of common vulnerabilities and exposures, the severity, its common vulnerability scoring system (CVSS) V3 score, related software, age, when it was published, related threat alerts, and how many exposed machines are there. You can select each item in the list and it opens a flyout panel with the vulnerability description and other details. See [Weaknesses](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses) for more information.
 (3) Threat & Vulnerability Management dashboard | Access the **Exposure score**, **Configuration score**, **Exposure distribution**, **Top security recommendations**, **Top vulnerable software**, **Top remediation activities**, and **Top exposed machines**.
@@ -73,7 +73,7 @@ See [Microsoft Defender ATP icons](https://docs.microsoft.com/windows/security/t
 - [Exposure score](tvm-exposure-score.md)
 - [Configuration score](configuration-score.md)
 - [Security recommendations](tvm-security-recommendation.md)
-- [Remediation](tvm-remediation.md)
+- [Remediation and exception](tvm-remediation.md)
 - [Software inventory](tvm-software-inventory.md)
 - [Weaknesses](tvm-weaknesses.md)
 - [Scenarios](threat-and-vuln-mgt-scenarios.md)

windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md

@@ -42,7 +42,7 @@ Reduce the exposure score by addressing what needs to be remediated based on the
 - [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md)
 - [Configuration score](configuration-score.md)
 - [Security recommendations](tvm-security-recommendation.md)
-- [Remediation](tvm-remediation.md)
+- [Remediation and exception](tvm-remediation.md)
 - [Software inventory](tvm-software-inventory.md)
 - [Weaknesses](tvm-weaknesses.md)
 - [Scenarios](threat-and-vuln-mgt-scenarios.md)

windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md

@@ -1,6 +1,6 @@
 ---
-title: Remediation
+title: Remediation and exception
-description: You can lower down your organization's exposure from vulnerabilities and increase your security configuration by remediating the security recommendations. Threat & Vulnerability Management bridges the gap between security administration and IT administration during remediation process. It does so by creating a security task or ticket through integration with Microsoft Intune and Microsoft System Center Configuration Manager (SCCM). 
+description: You can lower down your organization's exposure from vulnerabilities and increase your security configuration by remediating the security recommendations or filing exceptions provided there are compensation controls. Threat & Vulnerability Management bridges the gap between security administration and IT administration during remediation process. It does so by creating a security task or ticket through integration with Microsoft Intune and Microsoft System Center Configuration Manager (SCCM). 
 keywords: microsoft defender atp tvm remediation, mdatp tvm, threat & vulnerability management, threat & vulnerability management remediation, tvm remediation intune, tvm remediation sccm
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -17,7 +17,7 @@ ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 04/11/2019
 ---
-# Remediation
+# Remediation and exception
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
@@ -47,11 +47,62 @@ When you submit a remediation request from Threat & Vulnerability Management, it
 
 It creates a security task which will be tracked in Threat & Vulnerability Management **Remediation** page, and it also creates a remediation ticket in Microsoft Intune.
 
-You also have the option to export all remediation activity data to CSV for records, reporting purposes, or if you want to notify your IT administration counterpart that a remediation ticket has been submitted. 
 
 The dashboard will show that status of your top remediation activities. Click any of the entries and it will take you to the **Remediation** page. You can mark the remediation activity as completed after the IT administration team remediates the task. 
 
-However, if the security recommendation stemmed from a false positive report, or if there are existing business justification that blocks the remediation, such as compensating control, productivity needs, compliance, or if there's already a planned remediation grace period, you can file an exception and indicate the reason. The exceptions you've filed will also show up in the **Remediation** page, in the **Exceptions** tab.
+## When to file for exception instead of remediating issues 
+You can file exceptions to exclude certain recommendation from showing up in reports and affecting risk scores or secure scores.
+
+When you select a security recommendation, it opens up a flyout screen with details and options for your next step. You can either **Open software page**, choose from **Remediation options**, go through **Exception options** to file for exceptions, or **Report inaccuracy**.
+
+Select **Exception options** and a flyout screen opens.
+
+![Screenshot of exception flyout screen](images/tvm-exception-flyout.png)
+
+### Exception justification
+If the security recommendation stemmed from a false positive report, or if there are existing business justification that blocks the remediation, such as compensating control, productivity needs, compliance, or if there's already a planned remediation grace period, you can file an exception and indicate the reason. The following list details the justifications behind the exception options:
+
+-   **Compensating/alternate control** - A 3rd party control that mitigates this recommendation exists, for example, if Network Firewall -   -   prevents access to a machine, third party antivirus
+-   **Productivity/business need** - Remediation will impact productivity or interrupt business-critical workflow 
+-   **Accept risk** - Poses low risk and/or implementing a compensating control is too expensive
+-   **Planned remediation (grace)** - Already planned but is awaiting execution or authorization
+-   **Other** - False positive
+   
+   
+   ![Screenshot of exception reason dropdown menu](images/tvm-exception-dropdown.png)
+
+### Exception visibility
+The exceptions you've filed will show up in the **Remediation** page, in the **Exceptions** tab.
+However, you also have the option to filter your view based on exception justification, type, and status.  
+
+![Screenshot of exception tab and filters](images/tvm-exception-filters.png)
+
+Aside from that, there's also an option to **Show exceptions** at the bottom of the **Top security recommendations** card in the dashboard. 
+
+![Screenshot of Show exceptions link in the  Top security recommendations card in the dashboard](images/tvm-exception-dashboard.png)
+
+Clicking the link opens up to the **Security recommendations** page, where you can select the item exempted item with details.
+
+![Screenshot of exception details in the Security recommendation page](images/tvm-exception-details.png)
+
+### Actions on exceptions
+-  Cancel - You can cancel the exceptions you've filed any time
+-  Resurface - Your exception automatically becomes void and resurfaces in the security recommendation list when dynamic environmental factors change, which adversely affect the exposure impact associated with a recommendation that had previously been excluded
+
+### Exception status
+-   **Canceled** - The exception has been canceled and is no longer in effect  
+-   **Expired** - The exception that you've filed is no longer in effect
+-   **In effect** - The exception that you've filed is in progress
+
+### Exception impact on scores
+Creating an exception can potentially affect the Exposure Score (for both types of weaknesses) and Secure Score (for configurations) of your organization in the following manner:
+-   **No impact** - Removes the recommendation from the lists (which can be reverse through filters), but will not affect the scores
+-   **Mitigation-like impact** - As if the recommendation was mitigated (and scores will be adjusted accordingly) when you select it as a compensating control.
+-   **Hybrid** - Provides visibility on both No impact and Mitigation-like impact. It shows both the Exposure Score and Secure Score results out of the exception option that you made
+
+The exception impact shows on both the Security recommendations page column and in the flyout pane.
+
+![Screenshot of where to find the exception impact](images/tvm-exception-impact.png)
 
 ## Related topics
 - [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) 

windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md

@@ -84,7 +84,7 @@ You can report a false positive when you see any vague, inaccurate, incomplete,
 - [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md)
 - [Exposure score](tvm-exposure-score.md)
 - [Configuration score](configuration-score.md)
-- [Remediation](tvm-remediation.md)
+- [Remediation and exception](tvm-remediation.md)
 - [Software inventory](tvm-software-inventory.md)
 - [Weaknesses](tvm-weaknesses.md)
 - [Scenarios](threat-and-vuln-mgt-scenarios.md) 

windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md

@@ -63,6 +63,6 @@ You can report a false positive when you see any vague, inaccurate version, inco
 - [Exposure score](tvm-exposure-score.md)
 - [Configuration score](configuration-score.md)
 - [Security recommendation](tvm-security-recommendation.md)
-- [Remediation](tvm-remediation.md)
+- [Remediation and exception](tvm-remediation.md)
 - [Weaknesses](tvm-weaknesses.md)
 - [Scenarios](threat-and-vuln-mgt-scenarios.md)

windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md

@@ -15,7 +15,7 @@ manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: conceptual
-ms.date: 04/11/2019
+ms.date: 10/31/2019
 ---
 # Weaknesses
 **Applies to:**
@@ -126,6 +126,6 @@ You can report a false positive when you see any vague, inaccurate, missing, or
 - [Exposure score](tvm-exposure-score.md)
 - [Configuration score](configuration-score.md)
 - [Security recommendation](tvm-security-recommendation.md)
-- [Remediation](tvm-remediation.md)
+- [Remediation and exception](tvm-remediation.md)
 - [Software inventory](tvm-software-inventory.md)
 - [Scenarios](threat-and-vuln-mgt-scenarios.md)

windows/security/threat-protection/microsoft-defender-atp/user-roles.md

@@ -19,12 +19,12 @@ ms.topic: article
 
 # Create and manage roles for role-based access control
 **Applies to:**
-
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
-
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-roles-abovefoldlink)
 
+[!include[Prerelease information](prerelease.md)]
+
 ## Create roles and assign the role to an Azure Active Directory group
 The following steps guide you on how to create roles in Microsoft Defender Security Center. It assumes that you have already created Azure Active Directory user groups.
 
@@ -37,25 +37,31 @@ The following steps guide you on how to create roles in Microsoft Defender Secur
     - **Role name**
     - **Description**
     - **Permissions**
-      - **View data** - Users can view information in the portal.
+        - **View data** - Users can view information in the portal.
-      - **Alerts investigation** - Users can manage alerts, initiate automated investigations, collect investigation packages, manage machine tags, and export machine timeline.
+         >[!NOTE]
-      - **Active remediation actions** - Users can take response actions and approve or dismiss pending remediation actions.
+         >To view Threat & Vulnerability Management data, select **Threat and vulnerability management**.
-      - **Manage portal system settings** - Users can configure storage settings, SIEM and threat intel API settings (applies globally), advanced settings, automated file uploads, roles and machine groups.
+      
+        - **Alerts investigation** - Users can manage alerts, initiate automated investigations, collect investigation packages, manage machine tags, and export machine timeline.
+         - **Active remediation actions** - Users can take response actions and approve or dismiss pending remediation actions.
+         >[!NOTE]
+         >To enable your Security operation personnel to choose remediation options and file exceptions, select **Threat and vulnerability management - Remediation handling**, and **Threat and vulnerability management - Exception handling**.
+        
+        - **Manage portal system settings** - Users can configure storage settings, SIEM and threat intel API settings (applies globally), advanced settings, automated file uploads, roles and machine groups.
 
         > [!NOTE]
         > This setting is only available in the Microsoft Defender ATP administrator (default) role.
 
-      - **Manage security settings** - Users can configure alert suppression settings, manage allowed/blocked lists for automation, create and manage custom detections, manage folder exclusions for automation, onboard and offboard machines, and manage email notifications.
+        - **Manage security settings** - Users can configure alert suppression settings, manage allowed/blocked lists for automation, create and manage custom detections, manage folder exclusions for automation, onboard and offboard machines, and manage email notifications.
 
-      - **Live response capabilities** - Users can take basic or advanced live response commands.
+        - **Live response capabilities** - Users can take basic or advanced live response commands.
-        - Basic commands allow users to:
+            - Basic commands allow users to:
-          - Start a live response session
+                - Start a live response session
-          - Run read only live response commands on a remote machine 
+                - Run read only live response commands on a remote machine 
-        - Advanced commands allow users to:
+             - Advanced commands allow users to:
-          - Run basic actions
+                - Run basic actions
-          - Download a file from the remote machine
+                - Download a file from the remote machine
-          - View a script from the files library
+                - View a script from the files library
-          - Run a script on the remote machine from the files library take read and write commands. 
+                - Run a script on the remote machine from the files library take read and write commands. 
 
         For more information on the available commands, see [Investigate machines using Live response](live-response.md).