From 4bcb2f09de05e089822439e5af8ebc17b679c392 Mon Sep 17 00:00:00 2001
From: Lovina Saldanha <v-lsaldanha@microsoft.com>
Date: Wed, 28 Oct 2020 10:51:10 +0530
Subject: [PATCH 1/9] Update-4594479

Updated linkid in the link: https://go.microsoft.com/fwlink/p/?linkid=2069559   to 2146631
---
 .../threat-protection/change-history-for-threat-protection.md   | 2 +-
 .../device-control/control-usb-devices-using-intune.md          | 2 +-
 .../enable-virtualization-based-protection-of-code-integrity.md | 2 +-
 .../security/threat-protection/device-guard/memory-integrity.md | 2 +-
 ...nes-for-virtualization-based-protection-of-code-integrity.md | 2 +-
 .../manage-protection-updates-microsoft-defender-antivirus.md   | 2 +-
 .../microsoft-defender-antivirus-in-windows-10.md               | 2 +-
 .../troubleshoot-microsoft-defender-antivirus-when-migrating.md | 2 +-
 .../microsoft-defender-application-guard/faq-md-app-guard.md    | 2 +-
 .../md-app-guard-overview.md                                    | 2 +-
 .../microsoft-defender-application-guard/reqs-md-app-guard.md   | 2 +-
 .../microsoft-defender-atp/tvm-assign-device-value.md           | 2 +-
 .../microsoft-defender-atp/tvm-end-of-support-software.md       | 2 +-
 .../threat-protection/microsoft-defender-atp/tvm-exception.md   | 2 +-
 .../microsoft-defender-atp/tvm-prerequisites.md                 | 2 +-
 15 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/windows/security/threat-protection/change-history-for-threat-protection.md b/windows/security/threat-protection/change-history-for-threat-protection.md
index af17bfed1e..d4391adcbe 100644
--- a/windows/security/threat-protection/change-history-for-threat-protection.md
+++ b/windows/security/threat-protection/change-history-for-threat-protection.md
@@ -1,5 +1,5 @@
 ---
-title: Change history for [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+title: Change history for [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 ms.reviewer: 
 ms.author: dansimp
 description: This topic lists new and updated topics in the WWindows Defender ATP content set.
diff --git a/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md b/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md
index add9bc1309..3c7fb12101 100644
--- a/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md
+++ b/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md
@@ -15,7 +15,7 @@ audience: ITPro
 
 # How to control USB devices and other removable media using Microsoft Defender ATP
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Microsoft recommends [a layered approach to securing removable media](https://aka.ms/devicecontrolblog), and Microsoft Defender ATP provides multiple monitoring and control features to help prevent threats in unauthorized peripherals from compromising your devices:
 
diff --git a/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md b/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md
index 35846937a0..4661467e5e 100644
--- a/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md
+++ b/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md
@@ -18,7 +18,7 @@ ms.reviewer:
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 This topic covers different ways to enable Hypervisor-protected code integrity (HVCI) on Windows 10.
 Some applications, including device drivers, may be incompatible with HVCI.
diff --git a/windows/security/threat-protection/device-guard/memory-integrity.md b/windows/security/threat-protection/device-guard/memory-integrity.md
index 3ebdf7bf95..9fb8ce4166 100644
--- a/windows/security/threat-protection/device-guard/memory-integrity.md
+++ b/windows/security/threat-protection/device-guard/memory-integrity.md
@@ -18,7 +18,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Memory integrity is a feature of Windows that ensures code running in the Windows kernel is securely designed and trustworthy. It uses hardware virtualization and Hyper-V to protect Windows kernel mode processes from the injection and execution of malicious or unverified code. The integrity of code that runs on Windows is validated by memory integrity, making Windows resistant to attacks from malicious software. Memory integrity is a powerful security boundary that helps to block many types of malware from running in Windows 10 and Windows Server 2016 environments.
 
diff --git a/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md b/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md
index d594900ce7..5b41e23255 100644
--- a/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md
+++ b/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md
@@ -19,7 +19,7 @@ ms.author: dansimp
 
 **Applies to**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Computers must meet certain hardware, firmware, and software requirements in order to take advantage of all of the virtualization-based security (VBS) features in [Windows Defender Device Guard](../device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md). Computers lacking these requirements can still be protected by Windows Defender Application Control (WDAC) policies—the difference is that those computers will not be as hardened against certain threats.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/manage-protection-updates-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/manage-protection-updates-microsoft-defender-antivirus.md
index 2ac2800429..cb5f433122 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/manage-protection-updates-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/manage-protection-updates-microsoft-defender-antivirus.md
@@ -22,7 +22,7 @@ ms.custom: nextgen
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 <a id="protection-updates"></a>
 <!-- this has been used as anchor in VDI content -->
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10.md b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10.md
index e9bcff7d72..df6dcb310f 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10.md
@@ -23,7 +23,7 @@ ms.custom: nextgen
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 ## Microsoft Defender Antivirus: Your next-generation protection
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus-when-migrating.md b/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus-when-migrating.md
index 09535418a1..42ea33f88f 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus-when-migrating.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus-when-migrating.md
@@ -21,7 +21,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 You can find help here if you encounter issues while migrating from a third-party security solution to Microsoft Defender Antivirus.
 
diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.md
index b3bb7867ee..efc5e96416 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.md
@@ -16,7 +16,7 @@ ms.custom: asr
 
 # Frequently asked questions - Microsoft Defender Application Guard 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Answering frequently asked questions about Microsoft Defender Application Guard (Application Guard) features, integration with the Windows operating system, and general configuration.
 
diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md b/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md
index 4acd29aa2d..4a6ef8896a 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md
@@ -16,7 +16,7 @@ ms.custom: asr
 
 # Microsoft Defender Application Guard overview
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 Microsoft Defender Application Guard (Application Guard) is designed to help prevent old and newly emerging attacks to help keep employees productive. Using our unique hardware isolation approach, our goal is to destroy the playbook that attackers use by making current attack methods obsolete.
diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/reqs-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/reqs-md-app-guard.md
index 5757f18c10..5b18d1b484 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/reqs-md-app-guard.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/reqs-md-app-guard.md
@@ -16,7 +16,7 @@ ms.custom: asr
 
 # System requirements for Microsoft Defender Application Guard
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 The threat landscape is continually evolving. While hackers are busy developing new techniques to breach enterprise networks by compromising workstations, phishing schemes remain one of the top ways to lure employees into social engineering attacks. Microsoft Defender Application Guard is designed to help prevent old, and newly emerging attacks, to help keep employees productive.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-assign-device-value.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-assign-device-value.md
index 8dfec3f344..7e59c7cb67 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-assign-device-value.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-assign-device-value.md
@@ -25,7 +25,7 @@ ms.topic: article
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 - [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-end-of-support-software.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-end-of-support-software.md
index 7d2f8da30c..aaab188cac 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-end-of-support-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-end-of-support-software.md
@@ -24,7 +24,7 @@ ms.topic: conceptual
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 - [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-exception.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-exception.md
index f8f6565174..dcd537fb96 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-exception.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-exception.md
@@ -24,7 +24,7 @@ ms.topic: conceptual
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 - [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-prerequisites.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-prerequisites.md
index 9aba0d42d1..8ccaa9eb8d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-prerequisites.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-prerequisites.md
@@ -23,7 +23,7 @@ ms.topic: conceptual
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 - [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)

From 2ccf6cad86ab94e5d00d8d7b126bdead03d9088f Mon Sep 17 00:00:00 2001
From: Beth Levin <elizabeth.levin@microsoft.com>
Date: Thu, 5 Nov 2020 16:42:32 -0800
Subject: [PATCH 2/9] completed by

---
 .../images/tvm-completed-by.png                  | Bin 0 -> 6687 bytes
 .../microsoft-defender-atp/tvm-remediation.md    |  10 ++++++++++
 2 files changed, 10 insertions(+)
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/tvm-completed-by.png

diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/tvm-completed-by.png b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-completed-by.png
new file mode 100644
index 0000000000000000000000000000000000000000..d41220688ee5d37253919069c76334c034459ba1
GIT binary patch
literal 6687
zcmb7}bx>PhyQqUxq-Y@tT3RSj+)7J;Qmp*Y;wf&yf)<Bj#ag^ARvd~|a6*s-heB|N
z;8NTvE+_rYy))na<DNO+%-(D7S+i!XJ+t?E-{*bydo2xRN-{7R005v=d8wcc0N{z^
z?%ha<acy<3SP$-U$Mq%j4FJHv`S-+A(SEp(>m>0|QCB2cAtwgh6&2YSvH$=;XcYxH
zU7w7dOiegFG_b3w?Az3~(qo${>4yFfV+ygzl_ezhgCsC4l#-TlH0327kyXpxf9Qvl
z+W3b#YCC?ogPE4cOe2WIsqLMeGYE!%#D+CTKAoHufN?cEpXpYxUQhC;voVnO_S8c$
z&t?0KnK;3T({rybbKDJ3et+h^e=`f3-@7)|Ym;1KCX}PT)8aQv$xa&Tlax?QLzu|@
za+EamCH+GOLb-=zwBn)cv_$X0a@)_c7R_we4z@j?SfxiX*7$*z>-dPrM3w{k9GKM@
zd+gw=37hntYf|xcImW526Hb(g5b#m>py?Z^nn7(vr5|X-1Oc+|Q=PQG@@`M#$uXXH
zC-)XFDgC@jPdosaFyKWVg24*ZMjdJ0OJe^Rnx?&-RlkqM^YC$?{2T;r>yTm`oKLGV
z?L1Qht-fG*7cK&}i~3{C@UE`hz#Y~)r|t9lZs8j%WR2K+tEXdIlBxQrZ$naPsGVaJ
z<!h77596;gKlpvh#45O#q`3X*CX|txx2XU;gGkyq7V@i>X{?Q$aHD=|7;WW^Br|a{
zD!JNkaA`Qk3*R)*f@u2qj%B(8`vT&Aj2sh6)p|djS(#!M%t&9}f<)N9X-tsrTFZLh
zH-=e!79`O{o?;+%*KqC4n#=-+XOiZId!I+Y?<#>Q5+#748Zi*0iaIV8A@R|esOc%H
zTsxbovP(-u(7cCTpVR@R5_M%3p0;Jxs4K#KlQeDQjf_x`<|5vVQ-pZ`dDT-HPyfu*
zY8!Nj^yc0NZnM#`S^d&@7NOxbt8tg?XlCpYxc!hbyU9I0s4o1$+{60FY$jnZhI1K!
zYq_Ccuu%b@K*?KqI=dXU4cz<ddQ?FOkc^7<%xN0n&JSesPH|q+-YtB!OA0n5{GhmV
z|AdW|2p#3v&Rx1?TF2IAMOA)g11^dicg-g|rjj%a5Q))w>()ivaA$2!J>yD+$i8m&
zwx4i+NM`{+VKf)rJIEcO8D)GOsa#R48dW6@ko~A44F^p+A~<duw9VQ~)XXiP7gEM7
zJRG;|Ut$-y5fdD^A1kj+wY1Af`IU+y|0I!s;<&BOpe@mRSh#CfBQI~fmMX1)2tu^K
zq$>7d>v3kAF3CvO#C~Z^*Hh8(No-i|od8IB{OC~Xyu(QTdU_1eXk46A-n9bl%cjhh
zVN@S<8$oS_StmQ~3NYAQEi-VLzt8Ne9ZI0}XiiR9?I&B&2l0%!-d4%f-4B{Oim-LA
zQm;<nreiVX&Zq0o?>e;AV&7gSK)<xd#!ZzRV?lh^o9NPsI`672trm5@Z&q72#{99C
zK7d0mLGue!O69u=Uw6R7ovsJnhGKJinXMjrJ|?w+py|q^p@#`mOh#%DX}J1OTXO#K
zS?TePJj|ZvbgUQViC1eG9~9h>y)N1u%klMXk=wc*Wwa=HF^hDyuga-ec_yGfB71|b
z>I_K4j8X5QAHw7~Ul`l3*s2z<DhV0V^T>A)89z<zYPhUAoP3qRtaE-T+!#dB<sOan
zv1QnsO=~_o;3Hn0`!vDp<FbHXx@8se$tqv^3xsS2W4TWOU~cb_s;VTRe{!z9!<Sq#
zF|GJDG1~+{mdkJXBW(2uKwZNVlT;qSK?%R0d2fm+T;H?6v@*o6R$5A(Gz`a|mf8sU
z7~fUxQgRbPP?98;+!Idq&%q3+UTUxbm3|^4ybUCH?046Y7n;#$-@BV=utCL3jC9!x
zWw+;h2aNO6E1bRr<{6LHiXt=8_!y`R_UD?Tk7(OF#k2%Im%B*(Rta_?8{?svV`_1a
zPn$Qq(drQ7x*^g;uPzzw243x0;{~11?l>-Ov4dRbf7zdoa3|)_Gyu+l-5?+xD1D`Y
z;H;~=sqH3=44fdO8Ou(}0m=f)QHO;o#Ii>z$mJ<fE99}idO*tY>VJrb)bB(8ZTQP;
z=j+<C21;BsEu-+u&HOu0o96!so&WF9|8VC29{$zTn}Br5W^ut`wZJ0A3618z%IVYZ
z;WXtx9+7WPj})7FGUTeVjbJ+*je3$bcP%3CvO%|0sTVu-gX;Oxp9|b9bKKR%u6OUo
zxr%DQ!-^HJp3U*Y((kd~y}KV99;-+`{!?obfhwtwN{Lj6^;xFQYi;pG5=Qh3S*gDS
z$Gc5R2s*>I1vDm+uZno{Q;><pPO=Xj+L;s;215aORMdpbcqyh#Rx|^@dfCX*7v;Kp
zD?$rDRu{T0-UsKw95}521mxHp3`Onf_SDhvng%?M9ss%BJl($rp!eF22z=0G{xUG&
z9V+~x$Hc7(^fAIh#D<$(o9Rq0e8ylX^{>jWAz;o{O9r4-IbTK8vvx~iVoYT-U&P+6
zy`O(6#X+p1zpWfVc7IXTKZfbvheo+|6Gh!$`<u_Ce*j~3{(Na=xF^m)gD5vHY@!Of
z%5(`reR^aXb&vs`AkOh`VSm2xI6ski#eW~dmbDhH+CW)08?jYy*Wgq=D>386<W#pF
zfM%5Lr@IUoc()d5bJ2N&c!Y5?sWvefU47qi3Yj_~?g{53ezPcIGP_woZ3DkXmc4WE
z##{9xSZ$@x$oz4mt`JS8+^nelV_R{`2zxXrF)}0Z+L`=ka-G<agTxRVchn5xS`ite
zpA5zmW6_h&ElHPO_}z>R(taj$myNx0{vHm)h--wwy&9<7G{*?+sd`d&1H=YFgfjSM
zWEpHZRgN(p&OHsoruxX}t;KhTqcNt`m1dtz(>9N-%}6i^b1Va&YCs+?haM<0*Xgvl
zn;Axme(G32(IyX^x*TfbcKJ{ENj(bujdMo2K6rIXESR`Q%IK1boTRyK+k?O?PAK3^
zh6LE$()^X5s8as7TyQhh3r*D&dXDYBYG_-M=#uvftpeL(WicgCeP*jFK~;0=Js3y&
ztUezgLe*(Tj8igXoANCix(FgZM(#H(`ew+vuAb4cMj^g1*$bN_U2OQdcI;&ORlNE{
z?k0^d_FEUc!LD|-2!g)4;fR|_Q)IP?SyP}AF-^tqH*jTP%QKD?%1f)<1r>dNZiQy|
z`}G1u=_{N8%AY9F2uH2Q(DCPMDdp!Ev1Csan7?Kz!o+nO30htCs`K4b7D~MY1)2g|
z3JTICSthK!5e1_Bj0h|aO(3#1qihIUTmR!7IqxWU-P~;*{}U&{<8cZqGk=|7DM#^i
zI~fDa8?kKJt~cjX0dt?T^mVZA-^X5H^jK3C)9MOs9}R!$bM<9~z6OA;tFZ8@SvsN~
z^H4wrK}eP;V<+7iI;zPxB(B1(KZKo{_)+vLRHltlIb7A>X<DqthgVRY^^uiNOm|`g
zO@<9cxf8ipj}rCSLP%`G<-pQEX1GrZJZDm}K!yXa@p8uJ7p}wxvi9sjfamr!NZf19
zMw)->AmS_gy4Y*&mj9*8pP*B`I7K*+7>U*n*%jS#R08E0Q2O(cjMQ=TkiaVT@`V>(
z6JeBm`+Hw{&q-Aw-JK|x&0-dN-irkXHOG^4Zl|MyU&^vzlkHwxp@XeN<F*&s7XIc2
z1A(aH8E|Qt?!GB1=HL`#*ZVuMnEPQ$5QU2@;8;jJfu*w2h?USX%-mx|o3|kLwK;<5
zak<A817C)#R)tjQrqGg&+UuYk#gzLCd1^vT<_ua*niA1FHBfTWS?8L$r^dQ@v}C61
zp(MjUPgfIk{XK`V+FNqw0wGy&E#XGedT0AoIdh69tyTp6iQU^t5h5Id3#Qg5T^Spb
z(3Q)To7`88{x6IRZ`$%rpiJ3(_#MI?l=vQ?y9}xppy#q0_d=#q@*0h7$?|GDI(?tW
z8yh_v8Gh8iwDL)Os*Sb1!@E5Tm*y!-0^UZtKHRNu?B3tk(Uds=%#=TIip+{Z)krA;
zOUY|F87IQG5Z3j~oIXy{9|zqm%-Y}9puX4R>!mRIeb|vO*0VKg5AKH5PQb#8p$vSm
z4Ul4ViPMmd{hrFTD9l&)hbqmJiK(p;XD(Z1MHB-ZJ04vi!#^cZxQXBp&8?Z%$#G#5
z*~HgVMII}B-kbTp_$!3vM3q>;+_!+Vk&T6mx{O$KuIKBl5GKM#CA|VJ{LDO8-ALa~
zIhiJYM=e^QG5|zHC%XSzxK&1{<g@9?x+fD)TXLIXFD9|iS#Vf~uG0eA%6+V^wWaOK
zxBNRbTYrX9OyL{W{Bv&jd5y*P)H_{=cnfy-3Y~Ht9;g=?A~V!!O7hSe@9qVTENHvj
zp?|ZnXI-GU&S%u<_)9h*@rMFRnCFEs#EZ@#HnlyLBjG$z0PlQ?$haMxg%)yw#Gd1K
zt}#_OZKyf+21OZNo^m=G*5PqLT0A0)x#HpWMhKfN&zhfvnv)*fYRN1$^4QI4gQ*QL
zKF{`8gwy19*5`7pt^<`eqI^OlM0E<WFY^mlI|kDMtWeV3X)U9DqOHzQY#8nYC51Dg
z+18<h!6bf?-%L$tY(B^)cQkMBPJMN4FB$&1e=b@KG4AZwr65eq8b>&-1mRQsE_8ic
z5W0HwP3_G!=Q_qJ&#<||SRWprRDPu)rh0o$D^f>8!O(Hi?Ram+W@gDl<tybq#srdJ
zR$m&owGl~=>IkbkJ`L0F3!_R-Pv;XQ#6se2pGaAqz}kSHs?ycSHG2?v0*%P$8tx@p
z?`@!@Kb~Wq7cgralnr_=EJ6q6HtPl5$ny7bpvP2kB|`+w*3d<7g8io}y+!;@^!Ald
zb0eo@xBj{buLlRb1E;a6DWFlt5Ph>bu}m%^^(H0!brP5G+%PJxh<Mj6t}uC3@lo9d
zA4!7mp;Zpt4w$)f5|?W&jYLh$Zpn(=rBDhOtqMm*h6wEUs_hxOcWvLdNf*139_L&|
zN<TwPUMRyxl+89Y0zOKxq=teFw2}1uA!zBPB?sPIbp>&eJxHIG0Ip?RW)(@729s2T
z60?gX{IZtIVP*dKBr{#Gbpr`q*>L)0>+|(jcwXV$L#;G5%~xnE+q+V@?0wyR>h=2{
znt9URuK3W>?tJ!u;ifj2e8@6s@9C2|Kg(FA0Yxt~<p>Lp{(UBK`5wbb^!_~odD2yD
z<9Va``J3o!3{AX;5OMSrV0rrI#EU#<zpgiMh*r}_YV<Y}RCwkjOE#3+SDcgnF?$AU
z{J0~8y`&KPel{{t&Nxhcl<=dCqLc+YuZSN@W|`W-Zsk}p$9Q{Q*^Z(qrvi8VB7keV
z`TdS^=V;hgZ+Kd8RdEj9>=H~P-=)2?o(|1c6xt-@huWW@em1wYCG^npl%2#kg3$(#
zAu_f&_KQcHq@P#&^V$|?b_ampq=j8sJ&*MdsR(-UW_qA2>tm%%rGtM0#SBn@n7Fl7
zj@7QH*ORW6DVAj9YmJYKsT3mf9E^Uf(_c@J9w}jjwzk)!)cwWdqoTlR8*v=-+(IV1
zbKLp9oR$n`Awys6-VP!DfElRYcQJ2*UW^~r4nA`d@08lAhM5FXF-5aH2$QQhdl$v>
z;N*1F6r)Mgb>ic|C>kT0k;q~40HGEmH7>f+Fza+5L39ys@VEXyz73@P|H**=m}oiv
zj2W1rb|t6@<r+oSiz5FnAa?ceKSAt&=Von(j#KH1))02m=BM#ceAh&x7-0ZKjId!$
z_YNcb{IAUbLDi-bPBLQMbBctZ{Y;nJAxzc-IqC*deuvjc{JX4#q@jQi+RET}^1B8k
z9#LSRye4${LQ`Q72=sWL$da2A{#pfB2ee1uQB)@btucq}wHaXXl$!~5)WfGAgsbsu
z4;!Yi!AK{Riurn^w*Fd@D8_s%2lQIYDWn=JU_23yb!c%y3_8>dIv^Gh#ucRuwc*KI
zc?Bcsb~t*FFtU?Kcc<C<S;+kWVmiKv7}8fY;w!}_U$zfB)C@V)#Bx2+60jCdB~RJd
z)YmlnT=8caefQfe(dRA7&*VC;UX>T^%jVPN?+?y9$K&`vS0p{~`q&vDmof6w2snW9
zYq0NSY~6c-YUKCaerTcA=h$}o_6!}5SZi^N{==TororInV5v^|R1Xpxoth>*s(T>B
z;$mg_3*_fx!TJjML*Cb3q^$7YKrwZ@*IL-83|IYKr$ctc4y%&Xf4^1KRYm%H;9;ul
z0hFJ;5hv}-y)k$byoRhkv;4kelE{Pa76FYS(PDs%nctfihsesxK2Nx4ZqaWXW^4MW
zIWv_$ZWJ}}vv$VB`e;pma;Ky!<$*{n=GJgzWp35y&3LUR)nHj6Wt0O)3pE`@)VdYb
zdj8X_I4Io{T>6y>U3t~%qv0dH9L}>4Ks0f1zsHkwF`dWJ#kn4Q;_*(&WxE%MdgaM`
zd<Dy}1L1@b%bdkJ5pXU<K#I!+hby8_Ds-7!%y(_id@Tr5lAV`4GE%0dlKaK-89iZS
z+yk1RKao3AP{Cu*k>=@7yVdTw?C?A*BdokY^v1V$8#6#>e)T0ojnyZ6xs7w_)!(@b
zPm6brM)OBcOP+-voVz1kIum!aoIW{;!(XgryGhuRd;US)!H%Q~E*Ku*IcL7|1bZG=
zUQQwc-z|Kczdixo?gZU323=%}->_-29w=uAb;<^vB?Q%P?nmlH%6c&03_@4qjP==`
zHD2uBH+y@QQ1*=K{M+*W*d}k8{<p?@?Zu=dvNC;x^UZH<Y|pX}HD#}3f=;HI4hCdz
z#c%(V1+@hor7K?z<#$~jEdM<pEgcP6-MkdkJj?I8?PrrVU5;lhbGw1ZF$$Eq_fMS9
z)KQ)Bu4NqQ$#^=)mA(1D8tc$z;GoXdJ;>|%*Ejt*p|xK^ma<hD^Vfvwt*UU?L@n!r
z^3*B@_%w$empQYov8)Y3U5t%dtN&ove0C4Nm8$+Mo0sW&16|G-^_=2|q%ViVeWWGV
zh8#<`ADv7Cz1p9e;mqabFSqpa?+KnV-ld|b2YrpTNmQ+uUAU)unlCVm(32_X7yNk3
z32#A4Y}F2cb||(ce<d$tFZ!PQJ3#hn&O%Zj?za!>1QE;N&oheV;fh1jW390x$j+*-
zDU)dfe<Oe0ncr{-W=i*ITTh2;(sz(PtH#UXx1^)+AHZaoh=0h%+nHHeeBr^F=-wM(
z0jpGWK=zER*avUTuXq5Q)oQ4ekbx3@uv!NrH$|BFl3PWB12cH>YXlX2Yx`5@p6@lL
z-!J9QwBMk!bvx|-a!he|X-Udb^J0f0LKlsem!$PJ`KV^bYM{@1CV7+_V}uU`%KbJt
z9STOqrL|ozO`Fqp`S~&8P?gGc19|)+PSaAwWRHLH-sY(rBb}spx!h|r*1fo~a;_ca
zdD*WxN%T9s2tr?x)Hf9>`e0xSSLBRkIcr^XA{xgKyAOvVUG&yfrSmL=g)pHVe1^$H
zm`V#H26z$-l3jQU7R_U*YCphrCU;FE4Ec<b?KeD80|>=HtWpmmq0$NP{O1Y%IyN#!
zq|)I|%1Zgav>bu`Ha7udd80Pr+`Jv>i|vOvDP@QjjcM3R8G0@oaVoeJhzhxE>M{2L
zXdR5MwvjVYj3~R|(8{K!_jg5Gat*)OZ*t@pDD|3$ExvqNgB&)DK^#VS-9W@cFQ$4Y
z!KS6sS_W29jy6oCmM=VfT=7rAN|AAOF!c30oFC?;urlaPs+`5wEQebw8rZggqA^a{
zG7wdqigu1Y4zb8FoHj=k;l$+=x3Q@FS#JC^whh{ZY?EfiAB!90N1eExXdZy3!6x@t
zcV0yzYl6%;(AH9Nw~G|Jfx04%{@u+)d}d6FJJJ26c7h`Ezoi3IzAF3V*UP;|#e6TI
zI6;NYqA4^TsS<pR3^kTNDe^g`UarE=(}T0FtKm!t@ZHe+IPHNiexIjNqVxDcb*8)u
zt1F>g4mm8QrP9gJi<e%o(;S*iub%WO&<hg4bP>cW4?fQZysP6Giq0}f>-&?EBN+eQ
z5)a4M71H{xhf+g)*K4Z3R{lyp?4vThggv^_tBsE@nRo@*sQ}W493q73%Y#GUxYbHY
z-=Cp6Of{<k%F}~{GFh|Re0$EhA?~<9cU*hSE-;r^6;ANrSH?MYn$+Q!F$_>vhNo#T
zABp}*oY1*{Bg~B9Us}RNSe#M>ow^nygCCP1rVGUmWi$Wf4n0j6pA9QWd2c$OG>L|M
zuiVY8c(qeffOEE9km!~Q?Uja6%x*=uYtPn;TNmxyQ&~!o^3j5?%yd>%cuCij_9$Ia
z3gt867tI8&W*;(o2LOu&pthG-goP-1uVuM8<Tswe9PeNo6h;Q#f5(RA)aOv*0rCng
z^xQc#i2`og#57T<J+vlOX$0~+G~Le6D~8@WX-el4gLthD@?ed=&8v>OCV5<uNy!CE
zt`5lP$%(H^Vf@$Qr`{`})GBhmF0D*{X@i6Zuot&`kK}MT6X+N9zjJ>bw*+Wai?GbY
T^+4Ru9e|3WhC=BJ^U(hS*^tCn

literal 0
HcmV?d00001

diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
index 83f4fa34f0..17ec33ff29 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
@@ -69,6 +69,16 @@ Once you are in the Remediation page, select the remediation activity that you w
 >[!NOTE]
 > There is a 180 day retention period for completed remediation activities. To keep the Remediation page performing optimally, the remediation activity will be removed 6 months after its completion.
 
+### Completed by
+
+Track who closed the remediation activity with the "Completed by" column on the Remediation page.
+
+- **Email address**: The email of the person who manually completed the task
+- **System confirmation**: The task was automatically completed (all devices remediated)
+- **N/A**: Information is not available because we don't know how this older task was completed
+
+![Created by and completed by columns with two rows. One row for completed by has example of an email, the other row says system confirmation.](images/tvm-completed-by.png)
+
 ### Top remediation activities in the dashboard
 
 View **Top remediation activities** in the [threat and vulnerability management dashboard](tvm-dashboard-insights.md). Select any of the entries to go to the **Remediation** page. You can mark the remediation activity as completed after the IT admin team remediates the task.

From 0902f1de628988eaecf4d9098c5afb7f164323e1 Mon Sep 17 00:00:00 2001
From: Beth Levin <elizabeth.levin@microsoft.com>
Date: Thu, 5 Nov 2020 16:43:25 -0800
Subject: [PATCH 3/9] update name

---
 .../threat-protection/microsoft-defender-atp/tvm-remediation.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
index 17ec33ff29..41b47476e8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
@@ -69,7 +69,7 @@ Once you are in the Remediation page, select the remediation activity that you w
 >[!NOTE]
 > There is a 180 day retention period for completed remediation activities. To keep the Remediation page performing optimally, the remediation activity will be removed 6 months after its completion.
 
-### Completed by
+### Completed by column
 
 Track who closed the remediation activity with the "Completed by" column on the Remediation page.
 

From c14df08a10d48e6af49a2d2018c4ab28737588eb Mon Sep 17 00:00:00 2001
From: Daniel Simpson <dansimp@microsoft.com>
Date: Wed, 11 Nov 2020 06:53:09 -0800
Subject: [PATCH 4/9] Update change-history-for-threat-protection.md

---
 .../change-history-for-threat-protection.md               | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/security/threat-protection/change-history-for-threat-protection.md b/windows/security/threat-protection/change-history-for-threat-protection.md
index d4391adcbe..53466cf41c 100644
--- a/windows/security/threat-protection/change-history-for-threat-protection.md
+++ b/windows/security/threat-protection/change-history-for-threat-protection.md
@@ -1,8 +1,8 @@
 ---
-title: Change history for [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+title: Change history for [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 ms.reviewer: 
 ms.author: dansimp
-description: This topic lists new and updated topics in the WWindows Defender ATP content set.
+description: This topic lists new and updated topics in the Defender for Endpoint content set.
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
@@ -16,11 +16,11 @@ ms.localizationpriority: medium
 ---
 
 # Change history for threat protection
-This topic lists new and updated topics in the [Microsoft Defender ATP](microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md) documentation.
+This topic lists new and updated topics in the [Defender for Endpoint](microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md) documentation.
 
 ## August 2018
 
 New or changed topic | Description
 ---------------------|------------
-[Microsoft Defender Advanced Threat Protection](microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md) | Reorganized Windows 10 security topics to reflect the Windows Defender ATP platform.
+[Microsoft Defender for Endpoint](microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md) | Reorganized Windows 10 security topics to reflect the Defender for Endpoint platform.
 

From 0f26cd1d82e151cf3d32178ff43837b535bbf219 Mon Sep 17 00:00:00 2001
From: jaimeo <jaimeo@microsoft.com>
Date: Wed, 11 Nov 2020 11:26:06 -0700
Subject: [PATCH 5/9] corrected endpoint list to latest, linked to
 authoritative source, fixed some Acrolinx and other language issues

---
 .../update/prepare-deploy-windows.md          | 23 ++++-
 .../update/windows-update-troubleshooting.md  | 86 +++++++++----------
 2 files changed, 63 insertions(+), 46 deletions(-)

diff --git a/windows/deployment/update/prepare-deploy-windows.md b/windows/deployment/update/prepare-deploy-windows.md
index 53b1f289ec..19c0a83aa5 100644
--- a/windows/deployment/update/prepare-deploy-windows.md
+++ b/windows/deployment/update/prepare-deploy-windows.md
@@ -41,13 +41,13 @@ Your infrastructure probably includes many different components and tools. You
 
 You should also look at your organization’s environment’s configuration and outline how you’ll implement any necessary changes previously identified in the plan phase to support the update. Consider what you’ll need to do for the various settings and policies that currently underpin the environment. For example:
 
-- Implement new draft security guidance. New versions of Windows can include new features that improve your environment’s security. Your security teams will want to make appropriate changes to security related configurations.
+- Implement new draft security guidance. New versions of Windows can include new features that improve your environment’s security. Your security teams will want to make appropriate changes to security-related configurations.
 
 - Update security baselines. Security teams understand the relevant security baselines and will have to work to make sure all baselines fit into whatever guidance they have to adhere to.
 
 However, your configuration will consist of many different settings and policies. It’s important to only apply changes where they are necessary, and where you gain a clear improvement. Otherwise, your environment might face issues that will slow down the update process. You want to ensure your environment isn’t affected adversely because of changes you make. For example:
 
-1.	Review new security settings. Your security team will review the new security settings, to understand how they can best be set to facilitate the update, and to also investigate the potential effects they might have on your environment.
+1.	Review new security settings. Your security team will review the new security settings to understand how they can best be set to facilitate the update, and to also investigate the potential effects they might have on your environment.
 
 2.	Review security baselines for changes. Security teams will also review all the necessary security baselines, to ensure the changes can be implemented, and ensure your environment remains compliant.
 
@@ -98,7 +98,24 @@ You can check these services manually by using Services.msc, or by using PowerSh
 
 ### Network configuration
 
-Ensure that devices can reach necessary Windows Update endpoints through the firewall. 
+Ensure that devices can reach necessary Windows Update endpoints through the firewall. For example, for Windows 10, version 2004, the following protocols must be able to reach these respective endpoints:
+
+
+|Protocol  |Endpoint URL  |
+|---------|---------|
+|TLS 1.2         |  `*.prod.do.dsp.mp.microsoft.com`      |
+|HTTP     | `emdl.ws.microsoft.com`        |
+|HTTP     | `*.dl.delivery.mp.microsoft.com`        |
+|HTTP     |  `*.windowsupdate.com`       |
+|HTTPS     |  `*.delivery.mp.microsoft.com`       |
+|TLS 1.2     | `*.update.microsoft.com`        |
+|TLS 1.2     |  `tsfe.trafficshaping.dsp.mp.microsoft.com`       |
+
+> [!NOTE]
+> Be sure not to use HTTPS for those endpoints that specify HTTP, and vice versa. The connection will fail.
+
+The specific endpoints can vary between Windows 10 versions. See, for example, [Windows 10 2004 Enterprise connection endpoints](https://docs.microsoft.com/windows/privacy/manage-windows-2004-endpoints). Similar articles for other Windows 10 versions are available in the table of contents nearby.
+
 
 ### Optimize download bandwidth
 Set up [Delivery Optimization](waas-delivery-optimization.md) for peer network sharing or Microsoft Connected Cache.
diff --git a/windows/deployment/update/windows-update-troubleshooting.md b/windows/deployment/update/windows-update-troubleshooting.md
index bce6aa30cb..32a55ed102 100644
--- a/windows/deployment/update/windows-update-troubleshooting.md
+++ b/windows/deployment/update/windows-update-troubleshooting.md
@@ -21,7 +21,7 @@ If you run into problems when using Windows Update, start with the following ste
  
 1. Run the built-in Windows Update troubleshooter to fix common issues. Navigate to **Settings > Update & Security > Troubleshoot > Windows Update**. 
 
-2. Install the most recent Servicing Stack Update (SSU) that matches your version of Windows from the Microsoft Update Catalog. See [Servicing stack updates](servicing-stack-updates.md) for more details on SSU. 
+2. Install the most recent Servicing Stack Update (SSU) that matches your version of Windows from the Microsoft Update Catalog. See [Servicing stack updates](servicing-stack-updates.md) for more details on servicing stack updates. 
 
 3. Make sure that you install the latest Windows updates, cumulative updates, and rollup updates. To verify the update status, refer to the appropriate update history for your system: 
 
@@ -41,8 +41,8 @@ Advanced users can also refer to the [log](windows-update-logs.md) generated by
  
 You might encounter the following scenarios when using Windows Update. 
 
-## Why am I offered an older update/upgrade?
-The update that is offered to a device depends on several factors. Some of the most common attributes include the following:  
+## Why am I offered an older update?
+The update that is offered to a device depends on several factors. The following are some of the most common attributes:  
 
 - OS Build 
 - OS Branch 
@@ -50,20 +50,20 @@ The update that is offered to a device depends on several factors. Some of the m
 - OS Architecture 
 - Device update management configuration 
 
-If the update you're offered isn't the most current available, it might be because your device is being managed by a WSUS server, and you're being offered the updates available on that server. It's also possible, if your device is part of a Windows as a Service deployment ring, that your admin is intentionally slowing the rollout of updates. Since the WaaS rollout is slow and measured to begin with, all devices will not receive the update on the same day.  
+If the update you're offered isn't the most current available, it might be because your device is being managed by a WSUS server, and you're being offered the updates available on that server. It's also possible, if your device is part of a deployment group, that your admin is intentionally slowing the rollout of updates. Since the deployment is slow and measured to begin with, all devices will not receive the update on the same day.  
  
 ## My device is frozen at scan. Why? 
-The Settings UI is talking to the Update Orchestrator service which in turn is talking to Windows Update service. If these services stop unexpectedly then you might see this behavior. In such cases, do the following:  
+The Settings UI communicates with the Update Orchestrator service which in turn communicates with to Windows Update service. If these services stop unexpectedly, then you might see this behavior. In such cases, follow these steps:  
 
 1. Close the Settings app and reopen it.  
 
-2. Launch Services.msc and check if the following services are running:  
+2. Start Services.msc and check if the following services are running:  
 
    - Update State Orchestrator 
    - Windows Update 
 
 ## Feature updates are not being offered while other updates are
-Devices running Windows 10, version 1709 through Windows 10, version 1803 that are [configured to update from Windows Update](#BKMK_DCAT) (including Windows Update for Business scenarios) are able to install servicing and definition updates but are never offered feature updates.
+Devices running Windows 10, version 1709 through Windows 10, version 1803 that are [configured to update from Windows Update](#BKMK_DCAT) (including Windows Update for Business) are able to install servicing and definition updates but are never offered feature updates.
 
 Checking the WindowsUpdate.log reveals the following error:
 ```console
@@ -95,12 +95,12 @@ The 0x80070426 error code translates to:
 ERROR_SERVICE_NOT_ACTIVE - # The service has not been started.
 ```
 
-Microsoft Account Sign In Assistant (MSA or wlidsvc) is the service in question. The DCAT Flighting service (ServiceId: 855E8A7C-ECB4-4CA3-B045-1DFA50104289) relies on the Microsoft Account Sign In Assistant (MSA) to get the Global Device ID for the device. Without the MSA service running, the global device ID will not be generated and sent by the client and the search for feature updates never completes successfully.
+Microsoft Account Sign In Assistant (MSA or wlidsvc) is the service in question. The DCAT Flighting service (ServiceId: 855E8A7C-ECB4-4CA3-B045-1DFA50104289) relies on MSA to get the global device ID for the device. Without the MSA service running, the global device ID won't be generated and sent by the client and the search for feature updates never completes successfully.
 
-In order to solve this issue, we need to reset the MSA service to the default StartType of manual.
+To resolve this issue, reset the MSA service to the default StartType of "manual."
 
 ## Issues related to HTTP/Proxy 
-Windows Update uses WinHttp with Partial Range requests (RFC 7233) to download updates and applications from Windows Update servers or on-premises WSUS servers. Because of this proxy servers configured on the network must support HTTP RANGE requests. If a proxy was configured in Internet Explorer (User level) but not in WinHTTP (System level), connections to Windows Update will fail. 
+Windows Update uses WinHttp with Partial Range requests (RFC 7233) to download updates and applications from Windows Update servers or on-premises WSUS servers. Therefore proxy servers on the network must support HTTP RANGE requests. If a proxy was configured in Internet Explorer (User level) but not in WinHTTP (System level), connections to Windows Update will fail. 
  
 To fix this issue, configure a proxy in WinHTTP by using the following netsh command: 
 
@@ -113,14 +113,13 @@ netsh winhttp set proxy ProxyServerName:PortNumber
  
 If downloads through a proxy server fail with a 0x80d05001 DO_E_HTTP_BLOCKSIZE_MISMATCH error, or if you notice high CPU usage while updates are downloading, check the proxy configuration to permit HTTP RANGE requests to run.  
  
-You may choose to apply a rule to permit HTTP RANGE requests for the following URLs: 
+You might choose to apply a rule to permit HTTP RANGE requests for the following URLs: 
 
-*.download.windowsupdate.com  
-*.dl.delivery.mp.microsoft.com
-*.delivery.mp.microsoft.com
-*.emdl.ws.microsoft.com
+`*.download.windowsupdate.com`  
+`*.dl.delivery.mp.microsoft.com`
+`*.delivery.mp.microsoft.com`
 
-If you cannot permit RANGE requests, keep in mind that this means you are downloading more content than needed in updates (as delta patching will not work).
+If you can't allow RANGE requests, you'll be downloading more content than needed in updates (as delta patching will not work).
  
  
 ## The update is not applicable to your computer 
@@ -128,13 +127,13 @@ The most common reasons for this error are described in the following table:
 
 |Cause|Explanation|Resolution|
 |-----|-----------|----------| 
-|Update is superseded|As updates for a component are released, the updated component will supersede an older component that is already on the system. When this occurs, the previous update is marked as superseded. If the update that you're trying to install already has a newer version of the payload on your system, you may encounter this error message.|Check that the package that you are installing contains newer versions of the binaries. Or, check that the package is superseded by another new package. |
+|Update is superseded|As updates for a component are released, the updated component will supersede an older component that is already on the system. When this occurs, the previous update is marked as superseded. If the update that you're trying to install already has a newer version of the payload on your system, you might receive this error message.|Check that the package that you are installing contains newer versions of the binaries. Or, check that the package is superseded by another new package. |
 |Update is already installed|If the update that you're trying to install was previously installed, for example, by another update that carried the same payload, you may encounter this error message.|Verify that the package that you are trying to install was not previously installed.| 
 |Wrong update for architecture|Updates are published by CPU architecture. If the update that you're trying to install does not match the architecture for your CPU, you may encounter this error message. |Verify that the package that you're trying to install matches the Windows version that you are using. The Windows version information can be found in the "Applies To" section of the article for each update. For example, Windows Server 2012-only updates cannot be installed on Windows Server 2012 R2-based computers. <br>Also, verify that the package that you are installing matches the processor architecture of the Windows version that you are using. For example, an x86-based update cannot be installed on x64-based installations of Windows. |
-|Missing prerequisite update|Some updates require a prerequisite update before they can be applied to a system. If you are missing a prerequisite update, you may encounter this error message. For example, KB 2919355 must be installed on Windows 8.1 and Windows Server 2012 R2 computers before many of the updates that were released after April 2014 can be installed.|Check the related articles about the package in the Microsoft Knowledge Base (KB) to make sure that you have the prerequisite updates installed. For example, if you encounter the error message on Windows 8.1 or Windows Server 2012 R2, you may have to install the April 2014 update 2919355 as a prerequisite and one or more pre-requisite servicing updates (KB 2919442 and KB 3173424). <br>Note: To determine if these prerequisite updates are installed, run the following PowerShell command: <br>get-hotfix KB3173424,KB2919355,KB2919442 <br>If the updates are installed, the command will return the installed date in the "InstalledOn" section of the output. 
+|Missing prerequisite update|Some updates require a prerequisite update before they can be applied to a system. If you are missing a prerequisite update, you may encounter this error message. For example, KB 2919355 must be installed on Windows 8.1 and Windows Server 2012 R2 computers before many of the updates that were released after April 2014 can be installed.|Check the related articles about the package in the Microsoft Knowledge Base (KB) to make sure that you have the prerequisite updates installed. For example, if you encounter the error message on Windows 8.1 or Windows Server 2012 R2, you may have to install the April 2014 update 2919355 as a prerequisite and one or more pre-requisite servicing updates (KB 2919442 and KB 3173424). <br>To determine if these prerequisite updates are installed, run the following PowerShell command: <br>`get-hotfix KB3173424,KB2919355, KB2919442`. <br>If the updates are installed, the command will return the installed date in the `InstalledOn` section of the output. 
 
 ## Issues related to firewall configuration 
-Error that may be seen in the WU logs:  
+Error that you might see in Windows Update logs:  
 ```console
 DownloadManager    Error 0x800706d9 occurred while downloading update; notifying dependent calls. 
 ```
@@ -150,33 +149,34 @@ DownloadManager [0]12F4.1FE8::09/29/2017-13:45:08.530 [agent]DO job {C6E2F6DC-5B
 Go to Services.msc and ensure that Windows Firewall Service is enabled. Stopping the service associated with Windows Firewall with Advanced Security is not supported by Microsoft. For more information, see [I need to disable Windows Firewall](https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc766337(v=ws.10)).
  
 ## Issues arising from configuration of conflicting policies 
-Windows Update provides a wide range configuration policies to control the behavior of WU service in a managed environment. While these policies let you configure the settings at a granular level, misconfiguration or setting conflicting polices may lead to unexpected behaviors. 
+Windows Update provides a wide range configuration policy to control the behavior of the Windows Update service in a managed environment. While these policies let you configure the settings at a granular level, misconfiguration or setting conflicting policies may lead to unexpected behaviors. 
  
 See [How to configure automatic updates by using Group Policy or registry settings](https://support.microsoft.com/help/328010/how-to-configure-automatic-updates-by-using-group-policy-or-registry-s) for more information.
 
 ## Device cannot access update files
-Check that your device can access these Windows Update endpoints:
 
-- `http://windowsupdate.microsoft.com`
-- `http://*.windowsupdate.microsoft.com`
-- `https://*.windowsupdate.microsoft.com`
-- `http://*.update.microsoft.com`
-- `https://*.update.microsoft.com`
-- `http://*.windowsupdate.com`
-- `http://download.windowsupdate.com`
-- `https://download.microsoft.com`
-- `http://*.download.windowsupdate.com`
-- `http://wustat.windows.com`
-- `http://ntservicepack.microsoft.com`
-- `https://*.prod.do.dsp.mp.microsoft.com`
-- `http://*.dl.delivery.mp.microsoft.com`
-- `https://*.delivery.mp.microsoft.com`
-- `https://tsfe.trafficshaping.dsp.mp.microsoft.com`
- 
- Allow these endpoints for future use.
+Ensure that devices can reach necessary Windows Update endpoints through the firewall. For example, for Windows 10, version 2004, the following protocols must be able to reach these respective endpoints:
+
+
+|Protocol  |Endpoint URL  |
+|---------|---------|
+|TLS 1.2         |  `*.prod.do.dsp.mp.microsoft.com`      |
+|HTTP     | `emdl.ws.microsoft.com`        |
+|HTTP     | `*.dl.delivery.mp.microsoft.com`        |
+|HTTP     |  `*.windowsupdate.com`       |
+|HTTPS     |  `*.delivery.mp.microsoft.com`       |
+|TLS 1.2     | `*.update.microsoft.com`        |
+|TLS 1.2     |  `tsfe.trafficshaping.dsp.mp.microsoft.com`       |
+
+> [!NOTE]
+> Be sure not to use HTTPS for those endpoints that specify HTTP, and vice versa. The connection will fail.
+
+The specific endpoints can vary between Windows 10 versions. See, for example, [Windows 10 2004 Enterprise connection endpoints](https://docs.microsoft.com/windows/privacy/manage-windows-2004-endpoints). Similar articles for other Windows 10 versions are available in the table of contents nearby.
+
  
 ## Updates aren't downloading from the intranet endpoint (WSUS or Configuration Manager) 
-Windows 10 devices can receive updates from a variety of sources, including Windows Update online, a Windows Server Update Services server, and others. To determine the source of Windows Updates currently being used on a device, follow these steps:  
+Windows 10 devices can receive updates from a variety of sources, including Windows Update online, a Windows Server Update Services server, and others. To determine the source of Windows Updates currently being used on a device, follow these steps: 
+ 
 1. Start Windows PowerShell as an administrator.
 2. Run \$MUSM = New-Object -ComObject "Microsoft.Update.ServiceManager". 
 3. Run \$MUSM.Services.  
@@ -192,14 +192,14 @@ Check the output for the Name and OffersWindowsUPdates parameters, which you can
 |- Name: Windows Update<br>- OffersWindowsUpdates: True|- The source is Windows Update. <br>- The client is configured to receive updates from Windows Update Online.| 
  
 ## You have a bad setup in the environment 
-If we look at the GPO being set through registry, the system is configured to use WSUS to download updates: 
+In this example, per the Group Policy set through registry, the system is configured to use WSUS to download updates (note the second line): 
 
 ```console
 HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU] 
-"UseWUServer"=dword:00000001                                        ===================================> it says use WSUS server.  
+"UseWUServer"=dword:00000001
 ```
 
-From the WU logs: 
+From Windows Update logs: 
 ```console
 2018-08-06 09:33:31:085  480 1118 Agent ** START **  Agent: Finding updates [CallerId = OperationalInsight  Id = 49] 
 2018-08-06 09:33:31:085  480 1118 Agent ********* 
@@ -215,7 +215,7 @@ From the WU logs:
 
 In the above log snippet, we see that the Criteria = "IsHidden = 0 AND DeploymentAction=*". "*" means there is nothing specified from the server. So, the scan happens but there is no direction to download or install to the agent. So it just scans the update and provides the results. 
 
-Now if you look at the below logs, the Automatic update runs the scan and finds no update approved for it. So it reports there are 0 updates to install or download. This is due to bad setup or configuration in the environment. The WSUS side should approve the patches for WU so that it fetches the updates and installs it on the specified time according to the policy. Since this scenario doesn't include Configuration Manager, there's no way to install unapproved updates. And that is the problem you are facing. You expect that the scan should be done by the operational insight agent and automatically trigger download and install but that won’t happen here.  
+Now if you look at the below logs, the Automatic update runs the scan and finds no update approved for it. So it reports there are no updates to install or download. This is due to an incorrect configuration. The WSUS side should approve the updates for Windows Update so that it fetches the updates and installs them at the specified time according to the policy. Since this scenario doesn't include Configuration Manager, there's no way to install unapproved updates. You're expecting the operational insight agent to do the scan and automatically trigger the download and installation but that won’t happen with this configuration.  
 
 ```console
 2018-08-06 10:58:45:992  480 5d8 Agent ** START **  Agent: Finding updates [CallerId = AutomaticUpdates  Id = 57] 

From 69d5498bc33f85474f0bb932c1443d39afa58ac5 Mon Sep 17 00:00:00 2001
From: Tudor Dobrila <tudor.dobrila@microsoft.com>
Date: Wed, 11 Nov 2020 13:14:26 -0800
Subject: [PATCH 6/9] Move Big Sur note to top of What's new page and on
 landing page

---
 .../microsoft-defender-atp/mac-whatsnew.md    | 22 +------------------
 .../microsoft-defender-atp-mac.md             |  5 ++++-
 2 files changed, 5 insertions(+), 22 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
index 7c00c8af5a..aade908feb 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
@@ -23,25 +23,8 @@ ms.topic: conceptual
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-
 > [!IMPORTANT]
-> In preparation for macOS 11 Big Sur, we are getting ready to release an update to Microsoft Defender for Endpoint for Mac that will leverage new system extensions instead of kernel extensions. Apple will stop supporting kernel extensions starting macOS 11 Big Sur version. Therefore an update to the Microsoft Defender for Endpoint for Mac agent is required on all eligible macOS devices prior to moving these devices to macOS 11.
-> 
-> The update is applicable to devices running macOS version 10.15.4 or later.
-> 
-> To ensure that the Microsoft Defender for Endpoint for Mac update is delivered and applied seamlessly from an end-user experience perspective, a new remote configuration must be deployed to all eligible macOS devices before Microsoft publishes the new agent version. If the configuration is not deployed prior to the Microsoft Defender for Endpoint for Mac agent update, end-users will be presented with a series of system dialogs asking to grant the agent all necessary permissions associated with the new system extensions.
-> 
-> Timing: 
-> - Organizations that previously opted into Microsoft Defender for Endpoint preview features in Microsoft Defender Security Center, must be ready for Microsoft Defender for Endpoint for Mac agent update **by August 10, 2020**.
-> - Organizations that do not participate in public previews for Microsoft Defender for Endpoint features, must be ready **by September 07, 2020**.
-> 
-> Action is needed by IT administrator. Review the steps below and assess the impact on your organization:
-> 
-> 1. Deploy the specified remote configuration to eligible macOS devices before Microsoft publishes the new agent version. <br/>
-> Even though Microsoft Defender for Endpoint for Mac new implementation based on system extensions is only applicable to devices running macOS version 10.15.4 or later, deploying configuration proactively across the entire macOS fleet will ensure that even down-level devices are prepared for the day when Apple releases macOS 11 Big Sur and will ensure that Microsoft Defender for Endpoint for Mac continues protecting all macOS devices regardless OS version they were running prior to the Big Sur upgrade.
-> 
-> 2. Refer to this documentation for detailed configuration information and instructions: [New configuration profiles for macOS Catalina and newer versions of macOS](mac-sysext-policies.md).
-> 3. Monitor this page for an announcement of the actual release of MDATP for Mac agent update.
+> Extensive testing of MDE (Microsoft Defender for Endpoint) with new system extensions on macOS 11 (Big Sur) revealed an intermittent issue that impacts macOS devices with specific graphic cards models. In rare cases on impacted macOS devices calls into macOS system extensions were seen resulting in kernel panic. Microsoft is actively working with Apple engineering to clarify profile of impacted devices and to address this macOS issue.
 
 ## 101.10.72
 
@@ -57,9 +40,6 @@ ms.topic: conceptual
 
 - This product version has been validated on macOS Big Sur 11 beta 9
 
-  > [!IMPORTANT]
-  > Extensive testing of MDE (Microsoft Defender for Endpoint) with new macOS system extensions revealed an intermittent issue that impacts macOS devices with specific graphic cards models. In rare cases on impacted macOS devices calls into macOS system extensions were seen resulting in kernel panic. Microsoft is actively working with Apple engineering to clarify profile of impacted devices and to address this macOS issue.
-
 - The new syntax for the `mdatp` command-line tool is now the default one. For more information on the new syntax, see [Resources for Microsoft Defender for Endpoint for Mac](mac-resources.md#configuring-from-the-command-line)
 
   > [!NOTE]
diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
index e0e09fc815..808f3f9bc1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
@@ -65,10 +65,13 @@ There are several methods and deployment tools that you can use to install and c
 
 The three most recent major releases of macOS are supported.
 
+> [!IMPORTANT]
+> Extensive testing of MDE (Microsoft Defender for Endpoint) with new system extensions on macOS 11 (Big Sur) revealed an intermittent issue that impacts macOS devices with specific graphic cards models. In rare cases on impacted macOS devices calls into macOS system extensions were seen resulting in kernel panic. Microsoft is actively working with Apple engineering to clarify profile of impacted devices and to address this macOS issue.
+
 - 10.15 (Catalina), 10.14 (Mojave), 10.13 (High Sierra)
 - Disk space: 1GB
 
-Beta versions of macOS are not supported. macOS Sierra (10.12) support ended on January 1, 2020.
+Beta versions of macOS are not supported.
 
 After you've enabled the service, you may need to configure your network or firewall to allow outbound connections between it and your endpoints.
 

From 6b5b3b3dd2d785f4d14f95af57360b2b3a8ba962 Mon Sep 17 00:00:00 2001
From: Tudor Dobrila <tudor.dobrila@microsoft.com>
Date: Wed, 11 Nov 2020 13:32:29 -0800
Subject: [PATCH 7/9] Add info on how to submit feedback

---
 .../threat-protection/microsoft-defender-atp/mac-whatsnew.md    | 2 +-
 .../microsoft-defender-atp/microsoft-defender-atp-mac.md        | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
index aade908feb..eb1f868d60 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
@@ -24,7 +24,7 @@ ms.topic: conceptual
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 > [!IMPORTANT]
-> Extensive testing of MDE (Microsoft Defender for Endpoint) with new system extensions on macOS 11 (Big Sur) revealed an intermittent issue that impacts macOS devices with specific graphic cards models. In rare cases on impacted macOS devices calls into macOS system extensions were seen resulting in kernel panic. Microsoft is actively working with Apple engineering to clarify profile of impacted devices and to address this macOS issue.
+> Extensive testing of MDE (Microsoft Defender for Endpoint) with new system extensions on macOS 11 (Big Sur) revealed an intermittent issue that impacts macOS devices with specific graphic cards models. In rare cases on impacted macOS devices calls into macOS system extensions were seen resulting in kernel panic. Microsoft is actively working with Apple engineering to clarify profile of impacted devices and to address this macOS issue. In the meantime, if you encounter such a kernel panic, please submit a feedback report to Apple through the Feedback Assistant app.
 
 ## 101.10.72
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
index 808f3f9bc1..de9fa4ec68 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
@@ -66,7 +66,7 @@ There are several methods and deployment tools that you can use to install and c
 The three most recent major releases of macOS are supported.
 
 > [!IMPORTANT]
-> Extensive testing of MDE (Microsoft Defender for Endpoint) with new system extensions on macOS 11 (Big Sur) revealed an intermittent issue that impacts macOS devices with specific graphic cards models. In rare cases on impacted macOS devices calls into macOS system extensions were seen resulting in kernel panic. Microsoft is actively working with Apple engineering to clarify profile of impacted devices and to address this macOS issue.
+> Extensive testing of MDE (Microsoft Defender for Endpoint) with new system extensions on macOS 11 (Big Sur) revealed an intermittent issue that impacts macOS devices with specific graphic cards models. In rare cases on impacted macOS devices calls into macOS system extensions were seen resulting in kernel panic. Microsoft is actively working with Apple engineering to clarify profile of impacted devices and to address this macOS issue. In the meantime, if you encounter such a kernel panic, please submit a feedback report to Apple through the Feedback Assistant app.
 
 - 10.15 (Catalina), 10.14 (Mojave), 10.13 (High Sierra)
 - Disk space: 1GB

From e010ec40ecebb9e6742e23759bec59f32cb5f2ac Mon Sep 17 00:00:00 2001
From: Gary Moore <v-gmoor@microsoft.com>
Date: Wed, 11 Nov 2020 14:27:18 -0800
Subject: [PATCH 8/9] Added missing period

---
 .../microsoft-defender-atp/microsoft-defender-atp-mac.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
index de9fa4ec68..0121869dec 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
@@ -133,7 +133,7 @@ mdatp --connectivity-test
 
 ## How to update Microsoft Defender for Endpoint for Mac
 
-Microsoft regularly publishes software updates to improve performance, security, and to deliver new features. To update Microsoft Defender for Endpoint for Mac, a program named Microsoft AutoUpdate (MAU) is used. To learn more, see [Deploy updates for Microsoft Defender for Endpoint for Mac](mac-updates.md)
+Microsoft regularly publishes software updates to improve performance, security, and to deliver new features. To update Microsoft Defender for Endpoint for Mac, a program named Microsoft AutoUpdate (MAU) is used. To learn more, see [Deploy updates for Microsoft Defender for Endpoint for Mac](mac-updates.md).
 
 ## How to configure Microsoft Defender for Endpoint for Mac
 

From e624979559251339bcf0c679e4053ced51220e88 Mon Sep 17 00:00:00 2001
From: Beth Levin <elizabeth.levin@microsoft.com>
Date: Wed, 11 Nov 2020 15:07:01 -0800
Subject: [PATCH 9/9] value prop

---
 .../microsoft-defender-atp/tvm-prerequisites.md                 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-prerequisites.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-prerequisites.md
index 8ccaa9eb8d..62b6d8fcfc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-prerequisites.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-prerequisites.md
@@ -41,7 +41,7 @@ Ensure that your devices:
 > Windows 10 Version 1809 | [KB 4516077](https://support.microsoft.com/help/4516077/windows-10-update-kb4516077)
 > Windows 10 Version 1903 | [KB 4512941](https://support.microsoft.com/help/4512941/windows-10-update-kb4512941)
 
-- Are onboarded to [Microsoft Intune](https://docs.microsoft.com/mem/intune/fundamentals/what-is-intune) and  [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/mem/configmgr/protect/deploy-use/endpoint-protection-configure). If you're using Configuration Manager, update your console to the latest version.
+- Are onboarded to [Microsoft Intune](https://docs.microsoft.com/mem/intune/fundamentals/what-is-intune) and  [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/mem/configmgr/protect/deploy-use/endpoint-protection-configure) to help remediate threats found by threat and vulnerability management. If you're using Configuration Manager, update your console to the latest version.
 - Have at least one security recommendation that can be viewed in the device page
 - Are tagged or marked as co-managed