Merge branch 'master' of https://cpubwin.visualstudio.com/_git/it-client into FromPrivateRepo

mdop/mbam-v25/how-to-enable-bitlocker-by-using-mbam-as-part-of-a-windows-deploymentmbam-25.md

@@ -47,7 +47,7 @@ This topic explains how to enable BitLocker on an end user's computer by using M
     -   Escrow TPM OwnerAuth
     For Windows 7, MBAM must own the TPM for escrow to occur.
     For Windows 8.1, Windows 10 RTM and Windows 10 version 1511, escrow of TPM OwnerAuth is supported.
-    For Windows 10, version 1607 or later, only Windows can take ownership of the TPM. In addiiton, Windows will not retain the TPM owner password when provisioning the TPM. See [TPM owner password](https://technet.microsoft.com/itpro/windows/keep-secure/change-the-tpm-owner-password) for further details.
+    For Windows 10, version 1607 or later, only Windows can take ownership of the TPM. In addiiton, Windows will not retain the TPM owner password when provisioning the TPM. See [TPM owner password](https://docs.microsoft.com/en-us/windows/security/hardware-protection/tpm/change-the-tpm-owner-password) for further details.
 
     -   Escrow recovery keys and recovery key packages
 
@@ -66,7 +66,7 @@ This topic explains how to enable BitLocker on an end user's computer by using M
    <a href="" id="mbam-machine-wmi-class"></a>**MBAM\_Machine WMI Class**
    **PrepareTpmAndEscrowOwnerAuth:** Reads the TPM OwnerAuth and sends it to the MBAM recovery database by using the MBAM recovery service. If the TPM is not owned and auto-provisioning is not on, it generates a TPM OwnerAuth and takes ownership. If it fails, an error code is returned for troubleshooting.
 
-   **Note** For Windows 10, version 1607 or later, only Windows can take ownership of the TPM. In addiiton, Windows will not retain the TPM owner password when provisioning the TPM. See [TPM owner password](https://technet.microsoft.com/itpro/windows/keep-secure/change-the-tpm-owner-password) for further details.
+   **Note** For Windows 10, version 1607 or later, only Windows can take ownership of the TPM. In addiiton, Windows will not retain the TPM owner password when provisioning the TPM. See [TPM owner password](https://docs.microsoft.com/en-us/windows/security/hardware-protection/tpm/change-the-tpm-owner-password) for further details.
 
 | Parameter | Description |
 | -------- | ----------- |
@@ -179,7 +179,7 @@ Here are a list of common error messages:
             3.  Name the step **Persist TPM OwnerAuth**
 
             4.  Set the command line to `cscript.exe "%SCRIPTROOT%/SaveWinPETpmOwnerAuth.wsf"`
-            **Note:** For Windows 10, version 1607 or later, only Windows can take ownership of the TPM. In addiiton, Windows will not retain the TPM owner password when provisioning the TPM. See [TPM owner password](https://technet.microsoft.com/itpro/windows/keep-secure/change-the-tpm-owner-password) for further details.
+            **Note:** For Windows 10, version 1607 or later, only Windows can take ownership of the TPM. In addiiton, Windows will not retain the TPM owner password when provisioning the TPM. See [TPM owner password](https://docs.microsoft.com/en-us/windows/security/hardware-protection/tpm/change-the-tpm-owner-password) for further details.
 
         3.  In the **State Restore** folder, delete the **Enable BitLocker** task.
 

windows/security/threat-protection/TOC.md

@@ -105,6 +105,7 @@
 
 
 ### [Get started](windows-defender-atp/get-started.md)
+#### [What's new in Windows Defender ATP](windows-defender-atp/whats-new-in-windows-defender-atp.md)
 #### [Minimum requirements](windows-defender-atp/minimum-requirements-windows-defender-advanced-threat-protection.md)
 #### [Validate licensing and complete setup](windows-defender-atp/licensing-windows-defender-advanced-threat-protection.md)
 #### [Preview features](windows-defender-atp/preview-windows-defender-advanced-threat-protection.md)
@@ -142,7 +143,6 @@
 ###### [Import/export configurations](windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md)
 ##### [Network protection](windows-defender-exploit-guard/enable-network-protection.md)
 ##### [Controlled folder access](windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md)
-###### [Customize controlled folder access](windows-defender-exploit-guard/customize-controlled-folders-exploit-guard.md)
 ##### [Attack surface reduction controls](windows-defender-exploit-guard/enable-attack-surface-reduction.md)
 ###### [Customize attack surface reduction](windows-defender-exploit-guard/customize-attack-surface-reduction.md)
 ##### [Network firewall](windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md)
@@ -465,9 +465,6 @@
 
 ### [Windows Defender Device Guard: virtualization-based security and WDAC](device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md)
 
-### [Use attack surface reduction rules in Windows 10 Enterprise E3](windows-defender-exploit-guard/attack-surface-reduction-rules-in-windows-10-enterprise-e3.md)
-
-
 ### [Control the health of Windows 10-based devices](protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md)
 
 ### [Mitigate threats by using Windows 10 security features](overview-of-threat-mitigations-in-windows-10.md)

windows/security/threat-protection/windows-defender-exploit-guard/customize-controlled-folders-exploit-guard.md

@@ -11,7 +11,6 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 10/02/2018
 ---
 
 # Customize controlled folder access
@@ -40,7 +39,7 @@ You can add additional folders to be protected, but you cannot remove the defaul
 
 Adding other folders to controlled folder access can be useful, for example, if you don't store files in the default Windows libraries or you've changed the location of the libraries away from the defaults.
 
-You can also enter network shares and mapped drives. Environment variables and wildcards are supported. For information about using wildcards, see [Use wildcards in the file name and folder path or extension exclusion lists](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10). 
+You can also enter network shares and mapped drives. Environment variables and wildcards are supported. For information about using wildcards, see [Use wildcards in the file name and folder path or extension exclusion lists](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus#use-wildcards-in-the-file-name-and-folder-path-or-extension-exclusion-lists). 
 
 
 You can use the Windows Security app or Group Policy to add and remove additional protected folders.

windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md

@@ -11,7 +11,6 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 02/14/2019
 ---
 
 # Enable controlled folder access
@@ -82,8 +81,7 @@ Use `Disabled` to turn the feature off.
 
 ### Use MDM CSPs to enable controlled folder access
 
-Use the [./Vendor/MSFT/Policy/Config/Defender/GuardedFoldersList](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-guardedfolderslist) configuration service provider (CSP) to allow apps to make changes to protected folders. 
-
+Use the [./Vendor/MSFT/Policy/Config/ControlledFolderAccessProtectedFolders](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-controlledfolderaccessprotectedfolders) configuration service provider (CSP) to allow apps to make changes to protected folders. 
 
 ## Related topics