Resolve merge conflict

2025-05-12 13:27:23 +00:00 · 2023-06-06 10:33:05 -04:00 · 2023-06-06 10:33:05 -04:00 · 9a4cf7a855
commit 9a4cf7a855
parent a777d269ce ab200d3bbe
69 changed files with 974 additions and 1237 deletions
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@ -5441,8 +5441,8 @@
      "redirect_document_id": false
    },
    {
-      "source_path": "windows/device-security/bitlocker/bitlocker-overview.md",
+      "source_path": "windows/device-security/bitlocker/index.md",
-      "redirect_url": "/windows/security/information-protection/bitlocker/bitlocker-overview",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/index",
      "redirect_document_id": false
    },
    {
@ -9836,8 +9836,8 @@
      "redirect_document_id": false
    },
    {
-      "source_path": "windows/keep-secure/bitlocker-overview.md",
+      "source_path": "windows/keep-secure/index.md",
-      "redirect_url": "/windows/device-security/bitlocker/bitlocker-overview",
+      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/index",
      "redirect_document_id": false
    },
    {
@ -21579,6 +21579,191 @@
      "source_path": "windows/security/apps.md",
      "redirect_url": "/windows/security/application-security",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/encrypted-hard-drive.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/encrypted-hard-drive",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bcd-settings-and-bitlocker",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-basic-deployment",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bitlocker-countermeasures.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-countermeasures",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bitlocker-deployment-comparison.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-deployment-comparison",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-device-encryption-overview-windows-10",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-group-policy-settings",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-how-to-enable-network-unlock",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-management-for-enterprises",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-recovery-guide-plan",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/personal-data-encryption/configure-pde-in-intune.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/configure-pde-in-intune",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/personal-data-encryption/pde-in-intune/intune-disable-arso.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-arso",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/personal-data-encryption/pde-in-intune/intune-disable-hibernation.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-hibernation",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/personal-data-encryption/pde-in-intune/intune-disable-memory-dumps.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-memory-dumps",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/personal-data-encryption/pde-in-intune/intune-disable-password-connected-standby.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-password-connected-standby",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/personal-data-encryption/pde-in-intune/intune-disable-wer.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-wer",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/personal-data-encryption/pde-in-intune/intune-enable-pde.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-enable-pde",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/encryption-data-protection.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/index",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/personal-data-encryption/faq-pde.yml",
      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/faq-pde",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-and-adds-faq",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-deployment-and-administration-faq",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bitlocker-frequently-asked-question.yml",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-frequently-asked-question",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bitlocker-key-management-faq.yml",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-key-management-faq",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.yml",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-network-unlock-faq",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-overview-and-requirements-faq",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bitlocker-security-faq.yml",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-security-faq",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bitlocker-to-go-faq.yml",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-to-go-faq",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.yml",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-upgrading-faq",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-using-with-other-programs-faq",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-frequently-asked-questions",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/bitlocker/bitlocker-overview.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/bitlocker/index",
      "redirect_document_id": false
    },
    {
      "source_path": "windows/security/information-protection/personal-data-encryption/overview-pde.md",
      "redirect_url": "/windows/security/operating-system-security/data-protection/personal-data-encryption/index",
      "redirect_document_id": false
    }    
  ]
 }
--- a/windows/application-management/provisioned-apps-windows-client-os.md
+++ b/windows/application-management/provisioned-apps-windows-client-os.md
@ -4,7 +4,7 @@ description: Use the Windows PowerShell Get-AppxProvisionedPackage command to ge
 author: nicholasswhite
 ms.author: nwhite
 manager: aaroncz
-ms.date: 01/12/2023
+ms.date: 06/05/2023
 ms.topic: article
 ms.prod: windows-client
 ms.technology: itpro-apps
@ -47,17 +47,47 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
  - Supported versions:
    ---
-    | Uninstall through UI? | 22H2| 21H1 | 20H2 | 
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
-    | ✔️ | ✔️ | ✔️ ||
+    | ✔️ | ✔️ | ✔️ | ✔️️|
    ---
- [Bing Weather](ms-windows-store://pdp/?PFN=Microsoft.BingWeather_8wekyb3d8bbwe) | Package name: Microsoft.BingWeather
+- [Clipchamp](ms-windows-store://pdp/?ProductId=9P1J8S7CCWWT) | Package name: Clipchamp.Clipchamp
  - Supported versions:
    ---
-    | Uninstall through UI? | 22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 |
    | --- | --- | --- | --- |
    | ✔️ | ✔️ | ✔️ | ❌️|
    ---
 - [Cortana](ms-windows-store://pdp/?PFN=Microsoft.549981C3f5f10_8wekyb3d8bbwe) | Package name: Microsoft.549981C3f5f10
  - Supported versions:
    ---
    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 |
    | --- | --- | --- | --- |
    | ❌ | ✔️ | ✔️ | ✔️️|
    ---
 - [Microsoft News](ms-windows-store://pdp/?PFN=Microsoft.BingNews_8wekyb3d8bbwe) | Package name: Microsoft.BingNews
  - Supported versions:
    ---
    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 |
    | --- | --- | --- | --- |
    | ✔️ | ✔️ | ✔️ | ✔️️|
    ---
 - [MSN Weather](ms-windows-store://pdp/?PFN=Microsoft.BingWeather_8wekyb3d8bbwe) | Package name: Microsoft.BingWeather
  - Supported versions:
    ---
    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ✔️ | ✔️ | ✔️ | ✔️️|
@ -67,17 +97,27 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
  - Supported versions:
    ---
-    | Uninstall through UI? | 22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | Use Settings App | ✔️ | ✔️ | ✔️|
    ---
 - [Xbox App](ms-windows-store://pdp/?PFN=Microsoft.GamingApp_8wekyb3d8bbwe) | Package name: Microsoft.GamingApp
  - Supported versions:
    ---
    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ✔️ | ✔️ | ✔️ | ✔️️|
    ---
 - [Get Help](ms-windows-store://pdp/?PFN=Microsoft.Gethelp_8wekyb3d8bbwe) | Package name: Microsoft.GetHelp
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    |---| --- | --- | --- |
    | ❌ |  ✔️| ✔️| ✔️|
@ -87,7 +127,7 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️| ✔️|
@ -97,7 +137,7 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️| ✔️| ✔️|
@ -107,39 +147,49 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
-    | ❌ |  ✔️|||
+    | ✔️ |  ✔️| ✔️| ✔️|
    ---  
    >[!NOTE]
    >For devices running Windows 11, version 21H2, and any supported version of Windows 10, you need to acquire the [HEVC Video Extensions](ms-windows-store://pdp/?productid=9NMZLZ57R3T7) from the Microsoft Store.
 - [Microsoft Edge](ms-windows-store://pdp/?productid=XPFFTQ037JWMHS) | Package name:Microsoft.MicrosoftEdge.Stable
  - Supported versions:
    ---
    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
    ---
 - [Microsoft Messaging](ms-windows-store://pdp/?PFN=Microsoft.Messaging_8wekyb3d8bbwe) | Package name:Microsoft.Messaging
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
-    | ❌ |  ✔️ | ✔️ | ✔️|  
+    | ✔️ |  ✔️ | ✔️ | ✔️|  
    ---
- [Microsoft 3D Viewer](ms-windows-store://pdp/?PFN=Microsoft.Microsoft3DViewer_8wekyb3d8bbwe) | Package name: Microsoft.Microsoft3DViewer
+- [3D Viewer](ms-windows-store://pdp/?PFN=Microsoft.Microsoft3DViewer_8wekyb3d8bbwe) | Package name: Microsoft.Microsoft3DViewer
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
-    | ❌ |  ✔️ | ✔️ | ✔️|  
+    | ✔️ |  ✔️ | ✔️ | ✔️|  
    ---
- [Office](ms-windows-store://pdp/?PFN=Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe) | Package name: Microsoft.MicrosoftOfficeHub
+- [Microsoft 365 (Office)](ms-windows-store://pdp/?PFN=Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe) | Package name: Microsoft.MicrosoftOfficeHub
  - Supported versions:
    ---
-    | Uninstall through UI? | 22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ✔️ | ✔️ | ✔️ | ✔️️|
@ -149,7 +199,7 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
  - Supported versions:
    ---
-    | Uninstall through UI? | 22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ✔️ | ✔️ | ✔️ | ✔️️|
@ -159,9 +209,9 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
-    | ❌ |  ✔️ | ✔️ | ✔️|  
+    | ✔️ |  ✔️ | ✔️ | ✔️|  
    ---
@ -169,19 +219,19 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
-    | ❌ |  ✔️ | ✔️ | ✔️|  
+    | ✔️ |  ✔️ | ✔️ | ✔️|  
    ---
- [Paint 3D](ms-windows-store://pdp/?PFN=Microsoft.MSPaint_8wekyb3d8bbwe) | Package name: Microsoft.MSPaint
+- [MPEG2 Video Extension](ms-windows-store://pdp/?PFN=Microsoft.MPEG2VideoExtension_8wekyb3d8bbwe) | Package name: Microsoft.MPEG2VideoExtension
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
-    | ❌ |  ✔️ | ✔️ | ✔️|  
+    | ✔️ |  ✔️ | ✔️ | ✔️|  
    ---
@ -189,9 +239,9 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
  - Supported versions:
    ---
-    | Uninstall through UI? | 22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
-    | ✔️ | ✔️ | ✔️ | ✔️️|
+    | ✔️ | ❌ | ✔️ | ✔️️|
    ---
@ -201,25 +251,45 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
    ---
    | Uninstall through UI? |22H2| 21H1 | 20H2 |
    | --- | --- | --- | --- |
    | ✔️ |  ✔️ | ✔️ | ✔️|  
    ---
 - OneDrive Sync | Package name: Microsoft.OneDriveSync
  - Supported versions:
    ---
    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
    ---
- Microsoft.Outlook.DesktopIntegrationServices
+- Outlook Desktop Integration | Package name: Microsoft.OutlookDesktopIntegrationServices
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
-    | |  ✔️ | ✔️ | ✔️|  
+    | ✔️ |  ✔️ | ✔️ | ✔️|  
    ---
- [Microsoft People](ms-windows-store://pdp/?PFN=Microsoft.People_8wekyb3d8bbwe) | Package name: Microsoft.People
+- [Paint](ms-windows-store://pdp/?PFN=Microsoft.paint_8wekyb3d8bbwe) | Package name: Microsoft.Paint
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ✔️ |  ✔️ | ✔️ | ✔️|  
    ---
 - [People](ms-windows-store://pdp/?PFN=Microsoft.people_8wekyb3d8bbwe) | Package name: Microsoft.People
  - Supported versions:
    ---
    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
@ -229,57 +299,78 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ❌ | ✔️ | ✔️|  
    ---
 - [Raw Image Extension](ms-windows-store://pdp/?PFN=Microsoft.RawImageExtension_8wekyb3d8bbwe) | Package name: Microsoft.RawImageExtension
  - Supported versions:
    ---
    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
    ---
- [Snip & Sketch](ms-windows-store://pdp/?PFN=Microsoft.ScreenSketch_8wekyb3d8bbwe) | Package name: Microsoft.ScreenSketch
+- [Snipping Tool](ms-windows-store://pdp/?PFN=Microsoft.ScreenSketch_8wekyb3d8bbwe) | Package name: Microsoft.ScreenSketch
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ✔️ |  ✔️ | ✔️ | ✔️|  
    ---
 - Store Purchase App | Package name: Microsoft.StorePurchaseApp
  - Supported versions:
    ---
    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
    ---
- [Skype](ms-windows-store://pdp/?PFN=Microsoft.SkypeApp_kzf8qxf38zg5c) | Package name: Microsoft.SkypeApp
+- [Microsoft To Do](ms-windows-store://pdp/?PFN=Microsoft.ToDos_8wekyb3d8bbwe) | Package name: Microsoft.ToDos
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ✔️ |  ✔️ | ✔️ | ✔️|  
    ---
 - UI.Xaml | Package name: Microsoft.UI.Xaml
  - Supported versions:
    ---
    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
    ---
- [Store Purchase App](ms-windows-store://pdp/?PFN=Microsoft.StorePurchaseApp_8wekyb3d8bbwe) | Package name: Microsoft.StorePurchaseApp
+- VCLibs | Package name: Microsoft.VCLibs
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
    ---
- Microsoft.VP9VideoExtensions
+
 - [VP9 Video Extensions](ms-windows-store://pdp/?PFN=Microsoft.VP9VideoExtensions_8wekyb3d8bbwe) | Microsoft.VP9VideoExtensions
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
    ---
 - [Microsoft Pay](ms-windows-store://pdp/?PFN=Microsoft.Wallet_8wekyb3d8bbwe) | Package name: Microsoft.Wallet
  - Supported versions:
    ---
    | Uninstall through UI? |22H2| 21H1 | 20H2 |
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
@ -289,7 +380,7 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
@ -299,17 +390,27 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
    ---
 - [Whiteboard](ms-windows-store://pdp/?PFN=Microsoft.Whiteboard_8wekyb3d8bbwe) | Package name: Microsoft.Whiteboard
  - Supported versions:
    ---
    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ✔️ |  ✔️ | ✔️| ✔️|  
    ---
 - [Microsoft Photos](ms-windows-store://pdp/?PFN=Microsoft.Windows.Photos_8wekyb3d8bbwe) | Package name: Microsoft.Windows.Photos
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
@ -319,7 +420,7 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
@ -329,9 +430,9 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
-    | ❌ |  ✔️ | ✔️ | ✔️|  
+    | ✔️ |  ✔️ | ✔️ | ✔️|  
    ---
@ -339,7 +440,7 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
@ -349,7 +450,7 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
@ -359,7 +460,7 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
@ -369,19 +470,29 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
-    | ❌ |  ✔️ | ✔️ | ✔️|  
+    | ✔️ |  ✔️ | ✔️ | ✔️|  
    ---
- [Windows Voice Recorder](ms-windows-store://pdp/?PFN=Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe) | Package name: Microsoft.WindowsSoundRecorder
+- [Windows Notepad](ms-windows-store://pdp/?PFN=Microsoft.WindowsNotepad_8wekyb3d8bbwe) | Package name: Microsoft.Notepad
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
-    | ❌ |  ✔️ | ✔️ | ✔️|  
+    | ✔️ |  ✔️ | ✔️ | ✔️|  
    ---
 - [Windows Sound Recorder](ms-windows-store://pdp/?PFN=Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe) | Package name: Microsoft.WindowsSoundRecorder
  - Supported versions:
    ---
    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ✔️ |  ✔️ | ✔️ | ✔️|  
    ---
@ -389,29 +500,17 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
    ---
  - The Store app shouldn't be removed. If you remove the Store app, and want to reinstall it, you must restore your system from a backup, or reset your system. Instead of removing the Store app, use group policies to hide or disable it.
 - [Xbox Live in-game experience](ms-windows-store://pdp/?PFN=Microsoft.Xbox.TCUI_8wekyb3d8bbwe) | Package name: Microsoft.Xbox.TCUI
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
    ---
 - [Xbox Console Companion](ms-windows-store://pdp/?PFN=Microsoft.XboxApp_8wekyb3d8bbwe) | Package name: Microsoft.XboxApp
  - Supported versions:
    ---
    | Uninstall through UI? |22H2| 21H1 | 20H2 |
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
@ -421,7 +520,7 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
@ -431,7 +530,7 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
@ -441,37 +540,37 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
    ---
- Microsoft.XboxSpeechToTextOverlay
+- Xbox speech to text overlay | Package name: Microsoft.XboxSpeechToTextOverlay
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
    ---
- [Your Phone](ms-windows-store://pdp/?PFN=Microsoft.YourPhone_8wekyb3d8bbwe) | Package name: Microsoft.YourPhone
+- [Phone Link](ms-windows-store://pdp/?PFN=Microsoft.YourPhone_8wekyb3d8bbwe) | Package name: Microsoft.YourPhone
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
    ---
- [Groove Music](ms-windows-store://pdp/?PFN=Microsoft.ZuneMusic_8wekyb3d8bbwe) | Package name: Microsoft.ZuneMusic
+- [Windows Media Player](ms-windows-store://pdp/?PFN=Microsoft.ZuneMusic_8wekyb3d8bbwe) | Package name: Microsoft.ZuneMusic
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
@ -481,8 +580,28 @@ Provisioned apps are also listed in **Settings** > **Apps and Features**.
  - Supported versions:
    ---
-    | Uninstall through UI? |22H2| 21H1 | 20H2 |
+    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ✔️|  
    ---
 - [Quick Assist](ms-windows-store://pdp/?PFN=MicrosoftCorporationII.QuickAssist_8wekyb3d8bbwe) | Package name: MicrosoftCorporationII.QuickAssist
  - Supported versions:
    ---
    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ✔️ |  ✔️ | ✔️ | ✔️|  
    ---
 - Windows Web Experience | Package name: MicrosoftWindows.Client.WebExperience
  - Supported versions:
    ---
    | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
    | --- | --- | --- | --- |
    | ❌ |  ✔️ | ✔️ | ❌|  
    ---
--- a/windows/application-management/system-apps-windows-client-os.md
+++ b/windows/application-management/system-apps-windows-client-os.md
@ -4,7 +4,7 @@ description: Use the Windows PowerShell Get-AppxPackage command to get a list of
 author: nicholasswhite
 ms.author: nwhite
 manager: aaroncz
-ms.date: 2/14/2023
+ms.date: 6/05/2023
 ms.topic: article
 ms.prod: windows-client
 ms.technology: itpro-apps
@ -44,314 +44,323 @@ The following information lists the system apps on some Windows Enterprise OS ve
 - File Picker | Package name: 1527c705-839a-4832-9118-54d4Bd6a0c89
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - File Explorer | Package name: c5e2524a-ea46-4f67-841f-6a9465d9d515
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - App Resolver UX | Package name: E2A4F912-2574-4A75-9BB0-0D023378592B
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - Add Suggested Folders To Library | Package name: F46D4000-FD22-4DB4-AC8E-4E1DDDE828FE
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - InputApp
  ---
  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
  | --- | --- | --- | --- | --- | --- |
  | | ❌ | ❌ |  | | ✔️ |
  ---
 - Microsoft.AAD.Broker.Plugin | Package name: Microsoft.AAD.Broker.Plugin
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - Microsoft.AccountsControl | Package name: Microsoft.AccountsControl
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - Microsoft.AsyncTextService | Package name: Microsoft.AsyncTextService
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - Hello setup UI | Package name: Microsoft.BioEnrollment
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - Microsoft.CredDialogHost
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - Microsoft.ECApp
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - Microsoft.LockApp
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - Microsoft Edge | Package name: Microsoft.MicrosoftEdge
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - Microsoft.MicrosoftEdgeDevToolsClient
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - Microsoft.PPIProjection
  ---
  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
  | --- | --- | --- | --- | --- | --- |
  | | ❌ | ❌ |  | | ✔️ |
  ---
 - Microsoft.Win32WebViewHost
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - Microsoft.Windows.Apprep.ChxApp
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - Microsoft.Windows.AssignedAccessLockApp
  ---
  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
  | --- | --- | --- | --- | --- | --- |
  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
  ---
 - Microsoft.Windows.CapturePicker
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - Microsoft.Windows.CloudExperienceHost
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - Microsoft.Windows.ContentDeliveryManager
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
- Cortana | Package name: Microsoft.Windows.Cortana
+- Narrator QuckStart | Package name: Microsoft.Windows.NarratorQuickStart
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ |  | | ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - Microsoft.Windows.OOBENetworkCaptivePort
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - Microsoft.Windows.OOBENetworkConnectionFlow
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - Microsoft.Windows.ParentalControls
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - People Hub | Package name: Microsoft.Windows.PeopleExperienceHost
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - Microsoft.Windows.PinningConfirmationDialog
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
- Microsoft.Windows.SecHealthUI
+- Microsoft.Windows.PrintQueueActionCenter
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
- Microsoft.Windows.SecureAssessmentBrowser
+- Microsoft.Windows.ShellExperienceHost
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
- Start | Package name: Microsoft.Windows.ShellExperienceHost
+- Start | Microsoft.Windows.StartMenuExperienceHost
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - Microsoft.Windows.XGpuEjectDialog
  ---
  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
  | --- | --- | --- | --- |
  | | ✔️ | ✔️ | ✔️|
  ---
 - Microsoft.XboxGameCallableUI
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - MicrosoftWindows.Client.CBS
  ---
  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
  | --- | --- | --- | --- |
  | | ✔️ | ✔️ | ✔️|
  ---
 - MicrosoftWindows.Client.Core
  ---
  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
  | --- | --- | --- | --- |
  | | ✔️ | ✔️ | ✔️|
  ---
 - MicrosoftWindows.UndockedDevKit
  ---
  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
  | --- | --- | --- | --- |
  | | ✔️ | ✔️ | ✔️|
  ---
 - NcsiUwpApp
  ---
  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
  | --- | --- | --- | --- |
  | | ✔️ | ✔️ | ✔️|
  ---
 - Windows.CBSPreview
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - Settings | Package name: Windows.immersivecontrolpanel
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
 - Print 3D | Package name: Windows.Print3D
  ---
  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
  | --- | --- | --- | --- | --- | --- |
  | | ✔️ | ✔️ |  | | ✔️ |
  ---
 - Print UI | Package name: Windows.PrintDialog
  ---
-  | Uninstall through UI? | 22H2 | 22H1 | 21H2 | 20H2 | 1809 |
+  | Uninstall through UI? | KB5026446 | 22H2 | 21H2 | 
-  | --- | --- | --- | --- | --- | --- |
+  | --- | --- | --- | --- |
-  | | ❌ | ❌ | ✔️ | ✔️| ✔️ |
+  | | ✔️ | ✔️ | ✔️|
  ---
--- a/windows/deployment/update/update-policies.md
+++ b/windows/deployment/update/update-policies.md
@ -37,8 +37,8 @@ to opt out of automatic restarts until the deadline is reached (although we reco
 restarts for maximum update velocity).
 We recommend you set deadlines as follows:
- Quality update deadline, in days: 3
+- Quality update deadline, in days: 2
- Feature update deadline, in days: 7
+- Feature update deadline, in days: 2
 Notifications are automatically presented to the user at appropriate times, and users can choose to be reminded
 later, to reschedule, or to restart immediately, depending on how close the deadline is. We recommend that you
@ -62,7 +62,7 @@ be forced to update immediately when the user returns.
 We recommend you set the following:
- Grace period, in days: 2
+- Grace period, in days: 5
 Once the deadline and grace period have passed, updates are applied automatically, and a restart occurs
 regardless of [active hours](#active-hours).
--- a/windows/deployment/update/wufb-compliancedeadlines.md
+++ b/windows/deployment/update/wufb-compliancedeadlines.md
@ -36,7 +36,7 @@ With a current version, it's best to use the new policy introduced in June 2019
 |Policy|Location|Quality update deadline in days|Feature update deadline in days|Grace period in days|
 |-|-|-|-|-|
-|(Windows 10, version 1709 and later) Specify deadlines for automatic updates and restarts | GPO: Computer Configuration > Administrative Templates > Windows Components > Windows Update > Specify deadlines for automatic updates and restarts    | 3 | 7 | 2 |
+|(Windows 10, version 1709 and later) Specify deadlines for automatic updates and restarts | GPO: Computer Configuration > Administrative Templates > Windows Components > Windows Update > Specify deadlines for automatic updates and restarts    | 2 | 2 | 5 |
 When **Specify deadlines for automatic updates and restarts** is set (Windows 10, version 1709 and later):
--- a/windows/deployment/windows-autopatch/deploy/windows-autopatch-device-registration-overview.md
+++ b/windows/deployment/windows-autopatch/deploy/windows-autopatch-device-registration-overview.md
@ -1,7 +1,7 @@
 ---
 title: Device registration overview
 description: This article provides an overview on how to register devices in Autopatch
-ms.date: 05/08/2023
+ms.date: 06/06/2023
 ms.prod: windows-client
 ms.technology: itpro-updates
 ms.topic: conceptual
@ -115,13 +115,13 @@ The Windows Autopatch deployment ring calculation occurs during the device reg
 > [!NOTE]
 > You can customize the deployment ring calculation logic by editing the Default Autopatch group.
-| Deployment ring | Default device balancing percentage | Description |
+| Service-based deployment ring | Default Autopatch group deployment ring | Default device balancing percentage | Description |
-| ----- | ----- | ----- |
+| ----- | ----- | ----- | ----- |
-| Test | **zero** | Windows Autopatch doesn't automatically add devices to this deployment ring. You must manually add devices to the Test ring following the required procedure. For more information on these procedures, see [Moving devices in between deployment rings](/windows/deployment/windows-autopatch/operate/windows-autopatch-update-management#moving-devices-in-between-deployment-rings). The recommended number of devices in this ring, based upon your environment size, is as follows:<br><ul><li>**0–500** devices: minimum **one** device.</li><li>**500–5000** devices: minimum **five** devices.</li><li>**5000+** devices: minimum **50** devices.</li></ul>Devices in this group are intended for your IT Administrators and testers since changes are released here first. This release schedule provides your organization the opportunity to validate updates prior to reaching production users. |
+| Test | Test | **zero** | Windows Autopatch doesn't automatically add devices to this deployment ring. You must manually add devices to the Test ring following the required procedure. For more information on these procedures, see [Moving devices in between deployment rings](/windows/deployment/windows-autopatch/operate/windows-autopatch-update-management#moving-devices-in-between-deployment-rings). The recommended number of devices in this ring, based upon your environment size, is as follows:<br><ul><li>**0–500** devices: minimum **one** device.</li><li>**500–5000** devices: minimum **five** devices.</li><li>**5000+** devices: minimum **50** devices.</li></ul>Devices in this group are intended for your IT Administrators and testers since changes are released here first. This release schedule provides your organization the opportunity to validate updates prior to reaching production users. |
-| First |  **1%** | The First ring is the first group of production users to receive a change.<p><p>This group is the first set of devices to send data to Windows Autopatch and are used to generate a health signal across all end-users. For example, Windows Autopatch can generate a statistically significant signal saying that critical errors are trending up in a specific release for all end-users, but can't be confident that it's doing so in your organization.<p><p>Since Windows Autopatch doesn't yet have sufficient data to inform a release decision, devices in this deployment ring might experience outages if there are scenarios that weren't covered during early testing in the Test ring.|
+| First | Ring 1 |  **1%** | The First ring is the first group of production users to receive a change.<p><p>This group is the first set of devices to send data to Windows Autopatch and are used to generate a health signal across all end-users. For example, Windows Autopatch can generate a statistically significant signal saying that critical errors are trending up in a specific release for all end-users, but can't be confident that it's doing so in your organization.<p><p>Since Windows Autopatch doesn't yet have sufficient data to inform a release decision, devices in this deployment ring might experience outages if there are scenarios that weren't covered during early testing in the Test ring.|
-| Fast | **9%** | The Fast ring is the second group of production users to receive changes. The signals from the First ring are considered as a part of the release process to the Broad ring.<p><p>The goal with this deployment ring is to cross the **500**-device threshold needed to generate statistically significant analysis at the tenant level. These extra devices allow Windows Autopatch to consider the effect of a release on the rest of your devices and evaluate if a targeted action for your tenant is needed.</p> |
+| Fast | Ring 2 | **9%** | The Fast ring is the second group of production users to receive changes. The signals from the First ring are considered as a part of the release process to the Broad ring.<p><p>The goal with this deployment ring is to cross the **500**-device threshold needed to generate statistically significant analysis at the tenant level. These extra devices allow Windows Autopatch to consider the effect of a release on the rest of your devices and evaluate if a targeted action for your tenant is needed.</p> |
-| Broad | Either **80%** or **90%** | The Broad ring is the last group of users to receive software update deployments. Since it contains most of the devices registered with Windows Autopatch, it favors stability over speed in a software update deployment.|
+| Broad | Ring 3 | Either **80%** or **90%** | The Broad ring is the last group of users to receive software update deployments. Since it contains most of the devices registered with Windows Autopatch, it favors stability over speed in a software update deployment.|
-| Last | **zero** | The Last ring is intended to be used for either specialized devices or devices that belong to VIP/executives in an organization. Windows Autopatch doesn't automatically add devices to this deployment ring. |
+| N/A | Last | **zero** | The Last ring is intended to be used for either specialized devices or devices that belong to VIP/executives in an organization. Windows Autopatch doesn't automatically add devices to this deployment ring. |
 ## Software update-based to service-based deployment ring mapping
--- a/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-manage-autopatch-groups.md
+++ b/windows/deployment/windows-autopatch/deploy/windows-autopatch-groups-manage-autopatch-groups.md
@ -1,7 +1,7 @@
 ---
 title: Manage Windows Autopatch groups
 description: This article explains how to manage Autopatch groups
-ms.date: 05/11/2023
+ms.date: 06/05/2023
 ms.prod: windows-client
 ms.technology: itpro-updates
 ms.topic: how-to
@ -99,6 +99,10 @@ Before you start managing Autopatch groups, ensure you’ve met the following pr
 ## Edit the Default or a Custom Autopatch group
 > [!TIP]
 > You can't edit an Autopatch group when there's one or more Windows feature update releases targeted to it. If you try to edit an Autopatch group with one or more ongoing Windows feature update releases targeted to it, you get the following informational banner message: "**Some settings are not allowed to be modified as there’s one or more on-going Windows feature update release targeted to this Autopatch group.**"
 > See [Manage Windows feature update releases](../operate/windows-autopatch-groups-manage-windows-feature-update-release.md) for more information on release and phase statuses.
 **To edit either the Default or a Custom Autopatch group:**
 1. Select the **horizontal ellipses (…)** > **Edit** for the Autopatch group you want to edit.
@ -111,6 +115,18 @@ Before you start managing Autopatch groups, ensure you’ve met the following pr
 > [!IMPORTANT]
 > Windows Autopatch creates the device-based Azure AD assigned groups based on the choices made in the deployment ring composition page. Additionally, the service assigns the update ring policies for each deployment ring created in the Autopatch group based on the choices made in the Windows Update settings page as part of the Autopatch group guided end-user experience.
 ## Rename a Custom Autopatch group
 You **can’t** rename the Default Autopatch group. However, you can rename a Custom Autopatch group.
 **To rename a Custom Autopatch group:**
 1. Select the **horizontal ellipses (…)** > **Rename** for the Custom Autopatch group you want to rename. The **Rename Autopatch group** fly-in opens.
 1. In the **New Autopatch group name**, enter the new Autopatch group name of your choice, then click **Rename group**.
 > [!IMPORTANT]
 > Autopatch supports up to 64 characters for the custom Autopatch group name. Additionally, when you rename a custom Autopatch group all [update rings for Windows 10 and later policy in Intune](/mem/intune/protect/windows-10-update-rings) and [feature updates for Windows 10 and later policy in Intune](/mem/intune/protect/windows-10-feature-updates) associated with the custom Autopatch group are renamed to include the new Autopatch group name you define in its name string. Also, when renaming a custom Autopatch group all Azure AD groups representing the custom Autopatch group's deployment rings are renamed to include the new Autopatch group name you define in its name string.
 ## Delete a Custom Autopatch group
 You **can’t** delete the Default Autopatch group. However, you can delete a Custom Autopatch group.  
@ -125,10 +141,6 @@ You **can’t** delete the Default Autopatch group. However, you can delete a Cu
 ## Manage device conflict scenarios when using Autopatch groups
 > [!IMPORTANT]
 > The Windows Autopatch groups functionaliy is in **public preview**. This feature is being actively developed and not all device conflict detection and resolution scenarios are working as expected.
 > For more information on what to expect for this scenario during public preview, see [Known issues](#known-issues).
 Overlap in device membership is a common scenario when working with device-based Azure AD groups since sometimes dynamic queries can be large in scope or the same assigned device membership can be used across different Azure AD groups.
 Since Autopatch groups allow you to use your existing Azure AD groups to create your own deployment ring composition, the service takes on the responsibility of monitoring and automatically solving some of the device conflict scenarios that may occur.
@ -180,22 +192,6 @@ Autopatch groups will keep monitoring for all device conflict scenarios listed i
 This section lists known issues with Autopatch groups during its public preview.
 ### Device conflict scenarios when using Autopatch groups
 - **Status: Active**
 The Windows Autopatch team is aware that all device conflict scenarios listed below are currently being evaluated during the device registration process to make sure devices are properly registered with the service, and not evaluated post-device registration. The Windows Autopatch team is currently developing detection and resolution for the followin device conflict scenarios, and plan to make them available during public preview.
 - Default to Custom Autopatch device conflict detection and resolution.
 - Device conflict detection and resolution within an Autopatch group.
 - Custom to Custom Autopatch group device conflict detection.
 > [!TIP]
 > Use the following two best practices to help minimize device conflict scenarios when using Autopatch groups during the public preview:
 > 
 > - Review your software update deployment requirements thoroughly. If your deployment requirements allow, try using the Default Autopatch group as much as possible, instead of start creating Custom Autopatch groups. You can customize the Default Autopatch to have up to 15 deployment rings, and you can use your existing device-based Azure AD groups with custom update deployment cadences.
 > - If creating Custom Autopatch groups, try to avoid using device-based Azure AD groups that have device membership overlaps with the devices that are already registered with Windows Autopatch, and already belong to the Default Autopatch group.
 ### Autopatch group Azure AD group remediator
 - **Status: Active**
@ -219,12 +215,3 @@ The Windows Autopatch team is currently developing the Autopatch group Azure AD
 > - Modern Workplace Devices-Windows Autopatch-Broad
 > 
 > Use the [Policy health feature](../operate/windows-autopatch-policy-health-and-remediation.md) to restore these groups, if needed. For more information, see [restore deployment groups](../operate/windows-autopatch-policy-health-and-remediation.md#restore-deployment-groups).
 ### Rename an Autopatch group 
 - **Status: Active**
 You can't rename an Autopatch group yet. The Autopatch group name is appended to all deployment ring names in the Autopatch group. Windows Autopatch is currently developing the rename feature.
 > [!IMPORTANT]
 > During the public preview, if you try to rename either the [Update rings](/mem/intune/protect/windows-10-update-rings) or [feature updates](/mem/intune/protect/windows-10-feature-updates) for Windows 10 and later policies directly in the Microsoft Intune end-user experience, the policy names are reverted back to the name defined by the Autopatch group end-user experience interface.
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-groups-manage-windows-feature-update-release.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-groups-manage-windows-feature-update-release.md
@ -91,6 +91,7 @@ The release statuses are described in the following table:
 | Active | All phases in the release are active. This means all phases have reached their first deployment date, which created the Windows feature update policies. |<ul><li>Release can be paused but can't be edited or canceled since the Windows feature update policy was already created for its phases.</li><li>Autopatch groups and their deployment rings can be assigned to another release.</li></ul> |
 | Inactive | All the Autopatch groups within the release have been assigned to a new release. As a result, the Windows feature update policies were unassigned from all phases from within the release. |<ul><li>Release can be viewed as a historical record.</li><li>Releases can't be deleted, edited, or canceled.</li></ul> |
 | Paused | All phases in the release are paused. The release will remain paused until you resume it. | <ul><li>Releases with Paused status can't be edited or canceled since the Windows feature update policy was already created for its phases.</li><li>Release can be resumed.</li></ul> |
 | Canceled | All phases in the release are canceled. | <ul><li>Releases with Canceled status can't be edited or canceled since the Windows feature update policy wasn't created for its phases.</li><li>Canceled release can't be deleted.</li></ul> |
 ##### Phase statuses
@ -105,6 +106,7 @@ A phase is made of one or more Autopatch group deployment rings. Each phase repo
 | Active | The first deployment date has been reached. The Windows feature update policy has been created for the respective phase. |
 | Inactive | All Autopatch groups within the phase were re-assigned to a new release. All Windows feature update policies were unassigned from the Autopatch groups. |
 | Paused | Phase is paused. You must resume the phase. |
 | Canceled | Phase is canceled. All Autopatch groups within the phase can be used with a new release. A phase that's canceled can't be deleted. |
 #### Details about Windows feature update policies
@ -146,6 +148,9 @@ The following table is an example of the Windows feature update policies that we
    2. Additionally, the formula for the goal completion date is `<First Deployment Date> + (<Number of gradual rollout groups> – 1) * Days in between groups (7) + Deadline for feature updates (5 days) + Grace Period (2 days)`.
 1. In the **Review + create** page, review all settings. Once you’re ready, select **Create**.
 > [!NOTE]
 > Custom releases can't be deleted from the Windows feature updates release management blade. The custom release record serves as a historical record for auditing purposes when needed.
 ## Edit a release
 > [!NOTE]
--- a/windows/deployment/windows-autopatch/operate/windows-autopatch-groups-windows-feature-update-overview.md
+++ b/windows/deployment/windows-autopatch/operate/windows-autopatch-groups-windows-feature-update-overview.md
@ -101,6 +101,9 @@ There are two scenarios that the Global release is used:
 | Scenario #1 | You assign Azure AD groups to be used with the deployment ring (Last) or you add additional deployment rings when you customize the [Default Autopatch group](../deploy/windows-autopatch-groups-manage-autopatch-groups.md#edit-the-default-or-a-custom-autopatch-group).<p>A global Windows feature update policy is automatically assigned behind the scenes to the newly added deployment rings or when you assigned Azure AD groups to the deployment ring (Last) in the Default Autopatch group.</p> |
 | Scenario #2 | You create new [Custom Autopatch groups](../deploy/windows-autopatch-groups-manage-autopatch-groups.md#create-a-custom-autopatch-group).<p>The global Windows feature policy is automatically assigned behind the scenes to all deployment rings as part of the Custom Autopatch groups you create.</p> |
 > [!NOTE]
 > Global releases don't show up in the Windows feature updates release management blade.
 #### Policy configuration values
 See the following table on how Windows Autopatch configures the values for its global Windows feature update policy. If your tenant is enrolled with Windows Autopatch, you can see the following default policies created by the service in the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431):
--- a/windows/security/docfx.json
+++ b/windows/security/docfx.json
@ -76,15 +76,26 @@
        "application-security/application-control/user-account-control/*.md": "paolomatarazzo",
        "application-security/application-isolation/windows-sandbox/**/*.md": "vinaypamnani-msft",
        "identity-protection/**/*.md": "paolomatarazzo",
        "identity-protection/**/*.yml": "paolomatarazzo",
        "operating-system-security/data-protection/**/*.md": "paolomatarazzo",
        "operating-system-security/data-protection/**/*.yml": "paolomatarazzo",
        "operating-system-security/network-security/**/*.md": "paolomatarazzo",
-        "operating-system-security/network-security/windows-firewall/**/*.md": "ngangulyms"
+        "operating-system-security/network-security/**/*.yml": "paolomatarazzo",
        "operating-system-security/network-security/windows-firewall/**/*.md": "ngangulyms",
        "operating-system-security/network-security/windows-firewall/**/*.yml": "ngangulyms"
      },
      "ms.author":{
        "application-security/application-control/user-account-control/*.md": "paoloma",
        "application-security/application-control/user-account-control/*.yml": "paoloma",
        "application-security/application-isolation/windows-sandbox/**/*.md": "vinpa",
        "identity-protection/**/*.md": "paoloma",
        "identity-protection/**/*.yml": "paoloma",
        "operating-system-security/data-protection/**/*.md": "paoloma",
        "operating-system-security/data-protection/**/*.yml": "paoloma",
        "operating-system-security/network-security/**/*.md": "paoloma",
-        "operating-system-security/network-security/windows-firewall/*.md": "nganguly"
+        "operating-system-security/network-security/**/*.yml": "paoloma",
        "operating-system-security/network-security/windows-firewall/*.md": "nganguly",
        "operating-system-security/network-security/windows-firewall/*.yml": "nganguly"
      },
      "appliesto": {
        "application-security/application-isolation/windows-sandbox/**/*.md": [
@ -123,6 +134,26 @@
          "✅ <a href=\"https://learn.microsoft.com/windows/release-health/windows-server-release-info\" target=\"_blank\">Windows Server 2019</a>",
          "✅ <a href=\"https://learn.microsoft.com/windows/release-health/windows-server-release-info\" target=\"_blank\">Windows Server 2016</a>"
        ],
        "operating-system-security/data-protection/**/*.md": [
          "✅ <a href=\"https://learn.microsoft.com/windows/release-health/supported-versions-windows-client\" target=\"_blank\">Windows 11</a>",
          "✅ <a href=\"https://learn.microsoft.com/windows/release-health/supported-versions-windows-client\" target=\"_blank\">Windows 10</a>",
          "✅ <a href=\"https://learn.microsoft.com/windows/release-health/windows-server-release-info\" target=\"_blank\">Windows Server 2022</a>",
          "✅ <a href=\"https://learn.microsoft.com/windows/release-health/windows-server-release-info\" target=\"_blank\">Windows Server 2019</a>",
          "✅ <a href=\"https://learn.microsoft.com/windows/release-health/windows-server-release-info\" target=\"_blank\">Windows Server 2016</a>"
        ],
        "operating-system-security/data-protection/**/*.yml": [
          "✅ <a href=\"https://learn.microsoft.com/windows/release-health/supported-versions-windows-client\" target=\"_blank\">Windows 11</a>",
          "✅ <a href=\"https://learn.microsoft.com/windows/release-health/supported-versions-windows-client\" target=\"_blank\">Windows 10</a>",
          "✅ <a href=\"https://learn.microsoft.com/windows/release-health/windows-server-release-info\" target=\"_blank\">Windows Server 2022</a>",
          "✅ <a href=\"https://learn.microsoft.com/windows/release-health/windows-server-release-info\" target=\"_blank\">Windows Server 2019</a>",
          "✅ <a href=\"https://learn.microsoft.com/windows/release-health/windows-server-release-info\" target=\"_blank\">Windows Server 2016</a>"
        ],
        "operating-system-security/data-protection/personal-data-encryption/*.md": [
          "✅ <a href=\"https://learn.microsoft.com/windows/release-health/supported-versions-windows-client\" target=\"_blank\">Windows 11</a>"
        ],
        "operating-system-security/data-protection/personal-data-encryption/*.yml": [
          "✅ <a href=\"https://learn.microsoft.com/windows/release-health/supported-versions-windows-client\" target=\"_blank\">Windows 11</a>"
        ],
        "operating-system-security/network-security/windows-firewall/**/*.md": [
          "✅ <a href=\"https://learn.microsoft.com/windows/release-health/supported-versions-windows-client\" target=\"_blank\">Windows 11</a>",
          "✅ <a href=\"https://learn.microsoft.com/windows/release-health/supported-versions-windows-client\" target=\"_blank\">Windows 10</a>",
@ -136,16 +167,17 @@
        "identity-protection/credential-guard/*.md": "zwhittington",
        "identity-protection/access-control/*.md": "sulahiri",
        "operating-system-security/network-security/windows-firewall/*.md": "paoloma",
-        "operating-system-security/network-security/vpn/*.md": "pesmith"
+        "operating-system-security/network-security/vpn/*.md": "pesmith",
        "operating-system-security/data-protection/personal-data-encryption/*.md":"rhonnegowda"
      },
      "ms.collection": {
        "identity-protection/hello-for-business/*.md": "tier1",
        "information-protection/bitlocker/*.md": "tier1",
        "information-protection/personal-data-encryption/*.md": "tier1",
        "information-protection/pluton/*.md": "tier1",
        "information-protection/tpm/*.md": "tier1",
        "threat-protection/auditing/*.md": "tier3",
        "threat-protection/windows-defender-application-control/*.md": "tier3",
        "operating-system-security/data-protection/bitlocker/*.md": "tier1",
        "operating-system-security/data-protection/personal-data-encryption/*.md": "tier1",
        "operating-system-security/network-security/windows-firewall/*.md": "tier3"
      }
    },
--- a/windows/security/hardware.md
+++ b/windows/security/hardware.md
@ -23,3 +23,4 @@ These new threats call for computing hardware that is secure down to the very co
 | Enable virtualization-based protection of code integrity | Hypervisor-protected Code Integrity (HVCI) is a  virtualization based security (VBS) feature available in Windows. In the Windows Device Security settings, HVCI is referred to as Memory Integrity. <br> HVCI and VBS improve the threat model of Windows and provide stronger protections against malware trying to exploit the Windows Kernel. VBS uses the Windows Hypervisor to create an isolated virtual environment that becomes the root of trust of the OS that assumes the kernel can be compromised. HVCI is a critical component that protects and hardens this virtual environment by running kernel mode code integrity within it and restricting kernel memory allocations that could be used to compromise the system. <br><br/> Learn more: [Enable virtualization-based protection of code integrity](threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md).
 | Kernel Direct Memory Access (DMA) Protection | PCIe hot plug devices such as Thunderbolt, USB4, and CFexpress allow users to attach new classes of external peripherals, including graphics cards or other PCI devices, to their PCs with an experience identical to USB. Because PCI hot plug ports are external and easily accessible, PCs are susceptible to drive-by Direct Memory Access (DMA) attacks.  Memory access protection (also known as Kernel DMA Protection)  protects PCs against drive-by DMA attacks that use PCIe hot plug devices by limiting these external peripherals from being able to directly copy memory when the user has locked their PC. <br><br/> Learn more about [Kernel DMA Protection](information-protection/kernel-dma-protection-for-thunderbolt.md). |
 | Secured-core PCs | Microsoft is working closely with OEM partners and silicon vendors to build Secured-core PCs that feature deeply integrated hardware, firmware, and software to ensure enhanced security for devices, identities, and data. <br><br/> Secured-core PCs provide protections that are useful against sophisticated attacks and can provide increased assurance when handling mission-critical data in some of the most data-sensitive industries, such as healthcare workers that handle medical records and other personally identifiable information (PII), commercial roles that handle high business impact and highly sensitive data, such as a financial controller with earnings data. <br><br/> Learn more about [Secured-core PCs](/windows-hardware/design/device-experiences/oem-highly-secure).|
--- a/windows/security/index.yml
+++ b/windows/security/index.yml
@ -63,7 +63,7 @@ landingContent:
        - text: Trusted boot
          url: operating-system-security\system-security\trusted-boot.md
        - text: Encryption and data protection
-          url: encryption-data-protection.md
+          url: operating-system-security/data-protection/index.md
        - text: Windows security baselines
          url: threat-protection/windows-security-configuration-framework/windows-security-baselines.md
        - text: Virtual private network guide
--- a/windows/security/operating-system-security/data-protection/bitlocker/bcd-settings-and-bitlocker.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/bcd-settings-and-bitlocker.md
@ -1,16 +1,8 @@
 ---
 title: BCD settings and BitLocker 
 description: This article for IT professionals describes the BCD settings that are used by BitLocker.
 ms.reviewer: 
 ms.prod: windows-client
 ms.localizationpriority: medium
 author: frankroj
 ms.author: frankroj
 manager: aaroncz
 ms.topic: conceptual
 ms.date: 11/08/2022
 ms.custom: bitlocker
 ms.technology: itpro-security
 ---
 # Boot Configuration Data settings and BitLocker
--- a/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-and-adds-faq.yml
+++ b/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-and-adds-faq.yml
@ -1,26 +1,14 @@
 ### YamlMime:FAQ
 metadata:
-  title: BitLocker and Active Directory Domain Services (AD DS) FAQ (Windows 10)
+  title: BitLocker and Active Directory Domain Services (AD DS) FAQ
  description: Learn more about how BitLocker and Active Directory Domain Services (AD DS) can work together to keep devices secure. 
  ms.prod: windows-client
  ms.technology: itpro-security
  author: frankroj
  ms.author: frankroj
  manager: aaroncz
  audience: ITPro
  ms.collection:
    - highpri
    - tier1
  ms.topic: faq
  ms.date: 11/08/2022
  ms.custom: bitlocker
 title: BitLocker and Active Directory Domain Services (AD DS) FAQ
 summary: |
  **Applies to:**
  - Windows 10 and later
  - Windows Server 2016 and later
 sections:
  - name: Ignored
--- a/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-basic-deployment.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-basic-deployment.md
@ -1,26 +1,12 @@
 ---
 title: BitLocker basic deployment
 description: This article for the IT professional explains how BitLocker features can be used to protect your data through drive encryption.
 ms.reviewer: 
 ms.prod: windows-client
 ms.localizationpriority: medium
 author: frankroj
 ms.author: frankroj
 manager: aaroncz
 ms.topic: conceptual
 ms.date: 11/08/2022
 ms.custom: bitlocker
 ms.technology: itpro-security
 ---
 # BitLocker basic deployment
 **Applies to:**
 - Windows 10
 - Windows 11
 - Windows Server 2016 and above
 This article for the IT professional explains how BitLocker features can be used to protect data through drive encryption.
 ## Using BitLocker to encrypt volumes
@ -466,4 +452,4 @@ Disable-BitLocker -MountPoint E:,F:,G:
 - [Prepare your organization for BitLocker: Planning and policies](prepare-your-organization-for-bitlocker-planning-and-policies.md)
 - [BitLocker recovery guide](bitlocker-recovery-guide-plan.md)
 - [BitLocker: How to enable Network Unlock](bitlocker-how-to-enable-network-unlock.md)
- [BitLocker overview](bitlocker-overview.md)
+- [BitLocker overview](index.md)
--- a/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-countermeasures.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-countermeasures.md
@ -1,26 +1,12 @@
 ---
 title: BitLocker Countermeasures
 description: Windows uses technologies including TPM, Secure Boot, Trusted Boot, and Early Launch Anti-malware (ELAM) to protect against attacks on the BitLocker encryption key.
 ms.reviewer:
 ms.prod: windows-client
 ms.localizationpriority: medium
 author: frankroj
 ms.author: frankroj
 manager: aaroncz
 ms.topic: conceptual
 ms.date: 11/08/2022
 ms.custom: bitlocker
 ms.technology: itpro-security
 ---
 # BitLocker Countermeasures
 **Applies to:**
 - Windows 10
 - Windows 11
 - Windows Server 2016 and above
 Windows uses technologies including trusted platform module (TPM), secure boot, and measured boot to help protect BitLocker encryption keys against attacks. BitLocker is part of a strategic approach to securing data against offline attacks through encryption technology. Data on a lost or stolen computer is vulnerable. For example, there could be unauthorized access, either by running a software attack tool against the computer or by transferring the computer's hard disk to a different computer.
 BitLocker helps mitigate unauthorized data access on lost or stolen computers before the authorized operating system is started. This mitigation is done by:
@ -45,7 +31,7 @@ A trusted platform module (TPM) is a microchip designed to provide basic securit
 Unified Extensible Firmware Interface (UEFI) is a programmable boot environment that initializes devices and starts the operating system's bootloader.
-The UEFI specification defines a firmware execution authentication process called [Secure Boot](/windows/security/operating-system-security/system-security/secure-the-windows-10-boot-process.md). Secure Boot blocks untrusted firmware and bootloaders (signed or unsigned) from being able to start on the system.
+The UEFI specification defines a firmware execution authentication process called [Secure Boot](../../../information-protection/secure-the-windows-10-boot-process.md). Secure Boot blocks untrusted firmware and bootloaders (signed or unsigned) from being able to start on the system.
 By default, BitLocker provides integrity protection for Secure Boot by utilizing the TPM PCR[7] measurement. An unauthorized EFI firmware, EFI boot application, or bootloader can't run and acquire the BitLocker key.
@ -62,7 +48,7 @@ The next sections cover pre-boot authentication and DMA policies that can provid
 ### Pre-boot authentication
-Pre-boot authentication with BitLocker is a policy setting that requires the use of either user input, such as a PIN, a startup key, or both to authenticate prior to making the contents of the system drive accessible. The Group Policy setting is [Require additional authentication at startup](./bitlocker-group-policy-settings.md) and the corresponding setting in the [BitLocker CSP](/windows/client-management/mdm/bitlocker-csp) is SystemDrivesRequireStartupAuthentication.
+Pre-boot authentication with BitLocker is a policy setting that requires the use of either user input, such as a PIN, a startup key, or both to authenticate prior to making the contents of the system drive accessible. The Group Policy setting is [Require additional authentication at startup](bitlocker-group-policy-settings.md) and the corresponding setting in the [BitLocker CSP](/windows/client-management/mdm/bitlocker-csp) is SystemDrivesRequireStartupAuthentication.
 BitLocker accesses and stores the encryption keys in memory only after pre-boot authentication is completed. If Windows can't access the encryption keys, the device can't read or edit the files on the system drive. The only option for bypassing pre-boot authentication is entering the recovery key.
--- a/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml
+++ b/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml
@ -1,22 +1,11 @@
 ### YamlMime:FAQ
 metadata:
-  title: BitLocker deployment and administration FAQ (Windows 10)
+  title: BitLocker deployment and administration FAQ
  description: Browse frequently asked questions about BitLocker deployment and administration, such as, "Can BitLocker deployment be automated in an enterprise environment?"
  ms.prod: windows-client
  ms.technology: itpro-security
  author: frankroj
  ms.author: frankroj
  manager: aaroncz
  ms.topic: faq
  ms.date: 11/08/2022
  ms.custom: bitlocker
 title: BitLocker frequently asked questions (FAQ)
 summary: |
  **Applies to:**
  - Windows 10 and later
  - Windows Server 2016 and later
 sections:
  - name: Ignored
    questions:
--- a/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-deployment-comparison.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-deployment-comparison.md
@ -1,25 +1,12 @@
 ---
 title: BitLocker deployment comparison 
 description: This article shows the BitLocker deployment comparison chart.
 ms.prod: windows-client
 ms.localizationpriority: medium
 author: frankroj
 ms.author: frankroj
 manager: aaroncz
 ms.topic: conceptual
 ms.date: 11/08/2022
 ms.custom: bitlocker
 ms.technology: itpro-security
 ---
 # BitLocker deployment comparison
 **Applies to:**
 - Windows 10
 - Windows 11
 - Windows Server 2016 and above
 This article depicts the BitLocker deployment comparison chart.
 ## BitLocker deployment comparison chart
--- a/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
@ -1,29 +1,16 @@
 ---
 title: Overview of BitLocker Device Encryption in Windows
 description: This article provides an overview of how BitLocker Device Encryption can help protect data on devices running Windows.
 ms.prod: windows-client
 ms.localizationpriority: medium
 author: frankroj
 ms.author: frankroj
 manager: aaroncz
 ms.collection: 
  - highpri
  - tier1
 ms.topic: conceptual
 ms.date: 11/08/2022
 ms.custom: bitlocker
 ms.technology: itpro-security
 ---
-# Overview of BitLocker Device Encryption in Windows
+# Overview of BitLocker device encryption
-**Applies to:**
+This article explains how BitLocker Device Encryption can help protect data on devices running Windows. See [BitLocker](index.md) for a general overview and list of articles.
 - Windows 10
 - Windows 11
 - Windows Server 2016 and above
 This article explains how BitLocker Device Encryption can help protect data on devices running Windows. See [BitLocker](bitlocker-overview.md) for a general overview and list of articles.
 When users travel, their organization's confidential data goes with them. Wherever confidential data is stored, it must be protected against unauthorized access. Windows has a long history of providing at-rest data-protection solutions that guard against nefarious attackers, beginning with the Encrypting File System in the Windows 2000 operating system. More recently, BitLocker has provided encryption for full drives and portable drives. Windows consistently improves data protection by improving existing options and providing new strategies.
@ -31,7 +18,6 @@ When users travel, their organization's confidential data goes with them. Wherev
 The below table lists specific data-protection concerns and how they're addressed in Windows 11, Windows 10, and Windows 7.
 | Windows 7 | Windows 11 and Windows 10 |
 |---|---|
 | When BitLocker is used with a PIN to protect startup, PCs such as kiosks can't be restarted remotely. | Modern Windows devices are increasingly protected with BitLocker Device Encryption out of the box and support SSO to seamlessly protect the BitLocker encryption keys from cold boot attacks.<br><br>Network Unlock allows PCs to start automatically when connected to the internal network. |
--- a/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-frequently-asked-questions.yml
+++ b/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-frequently-asked-questions.yml
@ -2,25 +2,13 @@
 metadata:
  title: BitLocker FAQ (Windows 10)
  description: Find the answers you need by exploring this brief hub page listing FAQ pages for various aspects of BitLocker.
  ms.prod: windows-client
  ms.technology: itpro-security
  author: frankroj
  ms.author: frankroj
  manager: aaroncz
  audience: ITPro
  ms.collection:
    - highpri
    - tier1
  ms.topic: faq
  ms.date: 11/08/2022
  ms.custom: bitlocker
 title: BitLocker frequently asked questions (FAQ) resources
-summary: |
+summary: This article links to frequently asked questions about BitLocker. BitLocker is a data protection feature that encrypts drives on computers to help prevent data theft or exposure. BitLocker-protected computers can also delete data more securely when they're decommissioned because it's much more difficult to recover deleted data from an encrypted drive than from a non-encrypted drive.
  **Applies to:**
  - Windows 10 and later
  - Windows Server 2016 and later
  This article links to frequently asked questions about BitLocker. BitLocker is a data protection feature that encrypts drives on computers to help prevent data theft or exposure. BitLocker-protected computers can also delete data more securely when they're decommissioned because it's much more difficult to recover deleted data from an encrypted drive than from a non-encrypted drive.
  - [Overview and requirements](bitlocker-overview-and-requirements-faq.yml)
  - [Upgrading](bitlocker-upgrading-faq.yml)
--- a/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-group-policy-settings.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-group-policy-settings.md
@ -1,35 +1,21 @@
 ---
 title: BitLocker Group Policy settings 
 description: This article for IT professionals describes the function, location, and effect of each Group Policy setting that is used to manage BitLocker Drive Encryption.
 ms.reviewer: 
 ms.prod: windows-client
 ms.localizationpriority: medium
 author: frankroj
 ms.author: frankroj
 manager: aaroncz
 ms.collection: 
  - highpri
  - tier1
 ms.topic: conceptual
 ms.date: 11/08/2022
 ms.custom: bitlocker
 ms.technology: itpro-security
 ---
 # BitLocker group policy settings
 **Applies to:**
 - Windows 10
 - Windows 11
 - Windows Server 2016 and above
 This article for IT professionals describes the function, location, and effect of each Group Policy setting that is used to manage BitLocker Drive Encryption.
 Group Policy administrative templates or local computer policy settings can be used to control what BitLocker drive encryption tasks and configurations can be performed by users, for example through the **BitLocker Drive Encryption** control panel. Which of these policies are configured and how they're configured depends on how BitLocker is implemented and what level of interaction is desired for end users.
 > [!NOTE]
-> A separate set of Group Policy settings supports the use of the Trusted Platform Module (TPM). For details about those settings, see [Trusted Platform Module Group Policy settings](../tpm/trusted-platform-module-services-group-policy-settings.md).
+> A separate set of Group Policy settings supports the use of the Trusted Platform Module (TPM). For details about those settings, see [TPM Group Policy settings](../../../information-protection/tpm/trusted-platform-module-services-group-policy-settings.md).
 BitLocker Group Policy settings can be accessed using the Local Group Policy Editor and the Group Policy Management Console (GPMC) under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **BitLocker Drive Encryption**.
@ -233,7 +219,7 @@ This policy setting is applied when BitLocker is turned on. The startup PIN must
 Originally, BitLocker allowed a length from 4 to 20 characters for a PIN. Windows Hello has its own PIN for sign-in, length of which can be 4 to 127 characters. Both BitLocker and Windows Hello use the TPM to prevent PIN brute-force attacks.
-The TPM can be configured to use Dictionary Attack Prevention parameters ([lockout threshold and lockout duration](../tpm/trusted-platform-module-services-group-policy-settings.md)) to control how many failed authorizations attempts are allowed before the TPM is locked out, and how much time must elapse before another attempt can be made.
+The TPM can be configured to use Dictionary Attack Prevention parameters ([lockout threshold and lockout duration](../../../information-protection/tpm/trusted-platform-module-services-group-policy-settings.md) to control how many failed authorizations attempts are allowed before the TPM is locked out, and how much time must elapse before another attempt can be made.
 The Dictionary Attack Prevention Parameters provide a way to balance security needs with usability. For example, when BitLocker is used with a TPM + PIN configuration, the number of PIN guesses is limited over time. A TPM 2.0 in this example could be configured to allow only 32 PIN guesses immediately, and then only one more guess every two hours. This number of attempts totals to a maximum of about 4415 guesses per year. If the PIN is four digits, all 9999 possible PIN combinations could be attempted in a little over two years.
@ -452,7 +438,7 @@ When set to **Do not allow complexity**, no password complexity validation is do
 > [!NOTE]
 > Passwords can't be used if FIPS compliance is enabled. The **System cryptography: Use FIPS-compliant algorithms for encryption, hashing, and signing** policy setting in **Computer Configuration** > **Windows Settings** > **Security Settings** > **Local Policies** > **Security Options** specifies whether FIPS compliance is enabled.
-For information about this setting, see [System cryptography: Use FIPS-compliant algorithms for encryption, hashing, and signing](../../threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md).
+For information about this setting, see [System cryptography: Use FIPS-compliant algorithms for encryption, hashing, and signing](../../../threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md).
 ### Validate smart card certificate usage rule compliance
@ -1306,7 +1292,7 @@ The optional recovery key can be saved to a USB drive. Because recovery password
 The FIPS setting can be edited by using the Security Policy Editor (`Secpol.msc`) or by editing the Windows registry. Only administrators can perform these procedures.
-For more information about setting this policy, see [System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing](../../threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md).
+For more information about setting this policy, see [System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing](../../../threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md).
 ## Power management group policy settings: Sleep and Hibernate
@ -1338,5 +1324,5 @@ PCR 7 measurements are a mandatory logo requirement for systems that support Mod
 - [Trusted Platform Module](/windows/device-security/tpm/trusted-platform-module-overview)
 - [TPM Group Policy settings](/windows/device-security/tpm/trusted-platform-module-services-group-policy-settings)
 - [BitLocker frequently asked questions (FAQ)](bitlocker-frequently-asked-questions.yml)
- [BitLocker overview](bitlocker-overview.md)
+- [BitLocker overview](index.md)
 - [Prepare your organization for BitLocker: Planning and policies](prepare-your-organization-for-bitlocker-planning-and-policies.md)
--- a/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md
@ -1,57 +1,32 @@
 ---
-title: BitLocker How to deploy on Windows Server 2012 and later
+title: BitLocker How to deploy on Windows Server
-description: This article for the IT professional explains how to deploy BitLocker and Windows Server 2012 and later
+description: This article for the IT professional explains how to deploy BitLocker and Windows Server
 ms.reviewer: 
 ms.prod: windows-client
 ms.localizationpriority: medium
 author: frankroj
 ms.author: frankroj
 manager: aaroncz
 ms.topic: conceptual
 ms.date: 11/08/2022
 ms.custom: bitlocker
 ms.technology: itpro-security
 ---
-# BitLocker: How to deploy on Windows Server 2012 and later
+# BitLocker: How to deploy on Windows Server
-**Applies to:**
+This article explains how to deploy BitLocker on Windows Server. For all Windows Server editions, BitLocker can be installed using Server Manager or Windows PowerShell cmdlets. BitLocker requires administrator privileges on the server on which it's to be installed.
 - Windows Server 2012
 - Windows Server 2012 R2
 - Windows Server 2016 and above
 This article explains how to deploy BitLocker on Windows Server 2012 and later versions. For all Windows Server editions, BitLocker can be installed using Server Manager or Windows PowerShell cmdlets. BitLocker requires administrator privileges on the server on which it's to be installed.
 ## Installing BitLocker
 ### To install BitLocker using server manager
-1. Open server manager by selecting the server manager icon or running servermanager.exe.
+1. Open server manager by selecting the server manager icon or running `servermanager.exe`.
-
+1. Select **Manage** from the **Server Manager Navigation** bar and select **Add Roles and Features** to start the **Add Roles and Features Wizard.**
-2. Select **Manage** from the **Server Manager Navigation** bar and select **Add Roles and Features** to start the **Add Roles and Features Wizard.**
+1. With the **Add Roles and Features** wizard open, select **Next** at the **Before you begin** pane (if shown).
-
+1. Select **Role-based or feature-based installation** on the **Installation type** pane of the **Add Roles and Features** wizard and select **Next** to continue.
-3. With the **Add Roles and Features** wizard open, select **Next** at the **Before you begin** pane (if shown).
+1. Select the **Select a server from the server pool** option in the **Server Selection** pane and confirm the server on which the BitLocker feature is to be installed.
-
+1. Select **Next** on the **Server Roles** pane of the **Add Roles and Features** wizard to proceed to the **Features** pane.
 4. Select **Role-based or feature-based installation** on the **Installation type** pane of the **Add Roles and Features** wizard and select **Next** to continue.
 5. Select the **Select a server from the server pool** option in the **Server Selection** pane and confirm the server on which the BitLocker feature is to be installed.
 6. Select **Next** on the **Server Roles** pane of the **Add Roles and Features** wizard to proceed to the **Features** pane.
   > [!NOTE]
   > Server roles and features are installed by using the same wizard in Server Manager.
-
+1. Select the check box next to **BitLocker Drive Encryption** within the **Features** pane of the **Add Roles and Features** wizard. The wizard shows the extra management features available for BitLocker. If the extra management features aren't needed and/or don't need to be installed, deselect the **Include management tools**.
 7. Select the check box next to **BitLocker Drive Encryption** within the **Features** pane of the **Add Roles and Features** wizard. The wizard shows the extra management features available for BitLocker. If the extra management features are not needed and/or don't need to be installed, deselect the **Include management tools**.
   > [!NOTE]
   > The **Enhanced Storage** feature is a required feature for enabling BitLocker. This feature enables support for encrypted hard drives on capable systems.
-
+1. Select **Add Features**. Once optional features selection is complete, select **Next** to proceed in the wizard.
-8. Select **Add Features**. Once optional features selection is complete, select **Next** to proceed in the wizard.
+1. Select **Install** on the **Confirmation** pane of the **Add Roles and Features** wizard to begin BitLocker feature installation. The BitLocker feature requires a restart for its installation to be complete. Selecting the **Restart the destination server automatically if required** option in the **Confirmation** pane forces a restart of the computer after installation is complete.
-
+1. If the **Restart the destination server automatically if required** check box isn't selected, the **Results** pane of the **Add Roles and Features** wizard displays the success or failure of the BitLocker feature installation. If necessary, a notification of other action necessary to complete the feature installation, such as the restart of the computer, will be displayed in the results text.
 9. Select **Install** on the **Confirmation** pane of the **Add Roles and Features** wizard to begin BitLocker feature installation. The BitLocker feature requires a restart for its installation to be complete. Selecting the **Restart the destination server automatically if required** option in the **Confirmation** pane forces a restart of the computer after installation is complete.
 10. If the **Restart the destination server automatically if required** check box isn't selected, the **Results** pane of the **Add Roles and Features** wizard displays the success or failure of the BitLocker feature installation. If necessary, a notification of other action necessary to complete the feature installation, such as the restart of the computer, will be displayed in the results text.
 ### To install BitLocker using Windows PowerShell
@ -64,7 +39,7 @@ Windows PowerShell offers administrators another option for BitLocker feature in
 The `servermanager` Windows PowerShell module can use either the `Install-WindowsFeature` or `Add-WindowsFeature` to install the BitLocker feature. The `Add-WindowsFeature` cmdlet is merely a stub to the `Install-WindowsFeature`. This example uses the `Install-WindowsFeature` cmdlet. The feature name for BitLocker in the `servermanager` module is `BitLocker`.
-By default, installation of features in Windows PowerShell doesn't include optional sub-features or management tools as part of the installation process. What is installed as part of the installation process can be seen using the `-WhatIf` option in Windows PowerShell.
+By default, installation of features in Windows PowerShell doesn't include optional subfeatures or management tools as part of the installation process. What is installed as part of the installation process can be seen using the `-WhatIf` option in Windows PowerShell.
 ```powershell
 Install-WindowsFeature BitLocker -WhatIf
@ -72,7 +47,7 @@ Install-WindowsFeature BitLocker -WhatIf
 The results of this command show that only the BitLocker Drive Encryption feature is installed using this command.
-To see what would be installed with the BitLocker feature, including all available management tools and sub-features, use the following command:
+To see what would be installed with the BitLocker feature, including all available management tools and subfeatures, use the following command:
 ```powershell
 Install-WindowsFeature BitLocker -IncludeAllSubFeature -IncludeManagementTools -WhatIf | fl
@ -88,7 +63,7 @@ The result of this command displays the following list of all the administration
 - AD DS Tools
 - AD DS and AD LDS Tools
-The command to complete a full installation of the BitLocker feature with all available sub-features and then to reboot the server at completion is:
+The command to complete a full installation of the BitLocker feature with all available subfeatures and then to reboot the server at completion is:
 ```powershell
 Install-WindowsFeature BitLocker -IncludeAllSubFeature -IncludeManagementTools -Restart
@ -99,13 +74,13 @@ Install-WindowsFeature BitLocker -IncludeAllSubFeature -IncludeManagementTools -
 ### Using the dism module to install BitLocker
-The `dism.exe` Windows PowerShell module uses the `Enable-WindowsOptionalFeature` cmdlet to install features. The BitLocker feature name for BitLocker is `BitLocker`. The `dism.exe` module doesn't support wildcards when searching for feature names. To list feature names for the `dism.exe` module, use the `Get-WindowsOptionalFeatures` cmdlet. The following command will list all of the optional features in an online (running) operating system.
+The `dism.exe` Windows PowerShell module uses the `Enable-WindowsOptionalFeature` cmdlet to install features. The BitLocker feature name for BitLocker is `BitLocker`. The `dism.exe` module doesn't support wildcards when searching for feature names. To list feature names for the `dism.exe` module, use the `Get-WindowsOptionalFeatures` cmdlet. The following command lists all of the optional features in an online (running) operating system.
 ```powershell
 Get-WindowsOptionalFeature -Online | ft
 ```
-From this output, it can be seen that there are three BitLocker-related optional feature names: **BitLocker**, **BitLocker-Utilities** and **BitLocker-NetworkUnlock**. To install the BitLocker feature, the **BitLocker** and **BitLocker-Utilities** features are the only required items.
+From this output, there are three BitLocker-related optional feature names: **BitLocker**, **BitLocker-Utilities** and **BitLocker-NetworkUnlock**. To install the BitLocker feature, the **BitLocker** and **BitLocker-Utilities** features are the only required items.
 To install BitLocker using the `dism.exe` module, use the following command:
@ -121,7 +96,7 @@ Enable-WindowsOptionalFeature -Online -FeatureName BitLocker, BitLocker-Utilitie
 ## Related articles
- [BitLocker overview](bitlocker-overview.md)
+- [BitLocker overview](index.md)
 - [BitLocker frequently asked questions (FAQ)](bitlocker-frequently-asked-questions.yml)
 - [Prepare your organization for BitLocker: Planning and policies](prepare-your-organization-for-bitlocker-planning-and-policies.md)
 - [BitLocker: How to enable Network Unlock](bitlocker-how-to-enable-network-unlock.md)
--- a/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md
@ -1,26 +1,12 @@
 ---
 title: BitLocker - How to enable Network Unlock 
 description: This article for the IT professional describes how BitLocker Network Unlock works and how to configure it.
 ms.reviewer: 
 ms.prod: windows-client
 ms.localizationpriority: medium
 author: frankroj
 ms.author: frankroj
 manager: aaroncz
 ms.topic: conceptual
 ms.date: 11/08/2022
 ms.custom: bitlocker
 ms.technology: itpro-security
 ---
 # BitLocker: How to enable Network Unlock
 **Applies to:**
 - Windows 10
 - Windows 11
 - Windows Server 2016 and above
 This article describes how BitLocker Network Unlock works and how to configure it.
 Network Unlock is a BitLocker protector option for operating system volumes. Network Unlock enables easier management for BitLocker-enabled desktops and servers in a domain environment by providing automatic unlock of operating system volumes at system reboot when connected to a wired corporate network. This feature requires the client hardware to have a DHCP driver implemented in its UEFI firmware. Without Network Unlock, operating system volumes protected by TPM+PIN protectors require a PIN to be entered when a computer reboots or resumes from hibernation (for example, by Wake on LAN). Requiring a PIN after a reboot can make it difficult to enterprises to roll out software patches to unattended desktops and remotely administered servers.
@ -462,6 +448,6 @@ Follow these steps to configure Network Unlock on these older systems.
 ## Related articles
- [BitLocker overview](bitlocker-overview.md)
+- [BitLocker overview](index.md)
 - [BitLocker frequently asked questions (FAQ)](bitlocker-frequently-asked-questions.yml)
 - [Prepare your organization for BitLocker: Planning and policies](prepare-your-organization-for-bitlocker-planning-and-policies.md)
--- a/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-key-management-faq.yml
+++ b/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-key-management-faq.yml
@ -2,21 +2,10 @@
 metadata:
  title: BitLocker Key Management FAQ (Windows 10)
  description: Browse frequently asked questions concerning the requirements to use, upgrade, deploy and administer, and key management policies for BitLocker.
  ms.prod: windows-client
  ms.technology: itpro-security
  author: frankroj
  ms.author: frankroj
  manager: aaroncz
  audience: ITPro
  ms.topic: faq
  ms.date: 11/08/2022
  ms.custom: bitlocker
 title: BitLocker Key Management FAQ
 summary: |  
  **Applies to:**
  - Windows 10 and later
  - Windows Server 2016 and later
 sections:
  - name: Ignored
--- a/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-management-for-enterprises.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-management-for-enterprises.md
@ -1,24 +1,17 @@
 ---
 title: BitLocker management
 description: Refer to relevant documentation, products, and services to learn about managing BitLocker and see recommendations for different computers.
 ms.prod: windows-client
 ms.localizationpriority: medium
 author: frankroj
 ms.author: frankroj
 manager: aaroncz
 ms.topic: conceptual
 ms.date: 11/08/2022
 ms.custom: bitlocker
 ms.technology: itpro-security
 ---
 # BitLocker management
 The ideal solution for BitLocker management is to eliminate the need for IT administrators to set management policies using tools or other mechanisms by having Windows perform tasks that are more practical to automate. This vision leverages modern hardware developments. The growth of TPM 2.0, secure boot, and other hardware improvements, for example, have helped to alleviate the support burden on help desks and a decrease in support-call volumes, yielding improved user satisfaction. Windows continues to be the focus for new features and improvements for built-in encryption management, such as automatically enabling encryption on devices that support Modern Standby beginning with Windows 8.1.
-Though much Windows [BitLocker documentation](bitlocker-overview.md) has been published, customers frequently ask for recommendations and pointers to specific, task-oriented documentation that is both easy to digest and focused on how to deploy and manage BitLocker. This article links to relevant documentation, products, and services to help answer this and other related frequently asked questions, and also provides BitLocker recommendations for different types of computers.
+Though much Windows [BitLocker documentation](index.md) has been published, customers frequently ask for recommendations and pointers to specific, task-oriented documentation that is both easy to digest and focused on how to deploy and manage BitLocker. This article links to relevant documentation, products, and services to help answer this and other related frequently asked questions, and also provides BitLocker recommendations for different types of computers.
-[!INCLUDE [bitlocker](../../../../includes/licensing/bitlocker-management.md)]
+[!INCLUDE [bitlocker](../../../../../includes/licensing/bitlocker-management.md)]
 ## Managing domain-joined computers and moving to cloud  
--- a/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-network-unlock-faq.yml
+++ b/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-network-unlock-faq.yml
@ -2,22 +2,10 @@
 metadata:
  title: BitLocker Network Unlock FAQ (Windows 10)
  description: Familiarize yourself with BitLocker Network Unlock. Learn how it can make desktop and server management easier within domain environments.
  ms.prod: windows-client
  ms.technology: itpro-security
  author: frankroj
  ms.author: frankroj
  manager: aaroncz
  audience: ITPro
  ms.topic: faq
  ms.date: 11/08/2022
  ms.reviewer: 
  ms.custom: bitlocker
 title: BitLocker Network Unlock FAQ
 summary: |
  **Applies to:**
  - Windows 10
  - Windows 11
  - Windows Server 2016 and above
 sections:
  - name: Ignored
--- a/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml
+++ b/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml
@ -2,24 +2,13 @@
 metadata:
  title: BitLocker overview and requirements FAQ (Windows 10)
  description: This article for IT professionals answers frequently asked questions concerning the requirements to use BitLocker.
  ms.prod: windows-client
  ms.technology: itpro-security
  author: frankroj
  ms.author: frankroj
  manager: aaroncz
  audience: ITPro
  ms.collection:
    - highpri
    - tier1
  ms.topic: faq
  ms.date: 11/08/2022
  ms.custom: bitlocker
 title: BitLocker Overview and Requirements FAQ
 summary: |  
  **Applies to:**
  - Windows 10 and later
  - Windows Server 2016 and later
 sections:
  - name: Ignored
@ -39,7 +28,7 @@ sections:
      - question: What are the BitLocker hardware and software requirements?
        answer: |
-          For requirements, see [System requirements](bitlocker-overview.md#system-requirements).
+          For requirements, see [System requirements](index.md#system-requirements).
          > [!NOTE]
          > Dynamic disks aren't supported by BitLocker. Dynamic data volumes won't be displayed in the Control Panel. Although the operating system volume will always be displayed in the Control Panel, regardless of whether it's a Dynamic disk, if it's a dynamic disk it can't be protected by BitLocker.
--- a/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-recovery-guide-plan.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-recovery-guide-plan.md
@ -1,29 +1,15 @@
 ---
 title: BitLocker recovery guide
 description: This article for IT professionals describes how to recover BitLocker keys from Active Directory Domain Services (AD DS).
 ms.prod: windows-client
 ms.technology: itpro-security
 ms.localizationpriority: medium
 author: frankroj
 ms.author: frankroj
 ms.reviewer: rafals
 manager: aaroncz
 ms.collection: 
  - highpri
  - tier1
 ms.topic: conceptual
 ms.date: 11/08/2022
 ms.custom: bitlocker
 ---
 # BitLocker recovery guide
 **Applies to:**
 - Windows 10
 - Windows 11
 - Windows Server 2016 and above
 This article describes how to recover BitLocker keys from AD DS.
 Organizations can use BitLocker recovery information saved in Active Directory Domain Services (AD DS) to access BitLocker-protected data. It's recommended to create a recovery model for BitLocker while planning for BitLocker deployment.
@ -990,4 +976,4 @@ End Function
 ## Related articles
- [BitLocker overview](bitlocker-overview.md)
+- [BitLocker overview](index.md)
--- a/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-security-faq.yml
+++ b/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-security-faq.yml
@ -2,23 +2,10 @@
 metadata:
  title: BitLocker Security FAQ
  description: Learn more about how BitLocker security works. Browse frequently asked questions, such as, "What form of encryption does BitLocker use?"
  ms.prod: windows-client
  ms.technology: itpro-security
  author: frankroj
  ms.author: frankroj
  manager: aaroncz
  audience: ITPro
  ms.topic: faq
  ms.date: 11/08/2022
  ms.custom: bitlocker
 title: BitLocker Security FAQ
 summary: |
  **Applies to:**
  - Windows 10 and later
  - Windows Server 2016 and later
 sections:
  - name: Ignored
    questions:
--- a/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-to-go-faq.yml
+++ b/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-to-go-faq.yml
@ -2,20 +2,10 @@
 metadata:
  title: BitLocker To Go FAQ
  description: "Learn more about BitLocker To Go"
  ms.prod: windows-client
  ms.technology: itpro-security
  ms.author: frankroj
  author: frankroj
  manager: aaroncz
  audience: ITPro
  ms.topic: faq
  ms.date: 11/08/2022
  ms.custom: bitlocker
 title: BitLocker To Go FAQ
 summary: |  
  **Applies to:**
  - Windows 10
 sections:
  - name: Ignored
--- a/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-upgrading-faq.yml
+++ b/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-upgrading-faq.yml
@ -2,21 +2,10 @@
 metadata:
  title: BitLocker Upgrading FAQ
  description: Learn more about upgrading systems that have BitLocker enabled. Find frequently asked questions, such as, "Can I upgrade to Windows 10 with BitLocker enabled?"
  ms.prod: windows-client
  ms.technology: itpro-security
  author: frankroj
  ms.author: frankroj
  manager: aaroncz
  ms.topic: faq
  ms.date: 11/08/2022
  ms.reviewer: 
  ms.custom: bitlocker
 title: BitLocker Upgrading FAQ
 summary: |  
  **Applies to:**
  - Windows 10 and later
  - Windows Server 2016 and later
 sections:
  - name: Ignored
--- a/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md
@ -1,29 +1,15 @@
 ---
 title: BitLocker Use BitLocker Drive Encryption Tools to manage BitLocker 
 description: This article for the IT professional describes how to use tools to manage BitLocker.
 ms.reviewer: 
 ms.prod: windows-client
 ms.localizationpriority: medium
 author: frankroj
 ms.author: frankroj
 manager: aaroncz
 ms.collection: 
  - highpri
  - tier1
 ms.topic: conceptual
 ms.date: 11/08/2022
 ms.custom: bitlocker
 ms.technology: itpro-security
 ---
 # BitLocker: Use BitLocker Drive Encryption Tools to manage BitLocker
 **Applies to:**
 - Windows 10
 - Windows 11
 - Windows Server 2016 and above
 This article for the IT professional describes how to use tools to manage BitLocker.
 BitLocker Drive Encryption Tools include the command-line tools manage-bde and repair-bde and the BitLocker cmdlets for Windows PowerShell.
@ -246,7 +232,7 @@ Add-BitLockerKeyProtector C: -ADAccountOrGroupProtector -ADAccountOrGroup S-1-5-
 ## Related articles
- [BitLocker overview](bitlocker-overview.md)
+- [BitLocker overview](index.md)
 - [BitLocker frequently asked questions (FAQ)](bitlocker-frequently-asked-questions.yml)
 - [Prepare your organization for BitLocker: Planning and policies](prepare-your-organization-for-bitlocker-planning-and-policies.md)
 - [BitLocker: How to enable Network Unlock](bitlocker-how-to-enable-network-unlock.md)
--- a/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md
@ -1,19 +1,11 @@
 ---
 title: BitLocker Use BitLocker Recovery Password Viewer 
 description: This article for the IT professional describes how to use the BitLocker Recovery Password Viewer.
 ms.reviewer: 
 ms.prod: windows-client
 ms.localizationpriority: medium
 author: frankroj
 ms.author: frankroj
 manager: aaroncz
 ms.collection: 
  - highpri
  - tier1
 ms.topic: conceptual
 ms.date: 11/08/2022
 ms.custom: bitlocker
 ms.technology: itpro-security
 ---
 # BitLocker: Use BitLocker Recovery Password Viewer
@ -66,7 +58,7 @@ By completing the procedures in this scenario, the recovery passwords for a comp
 ## Related articles
- [BitLocker Overview](bitlocker-overview.md)
+- [BitLocker Overview](index.md)
 - [BitLocker frequently asked questions (FAQ)](bitlocker-frequently-asked-questions.yml)
 - [Prepare your organization for BitLocker: Planning and policies](prepare-your-organization-for-bitlocker-planning-and-policies.md)
 - [BitLocker: How to deploy on Windows Server 2012](bitlocker-how-to-deploy-on-windows-server.md)
--- a/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml
+++ b/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml
@ -2,19 +2,10 @@
 metadata:
  title: Using BitLocker with other programs FAQ
  description: Learn how to integrate BitLocker with other software on a device.
  ms.prod: windows-client
  ms.technology: itpro-security
  author: frankroj
  ms.author: frankroj
  manager: aaroncz
  ms.topic: faq
  ms.date: 11/08/2022
 title: Using BitLocker with other programs FAQ
 summary: |
  **Applies to:**
  - Windows 10 and later
  - Windows Server 2016 and later
 sections:
  - name: Ignored
--- a/windows/security/operating-system-security/data-protection/bitlocker/images/bitlockernetworkunlocksequence.png
+++ b/windows/security/operating-system-security/data-protection/bitlocker/images/bitlockernetworkunlocksequence.png
--- a/windows/security/operating-system-security/data-protection/bitlocker/images/bl-intune-custom-url.png
+++ b/windows/security/operating-system-security/data-protection/bitlocker/images/bl-intune-custom-url.png
--- a/windows/security/operating-system-security/data-protection/bitlocker/images/bl-narrator.png
+++ b/windows/security/operating-system-security/data-protection/bitlocker/images/bl-narrator.png
--- a/windows/security/operating-system-security/data-protection/bitlocker/images/bl-password-hint1.png
+++ b/windows/security/operating-system-security/data-protection/bitlocker/images/bl-password-hint1.png
--- a/windows/security/operating-system-security/data-protection/bitlocker/images/bl-password-hint2.png
+++ b/windows/security/operating-system-security/data-protection/bitlocker/images/bl-password-hint2.png
--- a/windows/security/operating-system-security/data-protection/bitlocker/images/kernel-dma-protection.png
+++ b/windows/security/operating-system-security/data-protection/bitlocker/images/kernel-dma-protection.png
--- a/windows/security/operating-system-security/data-protection/bitlocker/images/manage-bde-status.png
+++ b/windows/security/operating-system-security/data-protection/bitlocker/images/manage-bde-status.png
--- a/windows/security/operating-system-security/data-protection/bitlocker/images/pre-boot-authentication-group-policy.png
+++ b/windows/security/operating-system-security/data-protection/bitlocker/images/pre-boot-authentication-group-policy.png
--- a/windows/security/operating-system-security/data-protection/bitlocker/images/rp-example1.png
+++ b/windows/security/operating-system-security/data-protection/bitlocker/images/rp-example1.png
--- a/windows/security/operating-system-security/data-protection/bitlocker/images/rp-example2.png
+++ b/windows/security/operating-system-security/data-protection/bitlocker/images/rp-example2.png
--- a/windows/security/operating-system-security/data-protection/bitlocker/images/rp-example3.png
+++ b/windows/security/operating-system-security/data-protection/bitlocker/images/rp-example3.png
--- a/windows/security/operating-system-security/data-protection/bitlocker/images/rp-example4.png
+++ b/windows/security/operating-system-security/data-protection/bitlocker/images/rp-example4.png
--- a/windows/security/operating-system-security/data-protection/bitlocker/images/rp-example5.png
+++ b/windows/security/operating-system-security/data-protection/bitlocker/images/rp-example5.png
--- a/windows/security/operating-system-security/data-protection/bitlocker/images/yes-icon.png
+++ b/windows/security/operating-system-security/data-protection/bitlocker/images/yes-icon.png
--- a/windows/security/operating-system-security/data-protection/bitlocker/index.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/index.md
@ -1,32 +1,17 @@
 ---
-title: BitLocker
+title: BitLocker overview
 description: This article provides a high-level overview of BitLocker, including a list of system requirements, practical applications, and deprecated features.
 ms.author: frankroj
 ms.prod: windows-client
 ms.localizationpriority: medium
 author: frankroj
 manager: aaroncz
 ms.collection: 
  - highpri
  - tier1
 ms.topic: conceptual
 ms.date: 11/08/2022
 ms.custom: bitlocker
 ms.technology: itpro-security
 ---
-# BitLocker
+# BitLocker overview
 **Applies to:**
 - Windows 10
 - Windows 11
 - Windows Server 2016 and above
 This article provides a high-level overview of BitLocker, including a list of system requirements, practical applications, and deprecated features.
 ## BitLocker overview
 BitLocker Drive Encryption is a data protection feature that integrates with the operating system and addresses the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned computers.
 BitLocker provides the maximum protection when used with a Trusted Platform Module (TPM) version 1.2 or later versions. The TPM is a hardware component installed in many newer computers by the computer manufacturers. It works with BitLocker to help protect user data and to ensure that a computer hasn't been tampered with while the system was offline.
@ -48,7 +33,7 @@ There are two additional tools in the Remote Server Administration Tools that ca
 - **BitLocker Drive Encryption Tools**. BitLocker Drive Encryption Tools include the command-line tools, manage-bde and repair-bde, and the BitLocker cmdlets for Windows PowerShell. Both manage-bde and the BitLocker cmdlets can be used to perform any task that can be accomplished through the
 BitLocker control panel, and they're appropriate to be used for automated deployments and other scripting scenarios. Repair-bde is provided for disaster recovery scenarios in which a BitLocker-protected drive can't be unlocked normally or by using the recovery console.
-[!INCLUDE [bitlocker](../../../../includes/licensing/bitlocker-enablement.md)]
+[!INCLUDE [bitlocker](../../../../../includes/licensing/bitlocker-enablement.md)]
 ## System requirements
--- a/windows/security/operating-system-security/data-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md
@ -1,26 +1,12 @@
 ---
 title: Prepare the organization for BitLocker Planning and policies 
 description: This article for the IT professional explains how can to plan for a BitLocker deployment.
 ms.reviewer: 
 ms.prod: windows-client
 ms.localizationpriority: medium
 author: frankroj
 ms.author: frankroj
 manager: aaroncz
 ms.topic: conceptual
 ms.date: 11/08/2022
 ms.custom: bitlocker
 ms.technology: itpro-security
 ---
 # Prepare an organization for BitLocker: Planning and policies
 **Applies to:**
 - Windows 10
 - Windows 11
 - Windows Server 2016 and above
 This article for the IT professional explains how to plan BitLocker deployment.
 When BitLocker deployment strategy is defined, define the appropriate policies and configuration requirements based on the business requirements of the organization. The following sections will help with collecting information. Use this information to help with the decision-making process about deploying and managing BitLocker systems.
@ -199,9 +185,7 @@ On Windows Server 2012 R2 and Windows 8.1 and older, recovery passwords generate
 ## Related articles
 - [Trusted Platform Module](../tpm/trusted-platform-module-top-node.md)
 - [TPM Group Policy settings](../tpm/trusted-platform-module-services-group-policy-settings.md)
 - [BitLocker frequently asked questions (FAQ)](bitlocker-frequently-asked-questions.yml)
- [BitLocker](bitlocker-overview.md)
+- [BitLocker](index.md)
 - [BitLocker Group Policy settings](bitlocker-group-policy-settings.md)
 - [BitLocker basic deployment](bitlocker-basic-deployment.md)
--- a/windows/security/operating-system-security/data-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md
@ -1,16 +1,8 @@
 ---
 title: Protecting cluster shared volumes and storage area networks with BitLocker 
 description: This article for IT pros describes how to protect CSVs and SANs with BitLocker.
 ms.reviewer: 
 ms.prod: windows-client
 ms.localizationpriority: medium
 author: frankroj
 ms.author: frankroj
 manager: aaroncz
 ms.topic: conceptual
 ms.date: 11/08/2022
 ms.custom: bitlocker
 ms.technology: itpro-security
 ---
 # Protecting cluster shared volumes and storage area networks with BitLocker
--- a/windows/security/operating-system-security/data-protection/bitlocker/toc.yml
+++ b/windows/security/operating-system-security/data-protection/bitlocker/toc.yml
@ -0,0 +1,74 @@
 items:
 - name: Overview
  href: index.md
 - name: BitLocker device encryption
  href: bitlocker-device-encryption-overview-windows-10.md
 - name: BitLocker frequently asked questions (FAQ)
  href: bitlocker-frequently-asked-questions.yml
  items:
  - name: Overview and requirements
    href: bitlocker-overview-and-requirements-faq.yml
  - name: Upgrading
    href: bitlocker-upgrading-faq.yml
  - name: Deployment and administration
    href: bitlocker-deployment-and-administration-faq.yml
  - name: Key management
    href: bitlocker-key-management-faq.yml
  - name: BitLocker To Go
    href: bitlocker-to-go-faq.yml
  - name: Active Directory Domain Services
    href: bitlocker-and-adds-faq.yml
  - name: Security
    href: bitlocker-security-faq.yml
  - name: BitLocker Network Unlock
    href: bitlocker-network-unlock-faq.yml
  - name: General
    href: bitlocker-using-with-other-programs-faq.yml
 - name: "Prepare your organization for BitLocker: Planning and policies"
  href: prepare-your-organization-for-bitlocker-planning-and-policies.md
 - name: BitLocker deployment comparison
  href: bitlocker-deployment-comparison.md
 - name: BitLocker basic deployment
  href: bitlocker-basic-deployment.md
 - name: Deploy BitLocker on Windows Server 2012 and later
  href: bitlocker-how-to-deploy-on-windows-server.md
 - name: BitLocker management
  href: bitlocker-management-for-enterprises.md
 - name: Enable Network Unlock with BitLocker
  href: bitlocker-how-to-enable-network-unlock.md
 - name: Use BitLocker Drive Encryption Tools to manage BitLocker
  href: bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md
 - name: Use BitLocker Recovery Password Viewer
  href: bitlocker-use-bitlocker-recovery-password-viewer.md
 - name: BitLocker Group Policy settings
  href: bitlocker-group-policy-settings.md
 - name: BCD settings and BitLocker
  href: bcd-settings-and-bitlocker.md
 - name: BitLocker Recovery Guide
  href: bitlocker-recovery-guide-plan.md
 - name: BitLocker Countermeasures
  href: bitlocker-countermeasures.md
 - name: Protecting cluster shared volumes and storage area networks with BitLocker
  href: protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md
 - name: Troubleshoot BitLocker
  items:
    - name: Troubleshoot BitLocker 🔗
      href: /troubleshoot/windows-client/windows-security/bitlocker-issues-troubleshooting
    - name: "BitLocker cannot encrypt a drive: known issues 🔗"
      href: /troubleshoot/windows-client/windows-security/bitlocker-cannot-encrypt-a-drive-known-issues
    - name: "Enforcing BitLocker policies by using Intune: known issues 🔗"
      href: /troubleshoot/windows-client/windows-security/enforcing-bitlocker-policies-by-using-intune-known-issues
    - name: "BitLocker Network Unlock: known issues 🔗"
      href: /troubleshoot/windows-client/windows-security/bitlocker-network-unlock-known-issues
    - name: "BitLocker recovery: known issues 🔗"
      href: /troubleshoot/windows-client/windows-security/bitlocker-recovery-known-issues
    - name: "BitLocker configuration: known issues 🔗"
      href: /troubleshoot/windows-client/windows-security/bitlocker-configuration-known-issues
    - name: Troubleshoot BitLocker and TPM issues
      items:
        - name: "BitLocker cannot encrypt a drive: known TPM issues 🔗"
          href: /troubleshoot/windows-client/windows-security/bitlocker-cannot-encrypt-a-drive-known-tpm-issues
        - name: "BitLocker and TPM: other known issues 🔗"
          href: /troubleshoot/windows-client/windows-security/bitlocker-and-tpm-other-known-issues
        - name: Decode Measured Boot logs to track PCR changes 🔗
          href: /troubleshoot/windows-client/windows-security/decode-measured-boot-logs-to-track-pcr-changes
--- a/windows/security/operating-system-security/data-protection/configure-s-mime.md
+++ b/windows/security/operating-system-security/data-protection/configure-s-mime.md
@ -3,8 +3,6 @@ title: Configure S/MIME for Windows
 description: S/MIME lets users encrypt outgoing messages and attachments so that only intended recipients with a digital ID, also known as a certificate, can read them. Learn how to configure S/MIME for Windows.
 ms.topic: how-to
 ms.date: 05/31/2023
 author: paolomatarazzo
 ms.author: paoloma
 ---
--- a/windows/security/operating-system-security/data-protection/encrypted-hard-drive.md
+++ b/windows/security/operating-system-security/data-protection/encrypted-hard-drive.md
@ -1,27 +1,12 @@
 ---
 title: Encrypted Hard Drive 
 description: Encrypted Hard Drive uses the rapid encryption that is provided by BitLocker Drive Encryption to enhance data security and management.
 ms.reviewer: 
 manager: aaroncz
 ms.author: frankroj
 ms.prod: windows-client
 author: frankroj
 ms.date: 11/08/2022
 ms.technology: itpro-security
 ms.topic: conceptual
 ---
 # Encrypted Hard Drive
 *Applies to:*
 - Windows 10
 - Windows 11
 - Windows Server 2022
 - Windows Server 2019
 - Windows Server 2016
 - Azure Stack HCI
 Encrypted hard drive uses the rapid encryption that is provided by BitLocker drive encryption to enhance data security and management.
 By offloading the cryptographic operations to hardware, Encrypted hard drives increase BitLocker performance and reduce CPU usage and power consumption. Because Encrypted hard drives encrypt data quickly, enterprise devices can expand BitLocker deployment with minimal impact on productivity.
@ -48,7 +33,7 @@ Encrypted hard drives are supported natively in the operating system through the
 If you're a storage device vendor who is looking for more info on how to implement Encrypted Hard Drive, see the [Encrypted Hard Drive Device Guide](/previous-versions/windows/hardware/design/dn653989(v=vs.85)).
-[!INCLUDE [encrypted-hard-drive](../../../includes/licensing/encrypted-hard-drive.md)]
+[!INCLUDE [encrypted-hard-drive](../../../../includes/licensing/encrypted-hard-drive.md)]
 ## System Requirements
--- a/windows/security/operating-system-security/data-protection/index.md
+++ b/windows/security/operating-system-security/data-protection/index.md
@ -1,13 +1,8 @@
 ---
 title: Encryption and data protection in Windows
 description: Get an overview encryption and data protection in Windows 11 and Windows 10
 author: frankroj
 ms.author: frankroj
 manager: aaroncz
 ms.topic: overview
 ms.date: 09/22/2022
 ms.prod: windows-client
 ms.technology: itpro-security
 ms.reviewer: rafals
 ---
@ -45,10 +40,10 @@ Windows consistently improves data protection by improving existing options and
 <!-- Max 5963468 OS 32516487 -->
 (*Applies to: Windows 11, version 22H2 and later*)
-[!INCLUDE [Personal Data Encryption (PDE) description](information-protection/personal-data-encryption/includes/pde-description.md)]
+[!INCLUDE [Personal Data Encryption (PDE) description](personal-data-encryption/includes/pde-description.md)]
 ## See also
- [Encrypted Hard Drive](information-protection/encrypted-hard-drive.md)
+- [Encrypted Hard Drive](encrypted-hard-drive.md)
- [BitLocker](information-protection/bitlocker/bitlocker-overview.md)
+- [BitLocker](bitlocker/index.md)
- [Personal Data Encryption (PDE)](information-protection/personal-data-encryption/overview-pde.md)
+- [Personal Data Encryption (PDE)](personal-data-encryption/index.md)
--- a/windows/security/operating-system-security/data-protection/personal-data-encryption/configure-pde-in-intune.md
+++ b/windows/security/operating-system-security/data-protection/personal-data-encryption/configure-pde-in-intune.md
@ -1,14 +1,7 @@
 ---
 title: Configure Personal Data Encryption (PDE) in Intune
 description: Configuring and enabling Personal Data Encryption (PDE) required and recommended policies in Intune
 author: frankroj
 ms.author: frankroj
 ms.reviewer: rhonnegowda
 manager: aaroncz
 ms.topic: how-to
 ms.prod: windows-client
 ms.technology: itpro-security
 ms.localizationpriority: medium
 ms.date: 03/13/2023
 ---
@ -21,21 +14,17 @@ The various required and recommended policies needed for Personal Data Encryptio
 ## Required prerequisites
-1. [Enable Personal Data Encryption (PDE)](pde-in-intune/intune-enable-pde.md)
+1. [Enable Personal Data Encryption (PDE)](intune-enable-pde.md)
-
+1. [Disable Winlogon automatic restart sign-on (ARSO)](intune-disable-arso.md)
 1. [Disable Winlogon automatic restart sign-on (ARSO)](pde-in-intune/intune-disable-arso.md)
 ## Security hardening recommendations
-1. [Disable kernel-mode crash dumps and live dumps](pde-in-intune/intune-disable-memory-dumps.md)
+1. [Disable kernel-mode crash dumps and live dumps](intune-disable-memory-dumps.md)
-
+1. [Disable Windows Error Reporting (WER)/user-mode crash dumps](intune-disable-wer.md)
-1. [Disable Windows Error Reporting (WER)/user-mode crash dumps](pde-in-intune/intune-disable-wer.md)
+1. [Disable hibernation](intune-disable-hibernation.md)
-
+1. [Disable allowing users to select when a password is required when resuming from connected standby](intune-disable-password-connected-standby.md)
 1. [Disable hibernation](pde-in-intune/intune-disable-hibernation.md)
 1. [Disable allowing users to select when a password is required when resuming from connected standby](pde-in-intune/intune-disable-password-connected-standby.md)
 ## See also
- [Personal Data Encryption (PDE)](overview-pde.md)
+- [Personal Data Encryption (PDE)](index.md)
 - [Personal Data Encryption (PDE) FAQ](faq-pde.yml)
--- a/windows/security/operating-system-security/data-protection/personal-data-encryption/faq-pde.yml
+++ b/windows/security/operating-system-security/data-protection/personal-data-encryption/faq-pde.yml
@ -3,19 +3,9 @@
 metadata:
  title: Frequently asked questions for Personal Data Encryption (PDE)
  description: Answers to common questions regarding Personal Data Encryption (PDE).
  author: frankroj
  ms.author: frankroj
  ms.reviewer: rhonnegowda
  manager: aaroncz
  ms.topic: faq
  ms.prod: windows-client
  ms.technology: itpro-security
  ms.localizationpriority: medium
  ms.date: 03/13/2023
 # Max 5963468 OS 32516487
 # Max 6946251
 title: Frequently asked questions for Personal Data Encryption (PDE)
 summary: |
  Here are some answers to common questions regarding Personal Data Encryption (PDE)
@ -65,7 +55,7 @@ sections:
      - question: Can users manually encrypt and decrypt files with PDE?
        answer: |
-          Currently users can decrypt files manually but they can't encrypt files manually. For information on how a user can manually decrypt a file, see the section **Disable PDE and decrypt files** in [Personal Data Encryption (PDE)](overview-pde.md).
+          Currently users can decrypt files manually but they can't encrypt files manually. For information on how a user can manually decrypt a file, see the section **Disable PDE and decrypt files** in [Personal Data Encryption (PDE)](index.md).
      - question: If a user signs into Windows with a password instead of Windows Hello for Business, will they be able to access their PDE protected content?
        answer: |
@ -77,6 +67,6 @@ sections:
 additionalContent: |
  ## See also
-    - [Personal Data Encryption (PDE)](overview-pde.md)
+    - [Personal Data Encryption (PDE)](index.md)
    - [Configure Personal Data Encryption (PDE) polices in Intune](configure-pde-in-intune.md)
--- a/windows/security/operating-system-security/data-protection/personal-data-encryption/includes/pde-description.md
+++ b/windows/security/operating-system-security/data-protection/personal-data-encryption/includes/pde-description.md
@ -1,22 +1,14 @@
 ---
 title: Personal Data Encryption (PDE) description
 description: Personal Data Encryption (PDE) description include file
 author: frankroj
 ms.author: frankroj
 ms.reviewer: rhonnegowda
 manager: aaroncz
 ms.topic: include
 ms.prod: windows-client
 ms.technology: itpro-security
 ms.localizationpriority: medium
 ms.date: 03/13/2023
 ---
 <!-- Max 5963468 OS 32516487 -->
 <!-- Max 6946251 -->
-Personal data encryption (PDE) is a security feature introduced in Windows 11, version 22H2 that provides additional encryption features to Windows. PDE differs from BitLocker in that it  encrypts individual files and content instead of whole volumes and disks. PDE occurs in addition to other encryption methods such as BitLocker.
+Starting in Windows 11, version 22H2, Personal Data Encryption (PDE) is a security feature that provides more encryption capabilities to Windows.
 PDE differs from BitLocker in that it  encrypts individual files and content instead of whole volumes and disks. PDE occurs in addition to other encryption methods such as BitLocker.
 PDE utilizes Windows Hello for Business to link data encryption keys with user credentials. This feature can minimize the number of credentials the user has to remember to gain access to content. For example, when using BitLocker with PIN, a user would need to authenticate twice - once with the BitLocker PIN and a second time with Windows credentials. This requirement requires users to remember two different credentials. With PDE, users only need to enter one set of credentials via Windows Hello for Business.
--- a/windows/security/operating-system-security/data-protection/personal-data-encryption/index.md
+++ b/windows/security/operating-system-security/data-protection/personal-data-encryption/index.md
@ -1,44 +1,30 @@
 ---
 title: Personal Data Encryption (PDE)
 description: Personal Data Encryption unlocks user encrypted files at user sign-in instead of at boot.
 author: frankroj
 ms.author: frankroj
 ms.reviewer: rhonnegowda
 manager: aaroncz
 ms.topic: how-to
 ms.prod: windows-client
 ms.technology: itpro-security
 ms.localizationpriority: medium
 ms.date: 03/13/2023
 ---
 <!-- Max 5963468 OS 32516487 -->
 <!-- Max 6946251 -->
 # Personal Data Encryption (PDE)
 **Applies to:**
 - Windows 11, version 22H2 and later Enterprise and Education editions
 [!INCLUDE [Personal Data Encryption (PDE) description](includes/pde-description.md)]
-[!INCLUDE [personal-data-encryption-pde](../../../../includes/licensing/personal-data-encryption-pde.md)]
+[!INCLUDE [personal-data-encryption-pde](../../../../../includes/licensing/personal-data-encryption-pde.md)]
 ## Prerequisites
 ### Required
 - [Azure AD joined device](/azure/active-directory/devices/concept-azure-ad-join)
- [Windows Hello for Business](../../identity-protection/hello-for-business/hello-overview.md)
+- [Windows Hello for Business Overview](../../../identity-protection/hello-for-business/hello-overview.md)
 - Windows 11, version 22H2 and later Enterprise and Education editions
 ### Not supported with PDE
 - [FIDO/security key authentication](/azure/active-directory/authentication/howto-authentication-passwordless-security-key)
 - [Winlogon automatic restart sign-on (ARSO)](/windows-server/identity/ad-ds/manage/component-updates/winlogon-automatic-restart-sign-on--arso-)
-  - For information on disabling ARSO via Intune, see [Disable Winlogon automatic restart sign-on (ARSO)](pde-in-intune/intune-disable-arso.md).
+  - For information on disabling ARSO via Intune, see [Disable Winlogon automatic restart sign-on (ARSO)](intune-disable-arso.md).
- [Windows Information Protection (WIP)](../windows-information-protection/protect-enterprise-data-using-wip.md)
+- [Protect your enterprise data using Windows Information Protection (WIP)](../../../information-protection/windows-information-protection/protect-enterprise-data-using-wip.md)
 - [Hybrid Azure AD joined devices](/azure/active-directory/devices/concept-azure-ad-join-hybrid)
 - Remote Desktop connections
@ -46,15 +32,15 @@ ms.date: 03/13/2023
 - [Kernel-mode crash dumps  and live dumps disabled](/windows/client-management/mdm/policy-csp-memorydump#memorydump-policies)
-   Kernel-mode crash dumps and live dumps can potentially cause the keys used by PDE to protect content to be exposed. For greatest security, disable kernel-mode crash dumps and live dumps. For information on disabling crash dumps and live dumps via Intune, see [Disable kernel-mode crash dumps and live dumps](pde-in-intune/intune-disable-memory-dumps.md).
+   Kernel-mode crash dumps and live dumps can potentially cause the keys used by PDE to protect content to be exposed. For greatest security, disable kernel-mode crash dumps and live dumps. For information on disabling crash dumps and live dumps via Intune, see [Disable kernel-mode crash dumps and live dumps](intune-disable-memory-dumps.md).
 - [Windows Error Reporting (WER) disabled/User-mode crash dumps disabled](/windows/client-management/mdm/policy-csp-errorreporting#errorreporting-disablewindowserrorreporting)
-   Disabling Windows Error Reporting prevents user-mode crash dumps. User-mode crash dumps can potentially cause the keys used by PDE to protect content to be exposed. For greatest security, disable user-mode crash dumps. For more information on disabling crash dumps via Intune, see [Disable Windows Error Reporting (WER)/user-mode crash dumps](pde-in-intune/intune-disable-wer.md).
+   Disabling Windows Error Reporting prevents user-mode crash dumps. User-mode crash dumps can potentially cause the keys used by PDE to protect content to be exposed. For greatest security, disable user-mode crash dumps. For more information on disabling crash dumps via Intune, see [Disable Windows Error Reporting (WER)/user-mode crash dumps](intune-disable-wer.md).
 - [Hibernation disabled](/windows/client-management/mdm/policy-csp-power#power-allowhibernate)
-   Hibernation files can potentially cause the keys used by PDE to protect content to be exposed. For greatest security, disable hibernation. For more information on disabling crash dumps via Intune, see [Disable hibernation](pde-in-intune/intune-disable-hibernation.md).
+   Hibernation files can potentially cause the keys used by PDE to protect content to be exposed. For greatest security, disable hibernation. For more information on disabling crash dumps via Intune, see [Disable hibernation](intune-disable-hibernation.md).
 - [Allowing users to select when a password is required when resuming from connected standby disabled](/windows/client-management/mdm/policy-csp-admx-credentialproviders#admx-credentialproviders-allowdomaindelaylock)
@ -76,11 +62,11 @@ ms.date: 03/13/2023
    Because of this undesired outcome, it's recommended to explicitly disable this policy on Azure AD joined devices instead of leaving it at the default of **Not configured**.
-   For information on disabling this policy via Intune, see [Disable allowing users to select when a password is required when resuming from connected standby](pde-in-intune/intune-disable-password-connected-standby.md).
+   For information on disabling this policy via Intune, see [Disable allowing users to select when a password is required when resuming from connected standby](intune-disable-password-connected-standby.md).
 ### Highly recommended
- [BitLocker Drive Encryption](../bitlocker/bitlocker-overview.md) enabled
+- [BitLocker Drive Encryption](../bitlocker/index.md) enabled
   Although PDE will work without BitLocker, it's recommended to also enable BitLocker. PDE is meant to work alongside BitLocker for increased security. PDE isn't a replacement for BitLocker.
@ -88,7 +74,7 @@ ms.date: 03/13/2023
   In certain scenarios such as TPM resets or destructive PIN resets, the keys used by PDE to protect content will be lost. In such scenarios, any content protected with PDE will no longer be accessible. The only way to recover such content would be from backup.
- [Windows Hello for Business PIN reset service](../../identity-protection/hello-for-business/hello-feature-pin-reset.md)
+- [Windows Hello for Business PIN reset service](../../../identity-protection/hello-for-business/hello-feature-pin-reset.md)
   Destructive PIN resets will cause keys used by PDE to protect content to be lost. A destructive PIN reset will make any content protected with PDE no longer accessible after the destructive PIN reset has occurred. Content protected with PDE will need to be recovered from a backup after a destructive PIN reset. For this reason Windows Hello for Business PIN reset service is recommended since it provides non-destructive PIN resets.
@ -137,7 +123,7 @@ There's also a [PDE CSP](/windows/client-management/mdm/personaldataencryption-c
 > [!NOTE]
 > Enabling the PDE policy on devices only enables the PDE feature. It does not protect any content. To protect content via PDE, use the [PDE APIs](/uwp/api/windows.security.dataprotection.userdataprotectionmanager). The PDE APIs can be used to create custom applications and scripts to specify which content to protect and at what level to protect the content. Additionally, the PDE APIs can't be used to protect content until the PDE policy has been enabled.
-For information on enabling PDE via Intune, see [Enable Personal Data Encryption (PDE)](pde-in-intune/intune-enable-pde.md).
+For information on enabling PDE via Intune, see [Enable Personal Data Encryption (PDE)](intune-enable-pde.md).
 ## Differences between PDE and BitLocker
--- a/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-arso.md
+++ b/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-arso.md
@ -1,15 +1,8 @@
 ---
 title: Disable Winlogon automatic restart sign-on (ARSO) for PDE in Intune
 description: Disable Winlogon automatic restart sign-on (ARSO) for PDE in Intune
 author: frankroj
 ms.author: frankroj
 ms.reviewer: rhonnegowda
 manager: aaroncz
 ms.topic: how-to
-ms.prod: windows-client
+ms.date: 06/01/2023
 ms.technology: itpro-security
 ms.localizationpriority: medium
 ms.date: 03/13/2023
 ---
 # Disable Winlogon automatic restart sign-on (ARSO) for PDE
@ -20,81 +13,51 @@ Winlogon automatic restart sign-on (ARSO) isn't supported for use with Personal
 To disable ARSO using Intune, follow the below steps:
-1. Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
+1. Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431)
-
+1. In the **Home** screen, select **Devices** in the left pane
-1. In the **Home** screen, select **Devices** in the left pane.
+1. In the **Devices | Overview** screen, under **Policy**, select **Configuration Profiles**
-
+1. In the **Devices | Configuration profiles** screen, make sure **Profiles** is selected at the top, and then select **Create profile**
 1. In the **Devices | Overview** screen, under **Policy**, select **Configuration Profiles**.
 1. In the **Devices | Configuration profiles** screen, make sure **Profiles** is selected at the top, and then select **Create profile**.
 1. In the **Create profile** window that opens:
-
+   1. Under **Platform**, select **Windows 10 and later**
-   1. Under **Platform**, select **Windows 10 and later**.
+   1. Under **Profile type**, select **Templates**
-
+   1. When the templates appear, under **Template name**, select **Administrative templates**
   1. Under **Profile type**, select **Templates**.
   1. When the templates appear, under **Template name**, select **Administrative templates**.
   1. Select **Create** to close the **Create profile** window.
 1. The **Create profile** screen will open. In the **Basics** page:
-
+   1. Next to **Name**, enter **Disable ARSO**
-   1. Next to **Name**, enter **Disable ARSO**.
+   1. Next to **Description**, enter a description
-
+   1. Select **Next**
   1. Next to **Description**, enter a description.
   1. Select **Next**.
 1. In the **Configuration settings** page:
-
+   1. On the left pane of the page, make sure **Computer Configuration** is selected
-   1. On the left pane of the page, make sure **Computer Configuration** is selected.
+   1. Under **Setting name**, scroll down and select **Windows Components**
-
+   1. Under **Setting name**, scroll down and select **Windows Logon Options**. You may need to navigate between pages on the bottom right corner before finding the **Windows Logon Options** option
-   1. Under **Setting name**, scroll down and select **Windows Components**.
+   1. Under **Setting name** of the **Windows Logon Options** pane, select **Sign-in and lock last interactive user automatically after a restart**
-
+   1. In the **Sign-in and lock last interactive user automatically after a restart** window that opens, select **Disabled**, and then select **OK**
-   1. Under **Setting name**, scroll down and select **Windows Logon Options**. You may need to navigate between pages on the bottom right corner before finding the **Windows Logon Options** option.
+   1. Select **Next**
-
+1. In the **Scope tags** page, configure if necessary and then select **Next**
   1. Under **Setting name** of the **Windows Logon Options** pane, select **Sign-in and lock last interactive user automatically after a restart**.
   1. In the **Sign-in and lock last interactive user automatically after a restart** window that opens, select **Disabled**, and then select **OK**.
   1. Select **Next**.
 1. In the **Scope tags** page, configure if necessary and then select **Next**.
 1. In the **Assignments** page:
-
+   1. Under **Included groups**, select **Add groups**
   1. Under **Included groups**, select **Add groups**.
        > [!NOTE]
        >
        > Make sure to select **Add groups** under **Included groups** and not under **Excluded groups**. Accidentally adding the desired device groups under **Excluded groups** will result in those devices being excluded and they won't receive the configuration profile.
-
+   1. In the **Select groups to include** window that opens, select the groups that the configuration profile should be assigned to, and then select **Select** to close the **Select groups to include** window
-   1. In the **Select groups to include** window that opens, select the groups that the configuration profile should be assigned to, and then select **Select** to close the **Select groups to include** window.
+   1. Under **Included groups** > **Groups**, ensure the correct group(s) are selected, and then select **Next**
-
+1. In **Review + create** page, review the configuration to make sure everything is configured correctly, and then select **Create**
   1. Under **Included groups** > **Groups**, ensure the correct group(s) are selected, and then select **Next**.
 1. In **Review + create** page, review the configuration to make sure everything is configured correctly, and then select **Create**.
 ## Additional PDE configurations in Intune
 The following PDE configurations can also be configured using Intune:
-### Required prerequisites
+### Prerequisites
- [Enable Personal Data Encryption (PDE)](../pde-in-intune/intune-enable-pde.md)
+- [Enable Personal Data Encryption (PDE)](intune-enable-pde.md)
 ### Security hardening recommendations
- [Disable kernel-mode crash dumps and live dumps](../pde-in-intune/intune-disable-memory-dumps.md)
+- [Disable kernel-mode crash dumps and live dumps](intune-disable-memory-dumps.md)
-
+- [Disable Windows Error Reporting (WER)/user-mode crash dumps](intune-disable-wer.md)
- [Disable Windows Error Reporting (WER)/user-mode crash dumps](../pde-in-intune/intune-disable-wer.md)
+- [Disable hibernation](intune-disable-hibernation.md)
-
+- [Disable allowing users to select when a password is required when resuming from connected standby](intune-disable-password-connected-standby.md)
 - [Disable hibernation](../pde-in-intune/intune-disable-hibernation.md)
 - [Disable allowing users to select when a password is required when resuming from connected standby](../pde-in-intune/intune-disable-password-connected-standby.md)
 ## More information
- [Personal Data Encryption (PDE)](../overview-pde.md)
+- [Personal Data Encryption (PDE)](index.md)
- [Personal Data Encryption (PDE) FAQ](../faq-pde.yml)
+- [Personal Data Encryption (PDE) FAQ](faq-pde.yml)
--- a/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-hibernation.md
+++ b/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-hibernation.md
@ -1,14 +1,7 @@
 ---
 title: Disable hibernation for PDE in Intune
 description: Disable hibernation for PDE in Intune
 author: frankroj
 ms.author: frankroj
 ms.reviewer: rhonnegowda
 manager: aaroncz
 ms.topic: how-to
 ms.prod: windows-client
 ms.technology: itpro-security
 ms.localizationpriority: medium
 ms.date: 03/13/2023
 ---
@ -20,79 +13,50 @@ Hibernation files can potentially cause the keys used by Personal Data Encryptio
 To disable hibernation using Intune, follow the below steps:
-1. Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
+1. Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431)
-
+1. In the **Home** screen, select **Devices** in the left pane
-1. In the **Home** screen, select **Devices** in the left pane.
+1. In the **Devices | Overview** screen, under **Policy**, select **Configuration Profiles**
-
+1. In the **Devices | Configuration profiles** screen, make sure **Profiles** is selected at the top, and then select **Create profile**
 1. In the **Devices | Overview** screen, under **Policy**, select **Configuration Profiles**.
 1. In the **Devices | Configuration profiles** screen, make sure **Profiles** is selected at the top, and then select **Create profile**.
 1. In the **Create profile** window that opens:
-
+   1. Under **Platform**, select **Windows 10 and later**
-   1. Under **Platform**, select **Windows 10 and later**.
+   1. Under **Profile type**, select **Settings catalog**
-
+   1. Select **Create** to close the **Create profile** window
   1. Under **Profile type**, select **Settings catalog**.
   1. Select **Create** to close the **Create profile** window.
 1. The **Create profile** screen will open. In the **Basics** page:
-
+   1. Next to **Name**, enter **Disable Hibernation**
-   1. Next to **Name**, enter **Disable Hibernation**.
+   1. Next to **Description**, enter a description
-
+   1. Select **Next**
   1. Next to **Description**, enter a description.
   1. Select **Next**.
 1. In the **Configuration settings** page:
-
+   1. select **Add settings**
   1. select **Add settings**.
   1. In the **Settings picker** window that opens:
-
+      1. Under **Browse by category**, scroll down and select **Power**
-      1. Under **Browse by category**, scroll down and select **Power**.
+      1. When the settings for the **Power** category appear under **Setting name** in the lower pane, select **Allow Hibernate**, and then select the **X** in the top right corner of the **Settings picker** window to close the window
-
+   1. Change **Allow Hibernate** from **Allow** to **Block** by selecting the slider next to the option
-      1. When the settings for the **Power** category appear under **Setting name** in the lower pane, select **Allow Hibernate**, and then select the **X** in the top right corner of the **Settings picker** window to close the window.
+   1. Select **Next**
-
+1. In the **Scope tags** page, configure if necessary and then select **Next**
   1. Change **Allow Hibernate** from **Allow** to **Block** by selecting the slider next to the option.
   1. Select **Next**.
 1. In the **Scope tags** page, configure if necessary and then select **Next**.
 1. In the **Assignments** page:
-
+   1. Under **Included groups**, select **Add groups**
   1. Under **Included groups**, select **Add groups**.
        > [!NOTE]
        >
        > Make sure to add the correct groups under **Included groups** and not under **Excluded groups**. Accidentally adding the desired device groups under **Excluded groups** will result in those devices being excluded and they won't receive the configuration profile.
-
+   1. In the **Select groups to include** window that opens, select the groups that the configuration profile should be assigned to, and then select **Select** to close the **Select groups to include** window
-   1. In the **Select groups to include** window that opens, select the groups that the configuration profile should be assigned to, and then select **Select** to close the **Select groups to include** window.
+   1. Under **Included groups** > **Groups**, ensure the correct group(s) are selected, and then select **Next**
-
+1. In **Review + create** page, review the configuration to make sure everything is configured correctly, and then select **Create**
   1. Under **Included groups** > **Groups**, ensure the correct group(s) are selected, and then select **Next**.
 1. In **Review + create** page, review the configuration to make sure everything is configured correctly, and then select **Create**.
 ## Additional PDE configurations in Intune
 The following PDE configurations can also be configured using Intune:
-### Required prerequisites
+### Prerequisites
- [Enable Personal Data Encryption (PDE)](../pde-in-intune/intune-enable-pde.md)
+- [Enable Personal Data Encryption (PDE)](intune-enable-pde.md)
-
+- [Disable Winlogon automatic restart sign-on (ARSO)](intune-disable-arso.md)
 - [Disable Winlogon automatic restart sign-on (ARSO)](../pde-in-intune/intune-disable-arso.md)
 ### Security hardening recommendations
- [Disable kernel-mode crash dumps and live dumps](../pde-in-intune/intune-disable-memory-dumps.md)
+- [Disable kernel-mode crash dumps and live dumps](intune-disable-memory-dumps.md)
-
+- [Disable Windows Error Reporting (WER)/user-mode crash dumps](intune-disable-wer.md)
- [Disable Windows Error Reporting (WER)/user-mode crash dumps](../pde-in-intune/intune-disable-wer.md)
+- [Disable allowing users to select when a password is required when resuming from connected standby](intune-disable-password-connected-standby.md)
 - [Disable allowing users to select when a password is required when resuming from connected standby](../pde-in-intune/intune-disable-password-connected-standby.md)
 ## More information
- [Personal Data Encryption (PDE)](../overview-pde.md)
+- [Personal Data Encryption (PDE)](index.md)
- [Personal Data Encryption (PDE) FAQ](../faq-pde.yml)
+- [Personal Data Encryption (PDE) FAQ](faq-pde.yml)
--- a/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-memory-dumps.md
+++ b/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-memory-dumps.md
@ -1,14 +1,7 @@
 ---
 title: Disable kernel-mode crash dumps and live dumps for PDE in Intune
 description: Disable kernel-mode crash dumps and live dumps for PDE in Intune
 author: frankroj
 ms.author: frankroj
 ms.reviewer: rhonnegowda
 manager: aaroncz
 ms.topic: how-to
 ms.prod: windows-client
 ms.technology: itpro-security
 ms.localizationpriority: medium
 ms.date: 03/13/2023
 ---
@ -20,77 +13,49 @@ Kernel-mode crash dumps and live dumps can potentially cause the keys used by Pe
 To disable kernel-mode crash dumps and live dumps using Intune, follow the below steps:
-1. Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
+1. Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431)
-
+1. In the **Home** screen, select **Devices** in the left pane
-1. In the **Home** screen, select **Devices** in the left pane.
+1. In the **Devices | Overview** screen, under **Policy**, select **Configuration Profiles**
-
+1. In the **Devices | Configuration profiles** screen, make sure **Profiles** is selected at the top, and then select **Create profile**
 1. In the **Devices | Overview** screen, under **Policy**, select **Configuration Profiles**.
 1. In the **Devices | Configuration profiles** screen, make sure **Profiles** is selected at the top, and then select **Create profile**.
 1. In the **Create profile** window that opens:
-
+   1. Under **Platform**, select **Windows 10 and later**
-   1. Under **Platform**, select **Windows 10 and later**.
+   1. Under **Profile type**, select **Settings catalog**
-
+   1. Select **Create** to close the **Create profile** window
   1. Under **Profile type**, select **Settings catalog**.
   1. Select **Create** to close the **Create profile** window.
 1. The **Create profile** screen will open. In the **Basics** page:
-
+   1. Next to **Name**, enter **Disable Kernel-Mode Crash Dumps**
   1. Next to **Name**, enter **Disable Kernel-Mode Crash Dumps**.
   1. Next to **Description**, enter a description.
-
+   1. Select **Next**
   1. Select **Next**.
 1. In the **Configuration settings** page:
-
+   1. Select **Add settings**
   1. Select **Add settings**.
   1. In the **Settings picker** window that opens:
-
+      1. Under **Browse by category**, scroll down and select **Memory Dump**
-      1. Under **Browse by category**, scroll down and select **Memory Dump**.
+      1. When the settings for the **Memory Dump** category appear under **Setting name** in the lower pane, select both **Allow Crash Dump** and **Allow Live Dump**, and then select the **X** in the top right corner of the **Settings picker** window to close the window
-
+   1. Change both **Allow Live Dump** and **Allow Crash Dump** from **Allow** to **Block** by selecting the slider next to each option, and then select **Next**
-      1. When the settings for the **Memory Dump** category appear under **Setting name** in the lower pane, select both **Allow Crash Dump** and **Allow Live Dump**, and then select the **X** in the top right corner of the **Settings picker** window to close the window.
+1. In the **Scope tags** page, configure if necessary and then select **Next**
   1. Change both **Allow Live Dump** and **Allow Crash Dump** from **Allow** to **Block** by selecting the slider next to each option, and then select **Next**.
 1. In the **Scope tags** page, configure if necessary and then select **Next**.
 1. In the **Assignments** page:
-
+   1. Under **Included groups**, select **Add groups**
   1. Under **Included groups**, select **Add groups**.
        > [!NOTE]
        >
        > Make sure to add the correct groups under **Included groups** and not under **Excluded groups**. Accidentally adding the desired device groups under **Excluded groups** will result in those devices being excluded and they won't receive the configuration profile.
-
+   1. In the **Select groups to include** window that opens, select the groups that the configuration profile should be assigned to, and then select **Select** to close the **Select groups to include** window
-   1. In the **Select groups to include** window that opens, select the groups that the configuration profile should be assigned to, and then select **Select** to close the **Select groups to include** window.
+   1. Under **Included groups** > **Groups**, ensure the correct group(s) are selected, and then select **Next**
-
+1. In **Review + create** page, review the configuration to make sure everything is configured correctly, and then select **Create**
   1. Under **Included groups** > **Groups**, ensure the correct group(s) are selected, and then select **Next**.
 1. In **Review + create** page, review the configuration to make sure everything is configured correctly, and then select **Create**.
 ## Additional PDE configurations in Intune
 The following PDE configurations can also be configured using Intune:
-### Required prerequisites
+### Prerequisites
- [Enable Personal Data Encryption (PDE)](../pde-in-intune/intune-enable-pde.md)
+- [Enable Personal Data Encryption (PDE)](intune-enable-pde.md)
-
+- [Disable Winlogon automatic restart sign-on (ARSO)](intune-disable-arso.md)
 - [Disable Winlogon automatic restart sign-on (ARSO)](../pde-in-intune/intune-disable-arso.md)
 ### Security hardening recommendations
- [Disable Windows Error Reporting (WER)/user-mode crash dumps](../pde-in-intune/intune-disable-wer.md)
+- [Disable Windows Error Reporting (WER)/user-mode crash dumps](intune-disable-wer.md)
-
+- [Disable hibernation](intune-disable-hibernation.md)
- [Disable hibernation](../pde-in-intune/intune-disable-hibernation.md)
+- [Disable allowing users to select when a password is required when resuming from connected standby](intune-disable-password-connected-standby.md)
 - [Disable allowing users to select when a password is required when resuming from connected standby](../pde-in-intune/intune-disable-password-connected-standby.md)
 ## More information
- [Personal Data Encryption (PDE)](../overview-pde.md)
+- [Personal Data Encryption (PDE)](index.md)
- [Personal Data Encryption (PDE) FAQ](../faq-pde.yml)
+- [Personal Data Encryption (PDE) FAQ](faq-pde.yml)
--- a/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-password-connected-standby.md
+++ b/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-password-connected-standby.md
@ -1,14 +1,7 @@
 ---
 title: Disable allowing users to select when a password is required when resuming from connected standby for PDE in Intune
 description: Disable allowing users to select when a password is required when resuming from connected standby for PDE in Intune
 author: frankroj
 ms.author: frankroj
 ms.reviewer: rhonnegowda
 manager: aaroncz
 ms.topic: how-to
 ms.prod: windows-client
 ms.technology: itpro-security
 ms.localizationpriority: medium
 ms.date: 03/13/2023
 ---
@ -17,18 +10,12 @@ ms.date: 03/13/2023
 When the **Disable allowing users to select when a password is required when resuming from connected standby** policy isn't configured, the outcome between on-premises Active Directory joined devices and workgroup devices, including Azure Active Directory joined devices, is different:
 - On-premises Active Directory joined devices:
-
+  - A user can't change the amount of time after the device's screen turns off before a password is required when waking the device
-  - A user can't change the amount of time after the device´s screen turns off before a password is required when waking the device.
+  - A password is required immediately after the screen turns off
-
+    The above is the desired outcome, but PDE isn't supported with on-premises Active Directory joined devices
  - A password is required immediately after the screen turns off.
    The above is the desired outcome, but PDE isn't supported with on-premises Active Directory joined devices.
 - Workgroup devices, including Azure AD joined devices:
-
+  - A user on a Connected Standby device can change the amount of time after the device´s screen turns off before a password is required to wake the device
-  - A user on a Connected Standby device can change the amount of time after the device´s screen turns off before a password is required to wake the device.
+  - During the time when the screen turns off but a password isn't required, the keys used by PDE to protect content could potentially be exposed. This outcome isn't a desired outcome
  - During the time when the screen turns off but a password isn't required, the keys used by PDE to protect content could potentially be exposed. This outcome isn't a desired outcome.
 Because of this undesired outcome, it's recommended to explicitly disable this policy on Azure AD joined devices instead of leaving it at the default of **Not configured**.
@ -36,83 +23,54 @@ Because of this undesired outcome, it's recommended to explicitly disable this p
 To disable the policy **Disable allowing users to select when a password is required when resuming from connected standby** using Intune, follow the below steps:
-1. Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
+1. Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431)
-
+1. In the **Home** screen, select **Devices** in the left pane
-1. In the **Home** screen, select **Devices** in the left pane.
+1. In the **Devices | Overview** screen, under **Policy**, select **Configuration Profiles**
-
+1. In the **Devices | Configuration profiles** screen, make sure **Profiles** is selected at the top, and then select **Create profile**
 1. In the **Devices | Overview** screen, under **Policy**, select **Configuration Profiles**.
 1. In the **Devices | Configuration profiles** screen, make sure **Profiles** is selected at the top, and then select **Create profile**.
 1. In the **Create profile** window that opens:
-
+   1. Under **Platform**, select **Windows 10 and later**
-   1. Under **Platform**, select **Windows 10 and later**.
+   1. Under **Profile type**, select **Settings catalog**
-
+   1. Select **Create** to close the **Create profile** window
   1. Under **Profile type**, select **Settings catalog**.
   1. Select **Create** to close the **Create profile** window.
 1. The **Create profile** screen will open. In the **Basics** page:
-
+    1. Next to **Name**, enter **Disable allowing users to select when a password is required when resuming from connected standby**
-    1. Next to **Name**, enter **Disable allowing users to select when a password is required when resuming from connected standby**.
+    1. Next to **Description**, enter a description
    1. Next to **Description**, enter a description.
    1. Select **Next**.
 1. In the **Configuration settings** page:
-
+   1. Select **Add settings**
   1. Select **Add settings**.
   1. In the **Settings picker** window that opens:
      1. Under **Browse by category**, expand **Administrative Templates**
      1. Under **Administrative Templates**, scroll down and expand **System**
      1. Under **System**, scroll down and select **Logon**
      1. When the settings for the **Logon** subcategory appear under **Setting name** in the lower pane, select **Allow users to select when a password is required when resuming from connected standby**, and then select the **X** in the top right corner of the **Settings picker** window to close the window
   1. Leave the slider for **Allow users to select when a password is required when resuming from connected standby** at the default of **Disabled**
   1. select **Next**
-      1. Under **Browse by category**, expand **Administrative Templates**.
+1. In the **Scope tags** page, configure if necessary and then select **Next**
      1. Under **Administrative Templates**, scroll down and expand **System**.
      1. Under **System**, scroll down and select **Logon**.
      1. When the settings for the **Logon** subcategory appear under **Setting name** in the lower pane, select **Allow users to select when a password is required when resuming from connected standby**, and then select the **X** in the top right corner of the **Settings picker** window to close the window.
   1. Leave the slider for **Allow users to select when a password is required when resuming from connected standby** at the default of **Disabled**.
   1. select **Next**.
 1. In the **Scope tags** page, configure if necessary and then select **Next**.
 1. In the **Assignments** page:
-
+   1. Under **Included groups**, select **Add groups**
   1. Under **Included groups**, select **Add groups**.
        > [!NOTE]
        >
        > Make sure to add the correct groups under **Included groups** and not under **Excluded groups**. Accidentally adding the desired device groups under **Excluded groups** will result in those devices being excluded and they won't receive the configuration profile.
-
+   1. In the **Select groups to include** window that opens, select the groups that the configuration profile should be assigned to, and then select **Select** to close the **Select groups to include** window
-   1. In the **Select groups to include** window that opens, select the groups that the configuration profile should be assigned to, and then select **Select** to close the **Select groups to include** window.
+   1. Under **Included groups** > **Groups**, ensure the correct group(s) are selected, and then select **Next**
-
+1. In **Review + create** page, review the configuration to make sure everything is configured correctly, and then select **Create**
   1. Under **Included groups** > **Groups**, ensure the correct group(s) are selected, and then select **Next**.
 1. In **Review + create** page, review the configuration to make sure everything is configured correctly, and then select **Create**.
 ## Additional PDE configurations in Intune
 The following PDE configurations can also be configured using Intune:
-### Required prerequisites
+### Prerequisites
- [Enable Personal Data Encryption (PDE)](../pde-in-intune/intune-enable-pde.md)
+- [Enable Personal Data Encryption (PDE)](intune-enable-pde.md)
-
+- [Disable Winlogon automatic restart sign-on (ARSO)](intune-disable-arso.md)
 - [Disable Winlogon automatic restart sign-on (ARSO)](../pde-in-intune/intune-disable-arso.md)
 ### Security hardening recommendations
- [Disable kernel-mode crash dumps and live dumps](../pde-in-intune/intune-disable-memory-dumps.md)
+- [Disable kernel-mode crash dumps and live dumps](intune-disable-memory-dumps.md)
-
+- [Disable Windows Error Reporting (WER)/user-mode crash dumps](intune-disable-wer.md)
- [Disable Windows Error Reporting (WER)/user-mode crash dumps](../pde-in-intune/intune-disable-wer.md)
+- [Disable hibernation](intune-disable-hibernation.md)
 - [Disable hibernation](../pde-in-intune/intune-disable-hibernation.md)
 ## More information
- [Personal Data Encryption (PDE)](../overview-pde.md)
+- [Personal Data Encryption (PDE)](index.md)
- [Personal Data Encryption (PDE) FAQ](../faq-pde.yml)
+- [Personal Data Encryption (PDE) FAQ](faq-pde.yml)
--- a/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-wer.md
+++ b/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-disable-wer.md
@ -1,14 +1,7 @@
 ---
 title: Disable Windows Error Reporting (WER)/user-mode crash dumps for PDE in Intune
 description: Disable Windows Error Reporting (WER)/user-mode crash dumps for PDE in Intune
 author: frankroj
 ms.author: frankroj
 ms.reviewer: rhonnegowda
 manager: aaroncz
 ms.topic: how-to
 ms.prod: windows-client
 ms.technology: itpro-security
 ms.localizationpriority: medium
 ms.date: 03/13/2023
 ---
@ -20,83 +13,52 @@ Disabling Windows Error Reporting prevents user-mode crash dumps. User-mode cras
 To disable Windows Error Reporting (WER) and user-mode crash dumps using Intune, follow the below steps:
-1. Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
+1. Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431)
-
+1. In the **Home** screen, select **Devices** in the left pane
-1. In the **Home** screen, select **Devices** in the left pane.
+1. In the **Devices | Overview** screen, under **Policy**, select **Configuration Profiles**
-
+1. In the **Devices | Configuration profiles** screen, make sure **Profiles** is selected at the top, and then select **Create profile**
 1. In the **Devices | Overview** screen, under **Policy**, select **Configuration Profiles**.
 1. In the **Devices | Configuration profiles** screen, make sure **Profiles** is selected at the top, and then select **Create profile**.
 1. In the **Create profile** window that opens:
-
+   1. Under **Platform**, select **Windows 10 and later**
-   1. Under **Platform**, select **Windows 10 and later**.
+   1. Under **Profile type**, select **Settings catalog**
-
+   1. Select **Create** to close the **Create profile** window
   1. Under **Profile type**, select **Settings catalog**.
   1. Select **Create** to close the **Create profile** window.
 1. The **Create profile** screen will open. In the **Basics** page:
-
+   1. Next to **Name**, enter **Disable Windows Error Reporting (WER)**
-   1. Next to **Name**, enter **Disable Windows Error Reporting (WER)**.
+   1. Next to **Description**, enter a description
-
+   1. Select **Next**
   1. Next to **Description**, enter a description.
   1. Select **Next**.
 1. In the **Configuration settings** page:
-
+   1. Select **Add settings**
   1. Select **Add settings**.
   1. In the **Settings picker** window that opens:
-
+      1. Under **Browse by category**, expand **Administrative Templates**
-      1. Under **Browse by category**, expand **Administrative Templates**.
+      1. Under **Administrative Templates**, scroll down and expand **Windows Components**
-
+      1. Under **Windows Components**, scroll down and select **Windows Error Reporting**. Make sure to only select **Windows Error Reporting** and not to expand it
-      1. Under **Administrative Templates**, scroll down and expand **Windows Components**.
+      1. When the settings for the **Windows Error Reporting** subcategory appear under **Setting name** in the lower pane, select **Disable Windows Error Reporting**, and then select the **X** in the top right corner of the **Settings picker** window to close the window
-
+   1. Change **Disable Windows Error Reporting** from **Disabled** to **Enabled** by selecting the slider next to the option
-      1. Under **Windows Components**, scroll down and select **Windows Error Reporting**. Make sure to only select **Windows Error Reporting** and not to expand it.
+   1. Select **Next**
-
+1. In the **Scope tags** page, configure if necessary and then select **Next**
      1. When the settings for the **Windows Error Reporting** subcategory appear under **Setting name** in the lower pane, select **Disable Windows Error Reporting**, and then select the **X** in the top right corner of the **Settings picker** window to close the window.
   1. Change **Disable Windows Error Reporting** from **Disabled** to **Enabled** by selecting the slider next to the option.
   1. Select **Next**.
 1. In the **Scope tags** page, configure if necessary and then select **Next**.
 1. In the **Assignments** page:
-
+   1. Under **Included groups**, select **Add groups**
   1. Under **Included groups**, select **Add groups**.
        > [!NOTE]
        >
        > Make sure to add the correct groups under **Included groups** and not under **Excluded groups**. Accidentally adding the desired device groups under **Excluded groups** will result in those devices being excluded and they won't receive the configuration profile.
-
+   1. In the **Select groups to include** window that opens, select the groups that the configuration profile should be assigned to, and then select **Select** to close the **Select groups to include** window
-   1. In the **Select groups to include** window that opens, select the groups that the configuration profile should be assigned to, and then select **Select** to close the **Select groups to include** window.
+   1. Under **Included groups** > **Groups**, ensure the correct group(s) are selected, and then select **Next**
-
+1. In **Review + create** page, review the configuration to make sure everything is configured correctly, and then select **Create**
   1. Under **Included groups** > **Groups**, ensure the correct group(s) are selected, and then select **Next**.
 1. In **Review + create** page, review the configuration to make sure everything is configured correctly, and then select **Create**.
 ## Additional PDE configurations in Intune
 The following PDE configurations can also be configured using Intune:
-### Required prerequisites
+### Prerequisites
- [Enable Personal Data Encryption (PDE)](../pde-in-intune/intune-enable-pde.md)
+- [Enable Personal Data Encryption (PDE)](intune-enable-pde.md)
-
+- [Disable Winlogon automatic restart sign-on (ARSO)](intune-disable-arso.md)
 - [Disable Winlogon automatic restart sign-on (ARSO)](../pde-in-intune/intune-disable-arso.md)
 ### Security hardening recommendations
- [Disable kernel-mode crash dumps and live dumps](../pde-in-intune/intune-disable-memory-dumps.md)
+- [Disable kernel-mode crash dumps and live dumps](intune-disable-memory-dumps.md)
-
+- [Disable hibernation](intune-disable-hibernation.md)
- [Disable hibernation](../pde-in-intune/intune-disable-hibernation.md)
+- [Disable allowing users to select when a password is required when resuming from connected standby](intune-disable-password-connected-standby.md)
 - [Disable allowing users to select when a password is required when resuming from connected standby](../pde-in-intune/intune-disable-password-connected-standby.md)
 ## More information
- [Personal Data Encryption (PDE)](../overview-pde.md)
+- [Personal Data Encryption (PDE)](index.md)
- [Personal Data Encryption (PDE) FAQ](../faq-pde.yml)
+- [Personal Data Encryption (PDE) FAQ](faq-pde.yml)
--- a/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-enable-pde.md
+++ b/windows/security/operating-system-security/data-protection/personal-data-encryption/intune-enable-pde.md
@ -1,14 +1,7 @@
 ---
 title: Enable Personal Data Encryption (PDE) in Intune
 description: Enable Personal Data Encryption (PDE) in Intune
 author: frankroj
 ms.author: frankroj
 ms.reviewer: rhonnegowda
 manager: aaroncz
 ms.topic: how-to
 ms.prod: windows-client
 ms.technology: itpro-security
 ms.localizationpriority: medium
 ms.date: 03/13/2023
 ---
@ -24,89 +17,54 @@ By default, Personal Data Encryption (PDE) is not enabled on devices. Before PDE
 To enable Personal Data Encryption (PDE) using Intune, follow the below steps:
 1. Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
-
+1. In the **Home** screen, select **Devices** in the left pane
-1. In the **Home** screen, select **Devices** in the left pane.
+1. In the **Devices | Overview** screen, under **Policy**, select **Configuration Profiles**
-
+1. In the **Devices | Configuration profiles** screen, make sure **Profiles** is selected at the top, and then select **Create profile**
 1. In the **Devices | Overview** screen, under **Policy**, select **Configuration Profiles**.
 1. In the **Devices | Configuration profiles** screen, make sure **Profiles** is selected at the top, and then select **Create profile**.
 1. In the **Create profile** window that opens:
-
+   1. Under **Platform**, select **Windows 10 and later**
-   1. Under **Platform**, select **Windows 10 and later**.
+   1. Under **Profile type**, select **Templates**
-
+   1. When the templates appears, under **Template name**, select **Custom**
-   1. Under **Profile type**, select **Templates**.
+   1. Select **Create** to close the **Create profile** window
   1. When the templates appears, under **Template name**, select **Custom**.
   1. Select **Create** to close the **Create profile** window.
 1. The **Custom** screen will open. In the **Basics** page:
-
+   1. Next to **Name**, enter **Personal Data Encryption**
-   1. Next to **Name**, enter **Personal Data Encryption**.
+   1. Next to **Description**, enter a description
-
+   1. Select **Next**
   1. Next to **Description**, enter a description.
   1. Select **Next**.
 1. In **Configuration settings** page:
-
+   1. Next to **OMA-URI Settings**, select **Add**
   1. Next to **OMA-URI Settings**, select **Add**.
   1. In the **Add Row** window that opens:
-
+     1. Next to **Name**, enter **Personal Data Encryption**
-     1. Next to **Name**, enter **Personal Data Encryption**.
+     1. Next to **Description**, enter a description
     1. Next to **Description**, enter a description.
     1. Next to **OMA-URI**, enter in:
        **`./User/Vendor/MSFT/PDE/EnablePersonalDataEncryption`**
-
+     1. Next to **Data type**, select **Integer**
-     1. Next to **Data type**, select **Integer**.
+     1. Next to **Value**, enter in **1**
-
+     1. Select **Save** to close the **Add Row** window
-     1. Next to **Value**, enter in **1**.
+   1. Select **Next**
     1. Select **Save** to close the **Add Row** window.
   1. Select **Next**.
 1. In the **Assignments** page:
-
+   1. Under **Included groups**, select **Add groups**
   1. Under **Included groups**, select **Add groups**.
        > [!NOTE]
        >
        > Make sure to add the correct groups under **Included groups** and not under **Excluded groups**. Accidentally adding the desired device groups under **Excluded groups** will result in those devices being excluded and they won't receive the configuration profile.
-
+   1. In the **Select groups to include** window that opens, select the groups that the configuration profile should be assigned to, and then select **Select** to close the **Select groups to include** window
-   1. In the **Select groups to include** window that opens, select the groups that the configuration profile should be assigned to, and then select **Select** to close the **Select groups to include** window.
+   1. Under **Included groups** > **Groups**, ensure the correct group(s) are selected, and then select **Next**
-
+1. In **Applicability Rules**, configure if necessary and then select **Next**
-   1. Under **Included groups** > **Groups**, ensure the correct group(s) are selected, and then select **Next**.
+1. In **Review + create** page, review the configuration to make sure everything is configured correctly, and then select **Create**
 1. In **Applicability Rules**, configure if necessary and then select **Next**.
 1. In **Review + create** page, review the configuration to make sure everything is configured correctly, and then select **Create**.
 ## Additional PDE configurations in Intune
 The following PDE configurations can also be configured using Intune:
-### Required prerequisites
+### Prerequisites
- [Disable Winlogon automatic restart sign-on (ARSO)](../pde-in-intune/intune-disable-arso.md)
+- [Disable Winlogon automatic restart sign-on (ARSO)](intune-disable-arso.md)
 ### Security hardening recommendations
- [Disable kernel-mode crash dumps and live dumps](../pde-in-intune/intune-disable-memory-dumps.md)
+- [Disable kernel-mode crash dumps and live dumps](intune-disable-memory-dumps.md)
-
+- [Disable Windows Error Reporting (WER)/user-mode crash dumps](intune-disable-wer.md)
- [Disable Windows Error Reporting (WER)/user-mode crash dumps](../pde-in-intune/intune-disable-wer.md)
+- [Disable hibernation](intune-disable-hibernation.md)
-
+- [Disable allowing users to select when a password is required when resuming from connected standby](intune-disable-password-connected-standby.md)
 - [Disable hibernation](../pde-in-intune/intune-disable-hibernation.md)
 - [Disable allowing users to select when a password is required when resuming from connected standby](../pde-in-intune/intune-disable-password-connected-standby.md)
 ## More information
- [Personal Data Encryption (PDE)](../overview-pde.md)
+- [Personal Data Encryption (PDE)](index.md)
- [Personal Data Encryption (PDE) FAQ](../faq-pde.yml)
+- [Personal Data Encryption (PDE) FAQ](faq-pde.yml)
--- a/windows/security/operating-system-security/data-protection/personal-data-encryption/toc.yml
+++ b/windows/security/operating-system-security/data-protection/personal-data-encryption/toc.yml
@ -0,0 +1,19 @@
 items:
 - name: Overview
  href: index.md
 - name: Configure PDE with Intune
  href: configure-pde-in-intune.md
 - name: Enable Personal Data Encryption (PDE)
  href: intune-enable-pde.md
 - name: Disable Winlogon automatic restart sign-on (ARSO) for PDE
  href: intune-disable-arso.md
 - name: Disable kernel-mode crash dumps and live dumps for PDE
  href: intune-disable-memory-dumps.md
 - name: Disable Windows Error Reporting (WER)/user-mode crash dumps for PDE
  href: intune-disable-wer.md
 - name: Disable hibernation for PDE
  href: intune-disable-hibernation.md
 - name: Disable allowing users to select when a password is required when resuming from connected standby for PDE
  href: intune-disable-password-connected-standby.md
 - name: PDE frequently asked questions (FAQ)
  href: faq-pde.yml
--- a/windows/security/operating-system-security/data-protection/toc.yml
+++ b/windows/security/operating-system-security/data-protection/toc.yml
@ -1,104 +1,12 @@
 items:
 - name: Overview
-  href: ../../encryption-data-protection.md
+  href: index.md
 - name: BitLocker
-  href: ../../information-protection/bitlocker/bitlocker-overview.md
+  href: bitlocker/toc.yml
  items:
  - name: Overview of BitLocker Device Encryption in Windows
    href: ../../information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
  - name: BitLocker frequently asked questions (FAQ)
    href: ../../information-protection/bitlocker/bitlocker-frequently-asked-questions.yml
    items:
    - name: Overview and requirements
      href: ../../information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml
    - name: Upgrading
      href: ../../information-protection/bitlocker/bitlocker-upgrading-faq.yml
    - name: Deployment and administration
      href: ../../information-protection/bitlocker/bitlocker-deployment-and-administration-faq.yml
    - name: Key management
      href: ../../information-protection/bitlocker/bitlocker-key-management-faq.yml
    - name: BitLocker To Go
      href: ../../information-protection/bitlocker/bitlocker-to-go-faq.yml
    - name: Active Directory Domain Services
      href: ../../information-protection/bitlocker/bitlocker-and-adds-faq.yml
    - name: Security
      href: ../../information-protection/bitlocker/bitlocker-security-faq.yml
    - name: BitLocker Network Unlock
      href: ../../information-protection/bitlocker/bitlocker-network-unlock-faq.yml
    - name: General
      href: ../../information-protection/bitlocker/bitlocker-using-with-other-programs-faq.yml
  - name: "Prepare your organization for BitLocker: Planning and policies"
    href: ../../information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md
  - name: BitLocker deployment comparison
    href: ../../information-protection/bitlocker/bitlocker-deployment-comparison.md
  - name: BitLocker basic deployment
    href: ../../information-protection/bitlocker/bitlocker-basic-deployment.md
  - name: Deploy BitLocker on Windows Server 2012 and later
    href: ../../information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md
  - name: BitLocker management
    href: ../../information-protection/bitlocker/bitlocker-management-for-enterprises.md
  - name: Enable Network Unlock with BitLocker
    href: ../../information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md
  - name: Use BitLocker Drive Encryption Tools to manage BitLocker
    href: ../../information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md
  - name: Use BitLocker Recovery Password Viewer
    href: ../../information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md
  - name: BitLocker Group Policy settings
    href: ../../information-protection/bitlocker/bitlocker-group-policy-settings.md
  - name: BCD settings and BitLocker
    href: ../../information-protection/bitlocker/bcd-settings-and-bitlocker.md
  - name: BitLocker Recovery Guide
    href: ../../information-protection/bitlocker/bitlocker-recovery-guide-plan.md
  - name: BitLocker Countermeasures
    href: ../../information-protection/bitlocker/bitlocker-countermeasures.md
  - name: Protecting cluster shared volumes and storage area networks with BitLocker
    href: ../../information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md
  - name: Troubleshoot BitLocker
    items:
      - name: Troubleshoot BitLocker
        href: /troubleshoot/windows-client/windows-security/bitlocker-issues-troubleshooting
      - name: "BitLocker cannot encrypt a drive: known issues"
        href: /troubleshoot/windows-client/windows-security/bitlocker-cannot-encrypt-a-drive-known-issues
      - name: "Enforcing BitLocker policies by using Intune: known issues"
        href: /troubleshoot/windows-client/windows-security/enforcing-bitlocker-policies-by-using-intune-known-issues
      - name: "BitLocker Network Unlock: known issues"
        href: /troubleshoot/windows-client/windows-security/bitlocker-network-unlock-known-issues
      - name: "BitLocker recovery: known issues"
        href: /troubleshoot/windows-client/windows-security/bitlocker-recovery-known-issues
      - name: "BitLocker configuration: known issues"
        href: /troubleshoot/windows-client/windows-security/bitlocker-configuration-known-issues
      - name: Troubleshoot BitLocker and TPM issues
        items:
          - name: "BitLocker cannot encrypt a drive: known TPM issues"
            href: /troubleshoot/windows-client/windows-security/bitlocker-cannot-encrypt-a-drive-known-tpm-issues
          - name: "BitLocker and TPM: other known issues"
            href: /troubleshoot/windows-client/windows-security/bitlocker-and-tpm-other-known-issues
          - name: Decode Measured Boot logs to track PCR changes
            href: /troubleshoot/windows-client/windows-security/decode-measured-boot-logs-to-track-pcr-changes
 - name: Encrypted Hard Drive
-  href: ../../information-protection/encrypted-hard-drive.md
+  href: encrypted-hard-drive.md
 - name: Personal Data Encryption (PDE)
-  items:
+  href: personal-data-encryption/toc.yml
  - name: Personal Data Encryption (PDE) overview
    href: ../../information-protection/personal-data-encryption/overview-pde.md
  - name: Personal Data Encryption (PDE) frequently asked questions (FAQ)
    href: ../../information-protection/personal-data-encryption/faq-pde.yml
  - name: Configure Personal Data Encryption (PDE) in Intune
    items:
    - name: Configure Personal Data Encryption (PDE) in Intune
      href: ../../information-protection/personal-data-encryption/configure-pde-in-intune.md
    - name: Enable Personal Data Encryption (PDE)
      href: ../../information-protection/personal-data-encryption/pde-in-intune/intune-enable-pde.md
    - name: Disable Winlogon automatic restart sign-on (ARSO) for PDE
      href: ../../information-protection/personal-data-encryption/pde-in-intune/intune-disable-arso.md
    - name: Disable kernel-mode crash dumps and live dumps for PDE
      href: ../../information-protection/personal-data-encryption/pde-in-intune/intune-disable-memory-dumps.md
    - name: Disable Windows Error Reporting (WER)/user-mode crash dumps for PDE
      href: ../../information-protection/personal-data-encryption/pde-in-intune/intune-disable-wer.md
    - name: Disable hibernation for PDE
      href: ../../information-protection/personal-data-encryption/pde-in-intune/intune-disable-hibernation.md
    - name: Disable allowing users to select when a password is required when resuming from connected standby for PDE
      href: ../../information-protection/personal-data-encryption/pde-in-intune/intune-disable-password-connected-standby.md
 - name: Configure S/MIME for Windows
  href: configure-s-mime.md
 - name: Windows Information Protection (WIP)
--- a/windows/security/threat-protection/auditing/audit-security-group-management.md
+++ b/windows/security/threat-protection/auditing/audit-security-group-management.md
@ -83,7 +83,7 @@ This subcategory allows you to audit events generated by changes to security gro
  > [!IMPORTANT]
  > Event 4754(S) generates only for domain groups, so the Local sections in event [4731](event-4731.md) do not apply.
- 4755(S): A security-enabled universal group was changed. See event _[4735](event-4735.md): A security-enabled local group was changed._ Event 4737 is the same, but it is generated for a **universal** security group instead of a **local** security group. All event fields, XML, and recommendations are the same. The type of group is the only difference.
+- 4755(S): A security-enabled universal group was changed. See event _[4735](event-4735.md): A security-enabled local group was changed._ Event 4755 is the same, but it is generated for a **universal** security group instead of a **local** security group. All event fields, XML, and recommendations are the same. The type of group is the only difference.
  > [!IMPORTANT]
  > Event 4755(S) generates only for domain groups, so the Local sections in event [4735](event-4735.md) do not apply.
--- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain.md
@ -90,7 +90,7 @@ There are no security audit event policies that can be configured to view output
 This section describes how an attacker might exploit a feature or its configuration, how to implement the countermeasure, and the possible negative consequences of countermeasure implementation.
-NTLM and NTLMv2 authentication is vulnerable to various malicious attacks, including SMB replay, man-in-the-middle attacks, and brute force attacks. Reducing and eliminating NTLM authentication from your environment forces the Windows operating system to use more secure protocols, such as the 
+NTLM and NTLMv2 authentication is vulnerable to various malicious attacks, including SMB relay, man-in-the-middle attacks, and brute force attacks. Reducing and eliminating NTLM authentication from your environment forces the Windows operating system to use more secure protocols, such as the 
 Kerberos version 5 protocol, or different authentication mechanisms, such as smart cards.
 ### Vulnerability