Merge remote-tracking branch 'refs/remotes/origin/rs5' into jd5holo

2025-06-16 19:03:46 +00:00 · 2018-09-14 07:59:25 -07:00
parent 3d043d7f29 fd2c8865c7
commit 9a56383903
32 changed files with 113 additions and 105 deletions
--- a/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md
+++ b/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md
@ -9,7 +9,7 @@ ms.mktglfcycl: deploy
 ms.pagetype: surface, devices
 ms.sitesec: library
 author: brecords
-ms.date: 12/07/2017
+ms.date: 09/13/2018
 ms.author: jdecker
 ms.topic: article
 ---
@ -23,11 +23,7 @@ As easy as it is to keep Surface device drivers and firmware up to date automati
 On the Microsoft Download Center page for your device, you will find several files available. These files allow you to deploy drivers and firmware in various ways. You can read more about the different deployment methods for Surface drivers and firmware in [Manage Surface driver and firmware updates](manage-surface-pro-3-firmware-updates.md).
-Driver and firmware updates for Surface devices are released in one of two ways:
+Driver and firmware updates for Surface devices are **cumulative updates** which provide comprehensive roundups of all of the latest files for the Surface device running that version of Windows.
 -   **Point updates** are released for specific drivers or firmware revisions and provide the latest update for a specific component of the Surface device.
 -   **Cumulative updates** provide comprehensive roundups of all of the latest files for the Surface device running that version of Windows.
 Installation files for administrative tools, drivers for accessories, and updates for Windows are also available for some devices and are detailed here in this article.
@ -212,10 +208,10 @@ Download the following updates [for Surface Pro (Model 1514) from the Microsoft
 -   Windows8.1-KB2969817-x64.msu – Fixes an issue that causes Surface devices to reboot twice after firmware updates are installed on all supported x64-based versions of Windows 8.1
-## Surface RT
+## Surface devices with Windows RT
-There are no downloadable firmware or driver updates available for Surface RT. Updates can only be applied using Windows Update.
+There are no downloadable firmware or driver updates available for Surface devices with Windows RT, including Surface RT and Surface 2. Updates can only be applied using Windows Update.
 If you have additional questions on the driver pack and updates, please contact [Microsoft Surface support for business](https://www.microsoft.com/surface/support/business).
--- a/devices/surface/windows-autopilot-and-surface-devices.md
+++ b/devices/surface/windows-autopilot-and-surface-devices.md
@ -7,7 +7,7 @@ ms.mktglfcycl: deploy
 ms.pagetype: surface, devices
 ms.sitesec: library
 author: brecords
-ms.date: 01/31/2018
+ms.date: 09/12/2018
 ms.author: jdecker
 ms.topic: article
 ---
@ -45,6 +45,7 @@ Surface devices with support for out-of-box deployment with Windows Autopilot, e
 * Surface Book 2
 * Surface Laptop
 * Surface Studio
 * Surface Go
 ## Surface partners enabled for Windows Autopilot
 Enrolling Surface devices in Windows Autopilot at the time of purchase is a capability provided by select Surface partners that are enabled with the capability to identify individual Surface devices during the purchase process and perform enrollment on an organization’s behalf. Devices enrolled by a Surface partner at time of purchase can be shipped directly to users and configured entirely through the zero-touch process of Windows Autopilot, Azure Active Directory, and Mobile Device Management.
--- a/windows/client-management/mdm/device-update-management.md
+++ b/windows/client-management/mdm/device-update-management.md
@ -2,6 +2,7 @@
 title: Device update management
 description: In the current device landscape of PC, tablets, phones, and IoT devices, the Mobile Device Management (MDM) solutions are becoming prevalent as a lightweight device management technology.
 ms.assetid: C27BAEE7-2890-4FB7-9549-A6EACC790777
 keywords: mdm,management,administrator
 ms.author: maricia
 ms.topic: article
 ms.prod: w10
@ -13,15 +14,18 @@ ms.date: 11/15/2017
 # Device update management
-In the current device landscape of PC, tablets, phones, and IoT devices, the Mobile Device Management (MDM) solutions are becoming prevalent as a lightweight device management technology. In Windows 10, we are investing heavily in extending the management capabilities available to MDMs. One key feature we are adding is the ability for MDMs to keep devices up-to-date with the latest Microsoft Updates.
+>[!TIP]
 >If you're not a developer or administrator, you'll find more helpful information in the [Windows Update: Frequently Asked Questions](https://support.microsoft.com/help/12373/windows-update-faq).
-In particular, Windows 10 provides additional APIs to enable MDMs to:
+In the current device landscape of PC, tablets, phones, and IoT devices, Mobile Device Management (MDM) solutions are becoming prevalent as a lightweight device management technology. In Windows 10, we are investing heavily in extending the management capabilities available to MDMs. One key feature we are adding is the ability for MDMs to keep devices up-to-date with the latest Microsoft updates.
 In particular, Windows 10 provides APIs to enable MDMs to:
 -   Ensure machines stay up-to-date by configuring Automatic Update policies.
 -   Test updates on a smaller set of machines before enterprise-wide rollout by configuring which updates are approved for a given device.
 -   Get compliance status of managed devices so IT can easily understand which machines still need a particular security patch, or how up-to-date is a particular machine.
-This topic provides MDM ISVs with the information they need to implement update management in Windows 10.
+This topic provides MDM independent software vendors (ISV) with the information they need to implement update management in Windows 10.
 In Windows 10, the MDM protocol has been extended to better enable IT admins to manage updates. In particular, Windows has added configuration service providers (CSPs) that expose policies and actions for MDMs to:
@ -30,7 +34,8 @@ In Windows 10, the MDM protocol has been extended to better enable IT admins to
 -   Specify a per-device update approval list, to ensure devices don’t install unapproved updates that have not been tested.
 -   Approve EULAs on behalf of the end-user so update deployment can be automated even for updates with EULAs.
-The OMA DM APIs for specifying update approvals and getting compliance status reference updates using an Update ID, which is a GUID that identifies a particular update. The MDM, of course, will want to expose IT-friendly information about the update (instead of a raw GUID), including the update’s title, description, KB, update type (for example, a security update or service pack). For more information, see [\[MS-WSUSSS\]: Windows Update Services: Server-Server Protocol](https://go.microsoft.com/fwlink/p/?LinkId=526707).
+The OMA DM APIs for specifying update approvals and getting compliance status refer to updates by using an Update ID, which is a GUID that identifies a particular update. The MDM, of course, will want to expose IT-friendly information about the update (instead of a raw GUID), including the update’s title, description, KB, update type (for example, a security update or service pack). For more information, see [\[MS-WSUSSS\]: Windows Update Services: Server-Server Protocol](https://go.microsoft.com/fwlink/p/?LinkId=526707).
 For more information about the CSPs, see [Update CSP](update-csp.md) and the update policy area of the [Policy CSP](policy-configuration-service-provider.md).
 The following diagram provides a conceptual overview of how this works:
--- a/windows/client-management/mdm/index.md
+++ b/windows/client-management/mdm/index.md
@ -5,12 +5,12 @@ MS-HAID:
 - 'p\_phDeviceMgmt.provisioning\_and\_device\_management'
 - 'p\_phDeviceMgmt.mobile\_device\_management\_windows\_mdm'
 ms.assetid: 50ac90a7-713e-4487-9cb9-b6d6fdaa4e5b
-ms.author: maricia
+ms.author: jdecker
 ms.topic: article
 ms.prod: w10
 ms.technology: windows
-author: MariciaAlforque
+author: jdeckerms
-ms.date: 06/26/2017
+ms.date: 09/12/2018
 ---
 # Mobile device management
@ -25,6 +25,12 @@ There are two parts to the Windows 10 management component:
 Third-party MDM servers can manage Windows 10 by using the MDM protocol. The built-in management client is able to communicate with a third-party server proxy that supports the protocols outlined in this document to perform enterprise management tasks. The third-party server will have the same consistent first-party user experience for enrollment, which also provides simplicity for Windows 10 users. MDM servers do not need to create or download a client to manage Windows 10. For details about the MDM protocols, see [\[MS-MDM\]: Mobile Device Management Protocol](https://go.microsoft.com/fwlink/p/?LinkId=619346) and [\[MS-MDE2\]: Mobile Device Enrollment Protocol Version 2]( http://go.microsoft.com/fwlink/p/?LinkId=619347).
 <span id="mmat" />
 ## Learn about migrating to MDM
 When an organization wants to move to MDM to manage devices, they should prepare by analyzing their current Group Policy settings to see what they need to transition to MDM management. Microsoft created the [MDM Migration Analysis Tool](https://aka.ms/mmat/) (MMAT) to help. MMAT determines which Group Policies have been set for a target user or computer and then generates a report that lists the level of support for each policy settings in MDM equivalents. For more information, see [MMAT Instructions](https://github.com/WindowsDeviceManagement/MMAT/blob/master/MDM%20Migration%20Analysis%20Tool%20Instructions.pdf).
 ## Learn about device enrollment
--- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
+++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
@ -1760,6 +1760,12 @@ The DM agent for [push-button reset](https://msdn.microsoft.com/windows/hardware
 ## Change history in MDM documentation
 ### September 2018
 New or updated topic | Description
 --- | ---
 [Mobile device management](index.md#mmat) | Added information about the MDM Migration Analysis Tool (MMAT).
 ### August 2018
 <table class="mx-tdBreakAll">
--- a/windows/configuration/guidelines-for-assigned-access-app.md
+++ b/windows/configuration/guidelines-for-assigned-access-app.md
@ -55,7 +55,7 @@ In Windows 10, version 1803 and later, you can install the **Kiosk Browser** app
 1. [Get **Kiosk Browser** in Microsoft Store for Business with offline license type.](https://docs.microsoft.com/microsoft-store/acquire-apps-microsoft-store-for-business#acquire-apps)
 2. [Deploy **Kiosk Browser** to kiosk devices.](https://docs.microsoft.com/microsoft-store/distribute-offline-apps)
-3. Configure policies using settings from the Policy Configuration Service Provider (CSP) for [KioskBrowser](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-kioskbrowser). These settings can be configured using your MDM service provider, or [in a provisioning package](provisioning-packages/provisioning-create-package.md).
+3. Configure policies using settings from the Policy Configuration Service Provider (CSP) for [KioskBrowser](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-kioskbrowser). These settings can be configured using your MDM service provider, or [in a provisioning package](provisioning-packages/provisioning-create-package.md). In Windows Configuration Designer, the settings are located in **Policies > KioskBrowser** when you select advanced provisioning for Windows desktop editions.
 >[!NOTE]
 >If you configure the kiosk using a provisioning package, you must apply the provisioning package after the device completes the out-of-box experience (OOBE).
--- a/windows/deployment/deploy-whats-new.md
+++ b/windows/deployment/deploy-whats-new.md
@ -7,7 +7,7 @@ ms.localizationpriority: medium
 ms.prod: w10
 ms.sitesec: library
 ms.pagetype: deploy
-ms.date: 09/19/2017
+ms.date: 09/12/2018
 author: greg-lindsay
 ---
@ -25,6 +25,12 @@ This topic provides an overview of new solutions and online content related to d
 - For a detailed list of changes to Windows 10 ITPro TechNet library content, see [Online content change history](#online-content-change-history).
 ## Windows 10 servicing and support
 Microsoft is [extending support](https://www.microsoft.com/microsoft-365/blog/2018/09/06/helping-customers-shift-to-a-modern-desktop) for Windows 10 Enterprise and Windows 10 Education editions to 30 months from the version release date. This includes all past versions and future versions that are targeted for release in September (versions ending in 09, ex: 1809). Future releases that are targeted for release in March (versions ending in 03, ex: 1903) will continue to be supported for 18 months from their release date. All releases of Windows 10 Home, Windows 10 Pro, and Office 365 ProPlus will continue to be supported for 18 months (there is no change for these editions).  These support policies are summarized in the table below.
 ![Support lifecycle](images/support-cycle.png)
 ## Windows 10 Enterprise upgrade
 Windows 10 version 1703 includes a Windows 10 Enterprise E3 and E5 benefit to Microsoft customers with Enterprise Agreements (EA) or Microsoft Products & Services Agreements (MPSA). These customers can now subscribe users to Windows 10 Enterprise E3 or E5 and activate their subscriptions on up to five devices. Virtual machines can also be activated. For more information, see [Windows 10 Enterprise Subscription Activation](windows-10-enterprise-subscription-activation.md).
--- a/windows/deployment/images/support-cycle.png
+++ b/windows/deployment/images/support-cycle.png
--- a/windows/deployment/update/device-health-get-started.md
+++ b/windows/deployment/update/device-health-get-started.md
@ -1,11 +1,11 @@
 ---
 title: Get started with Device Health
-description: Configure Device Health in OMS to see statistics on frequency and causes of crashes of devices in your network.
+description: Configure Device Health in Azure Log Analytics to monitor health (such as crashes and sign-in failures) for your Windows 10 devices.
-keywords: Device Health, oms, operations management suite, prerequisites, requirements, monitoring, crash, drivers
+keywords: Device Health, oms, operations management suite, prerequisites, requirements, monitoring, crash, drivers, azure
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
-ms.date: 08/21/2018
+ms.date: 09/11/2018
 ms.pagetype: deploy
 author: jaimeo
 ms.author: jaimeo
@ -14,74 +14,59 @@ ms.localizationpriority: medium
 # Get started with Device Health
->[!IMPORTANT]
+This topic explains the steps necessary to configure your environment for Windows Analytics Device Health. 
 >**The OMS portal has been deprecated; you should start using the [Azure portal](https://portal.azure.com) instead as soon as possible.** Many experiences are the same in the two portals, but there are some key differences. See [Windows Analytics in the Azure Portal](windows-analytics-azure-portal.md) for steps to use Windows Analytics in the Azure portal. For much more information about the transition from OMS to Azure, see [OMS portal moving to Azure](https://docs.microsoft.com/azure/log-analytics/log-analytics-oms-portal-transition).
-This topic explains the steps necessary to configure your environment for Windows Analytics: Device Health. 
+- [Get started with Device Health](#get-started-with-device-health)
-
+    - [Add the Device Health solution to your Azure subscription](#add-the-device-health-solution-to-your-azure-subscription)
-Steps are provided in sections that follow the recommended setup process:
+    - [Enroll devices in Windows Analytics](#enroll-devices-in-windows-analytics)
-
+    - [Use Device Health to monitor device crashes, app crashes, sign-in failures, and more](#use-device-health-to-monitor-device-crashes-app-crashes-sign-in-failures-and-more)
-1. [Add Device Health](#add-device-health-to-microsoft-operations-management-suite) to Microsoft Operations Management Suite.
+    - [Related topics](#related-topics)
 2. [Enroll devices in Windows Analytics](#deploy-your-commercial-id-to-your-windows-10-devices) to your organization’s devices.
 3. [Use Device Health to monitor frequency and causes of device crashes](#use-device-health-to-monitor-frequency-and-causes-of-device-crashes) once your devices are enrolled.
-## Add Device Health to Microsoft Operations Management Suite or Azure Log Analytics
+## Add the Device Health solution to your Azure subscription
-Device Health is offered as a solution in the Microsoft Operations Management Suite (OMS) and Azure Log Analytics, a collection of cloud-based servicing for monitoring and automating your on-premises and cloud environments. For more information about OMS, see [Operations Management Suite overview](https://azure.microsoft.com/en-us/documentation/articles/operations-management-suite-overview/) or the Azure [Log Analytics overview](https://azure.microsoft.com/services/log-analytics/).
+Device Health is offered as a *solution* which you link to a new or existing [Azure Log Analytics](https://azure.microsoft.com/services/log-analytics/) *workspace* within your Azure *subscription*. To configure this, follows these steps:
-**If you are already using Windows Analytics**, you should use the same Azure Log Analytics workspace you're already using. Find Device Health in the Solutions Gallery. Select the **Device Health** tile in the gallery and then click **Add** on the solution's details page. Device Health is now visible in your workspace. While you're in the Solutions Gallery, you should consider installing the [Upgrade Readiness](../upgrade/use-upgrade-readiness-to-manage-windows-upgrades.md)  and [Update Compliance](update-compliance-monitor.md) solutions as well, if you haven't already.
+1. Sign in to the [Azure Portal](https://portal.azure.com) with your work or school account or a Microsoft account. If you don't already have an Azure subscription you can create one (including free trial options) through the portal.
->[!NOTE]
+    >[!NOTE] 
->If you are already using OMS, you can also follow [this link](https://portal.mms.microsoft.com/#Workspace/ipgallery/details/details/index?IPId=DeviceHealthProd) to go directly to the Device Health solution and add it to your workspace.
+    > Device Health is included at no additional cost with Windows 10 [education and enterprise licensing](https://docs.microsoft.com/en-us/windows/deployment/update/device-health-monitor#device-health-licensing). An Azure subscription is required for managing and using Device Health, but no Azure charges are expected to accrue to the subscription as a result of using Device Health. 
-**If you are not yet using Windows Analytics or Azure Log Analytics**, follow these steps to subscribe:
+2. In the Azure portal select **Create a resource**, search for "Device Health", and then select **Create** on the **Device Health** solution.
    ![Azure portal page highlighting + Create a resource and with Device Health selected](images/CreateSolution-Part1-Marketplace.png)
-1.	Go to [Operations Management Suite](https://www.microsoft.com/en-us/cloud-platform/operations-management-suite) on Microsoft.com and click **Sign in**.
+    ![Azure portal showing Device Health fly-in and Create button highlighted(images/CreateSolution-Part2-Create.png)](images/CreateSolution-Part2-Create.png)
-   [![Operations Management Suite bar with sign-in button](images/uc-02a.png)](images/uc-02.png)
+3. Choose an existing workspace or create a new workspace to host the Device Health solution. 
-
+    ![Azure portal showing Log Analytics workspace fly-in](images/CreateSolution-Part3-Workspace.png)
-
+    - If you are using other Windows Analytics solutions (Upgrade Readiness or Update Compliance) you should add Device Health to the same workspace.
-2.	Sign in to Operations Management Suite (OMS). You can use either a Microsoft Account or a Work or School account to create a workspace. If your company is already using Azure Active Directory (Azure AD), use a Work or School account when you sign in to OMS. Using a Work or School account allows you to use identities from your Azure AD to manage permissions in OMS.
+    - If you are creating a new workspace, and your organization does not have policies governing naming conventions and structure, consider the following workspace settings to get started:
-   [![OMS Sign-in dialog box for account name and password](images/uc-03a.png)](images/uc-03.png)
+        - Choose a workspace name which reflects the scope of planned usage in your organization, for example *PC-Analytics*.
-
+        - For the resource group setting select **Create new** and use the same name you chose for your new workspace.
-
+        - For the location setting, choose the Azure region where you would prefer the data to be stored.
-3.	Create a new OMS workspace.
+        - For the pricing tier select **Free**.
-
+4. Now that you have selected a workspace, you can go back to the Device Health blade and select **Create**.
-     [![OMS dialog with buttons to create a new OMS workspace or cancel](images/uc-04a.png)](images/uc-04.png)
+    ![Azure portal showing workspace selected and with Create button highlighted](images/CreateSolution-Part4-WorkspaceSelected.png)
-
+5. Watch for a Notification (in the Azure portal) that "Deployment 'Microsoft.DeviceHealth' to resource group 'YourResourceGroupName' was successful." and then select **Go to resource** This might take several minutes to appear.
-4.	Enter a name for the workspace, select the workspace region, and provide the email address that you want associated with this workspace. Click **Create**.
+       ![Azure portal all services page with Log Analytics found and selected as favorite](images/CreateSolution-Part5-GoToResource.png)
-
+    - Suggestion: Choose the **Pin to Dashboard** option to make it easy to navigate to your newly added Device Health solution.
-    [![OMS Create New Workspace dialog](images/uc-05a.png)](images/uc-05.png)
+    - Suggestion: If a "resource unavailable" error occurs when navigating to the solution, try again after one hour.
 5.	If your organization already has an Azure subscription, you can link it to your workspace. Note that you may need to request access from your organization’s Azure administrator. If your organization does not have an Azure subscription, create a new one or select the default OMS Azure subscription from the list. If you do not yet have an Azure subscription, follow [this guide](https://blogs.technet.microsoft.com/upgradeanalytics/2016/11/08/linking-operations-management-suite-workspaces-to-microsoft-azure/) to create and link an Azure subscription to an OMS workspace.
    [![OMS dialog to link existing Azure subscription or create a new one](images/uc-06a.png)](images/uc-06.png)
 6.	To add Update Readiness to your workspace, go to the Solution Gallery, Select the **Update Readiness** tile and then select **Add** on the solution's detail page.
    [![Windows Analytics details page in Solutions Gallery](images/solution-bundle.png)](images/solution-bundle.png)
 7.	Click the **Update Readiness** tile to configure the solution. The **Settings Dashboard** opens. In this example, both Upgrade Readiness and Device Health solutions have been added.
    [![OMS Settings Dashboard showing Device Health and Upgrade Readiness tiles](images/OMS-after-adding-solution.jpg)](images/OMS-after-adding-solution.jpg)
 After you have added Device Health and devices have a Commercial ID, you will begin receiving data. It will typically take 24-48 hours for the first data to begin appearing. The following section explains how to deploy your Commercial ID to your Windows 10 devices.
 >[!NOTE]
 >You can unsubscribe from the Device Health solution if you no longer want to monitor your organization’s devices. User device data will continue to be shared with Microsoft while the opt-in keys are set on user devices and the proxy allows traffic.
 ## Enroll devices in Windows Analytics
-Once you've added Update Compliance to Microsoft Operations Management Suite, you can now start enrolling the devices in your organization. For full instructions, see [Enrolling devices in Windows Analytics](windows-analytics-get-started.md).
+Once you've added Device Health to a workspace in your Azure subscription, you can start enrolling the devices in your organization. For Device Health there are two key steps for enrollment:
 1. Deploy your CommercialID (from Device Health Settings page) to your Windows 10 devices (typically using Group Policy or similar)
 2. Ensure the Windows Diagnostic Data setting on devices is set to Enhanced or Full (typically using Group Policy or similar). Note that the [Limit Enhanced](https://docs.microsoft.com/en-us/windows/privacy/enhanced-diagnostic-data-windows-analytics-events-and-fields) policy can substantially reduce the amount of diagnostic data shared with Microsoft while still allowing Device Health to function.
 For full enrollment instructions and troubleshooting, see [Enrolling devices in Windows Analytics](windows-analytics-get-started.md).
 After enrolling your devices (by deploying your CommercialID and Windows Diagnostic Data settings), it may take 48-72 hours for the first data to appear in the solution. Until then, the Device Health tile will show "Performing Assessment."
-## Use Device Health to monitor frequency and causes of device crashes
+## Use Device Health to monitor device crashes, app crashes, sign-in failures, and more
-Once your devices are enrolled, you can move on to [Using Device Health](device-health-using.md).
+Once your devices are enrolled and data is flowing, you can move on to [Using Device Health](device-health-using.md).
 >[!NOTE]
 >You can remove the Device Health solution from your workspace if you no longer want to monitor your organization’s devices. Windows diagnostic data will continue to be shared with Microsoft as normal as per the diagnostic data sharing settings on the devices.
 ## Related topics
--- a/windows/deployment/update/images/CreateSolution-Part1-Marketplace.png
+++ b/windows/deployment/update/images/CreateSolution-Part1-Marketplace.png
--- a/windows/deployment/update/images/CreateSolution-Part2-Create.png
+++ b/windows/deployment/update/images/CreateSolution-Part2-Create.png
--- a/windows/deployment/update/images/CreateSolution-Part3-Workspace.png
+++ b/windows/deployment/update/images/CreateSolution-Part3-Workspace.png
--- a/windows/deployment/update/images/CreateSolution-Part4-WorkspaceSelected.png
+++ b/windows/deployment/update/images/CreateSolution-Part4-WorkspaceSelected.png
--- a/windows/deployment/update/images/CreateSolution-Part5-GoToResource.png
+++ b/windows/deployment/update/images/CreateSolution-Part5-GoToResource.png
--- a/windows/hub/TOC.md
+++ b/windows/hub/TOC.md
@ -1,5 +1,4 @@
 # [Windows 10 and Windows 10 Mobile](index.md)
 ## [Get started](/windows/whats-new/whats-new-windows-10-version-1803)
 ## [What's new](/windows/whats-new)
 ## [Deployment](/windows/deployment)
 ## [Configuration](/windows/configuration)
--- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md
+++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md
@ -35,8 +35,6 @@ You can learn more about Windows functional and diagnostic data through these ar
 - [Configure Windows diagnostic data in your organization](configure-windows-diagnostic-data-in-your-organization.md)
 ## Appraiser events
 ### Microsoft.Windows.Appraiser.General.ChecksumTotalPictureCount
--- a/windows/privacy/images/ddv-data-viewing.png
+++ b/windows/privacy/images/ddv-data-viewing.png
--- a/windows/privacy/images/ddv-event-feedback.png
+++ b/windows/privacy/images/ddv-event-feedback.png
--- a/windows/privacy/images/ddv-event-view-basic.png
+++ b/windows/privacy/images/ddv-event-view-basic.png
--- a/windows/privacy/images/ddv-event-view-filter.png
+++ b/windows/privacy/images/ddv-event-view-filter.png
--- a/windows/privacy/images/ddv-event-view.png
+++ b/windows/privacy/images/ddv-event-view.png
--- a/windows/privacy/images/ddv-settings-launch.png
+++ b/windows/privacy/images/ddv-settings-launch.png
--- a/windows/privacy/images/ddv-settings-off.png
+++ b/windows/privacy/images/ddv-settings-off.png
--- a/windows/security/threat-protection/intelligence/coordinated-malware-eradication.md
+++ b/windows/security/threat-protection/intelligence/coordinated-malware-eradication.md
@ -32,4 +32,4 @@ Organizations participating in the CME effort work together to help eradicate se
 Any organization that is involved in cybersecurity and antimalware or interested in fighting cybercrime can participate in CME campaigns by enrolling in the [Virus Information Alliance (VIA) program](virus-information-alliance-criteria.md). It ensures that everyone agrees to use the information and tools available for campaigns for their intended purpose (that is, the eradication of malware).
-Please apply using our [membership application form](https://www.microsoft.com/security/portal/partnerships/apply.aspx) to get started.
+If your organization meets these criteria and would like to apply for membership, contact us at [mvi@microsoft.com](mailto:mvi@microsoft.com). Please indicate whether you would like to join CME, [VIA](./virus-information-alliance-criteria.md), or [MVI](./virus-initiative-criteria.md).
--- a/windows/security/threat-protection/intelligence/virus-information-alliance-criteria.md
+++ b/windows/security/threat-protection/intelligence/virus-information-alliance-criteria.md
@ -46,6 +46,4 @@ To be eligible for VIA your organization must:
 3. Be willing to sign and adhere to the VIA membership agreement.
-If your organization wants to apply and meets this criteria, you can apply using our [membership application form](https://www.microsoft.com/security/portal/partnerships/apply.aspx).
+If your organization meets these criteria and would like to apply for membership, contact us at [mvi@microsoft.com](mailto:mvi@microsoft.com). Please indicate whether you would like to join VIA, [MVI](./virus-initiative-criteria.md), or [CME](./coordinated-malware-eradication.md).
 If you have any questions, you can also contact us using our [partnerships contact form](https://www.microsoft.com/security/portal/partnerships/contactus.aspx).
--- a/windows/security/threat-protection/intelligence/virus-initiative-criteria.md
+++ b/windows/security/threat-protection/intelligence/virus-initiative-criteria.md
@ -54,4 +54,4 @@ Your organization must meet the following eligibility requirements to participat
 ### Apply to MVI
-If your organization wants to apply and meets this criteria, you can apply using our [membership application form](https://www.microsoft.com/security/portal/partnerships/apply.aspx).
+If your organization meets these criteria and would like to apply for membership, contact us at [mvi@microsoft.com](mailto:mvi@microsoft.com). Please indicate whether you would like to join MVI, [VIA](./virus-information-alliance-criteria.md), or [CME](./coordinated-malware-eradication.md).
--- a/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md
@ -72,7 +72,7 @@ The following tables are exposed as part of Advanced hunting:
 - **RegistryEvents** - Stores registry key creation, modification, rename and deletion events 
 - **LogonEvents** - Stores login events 
 - **ImageLoadEvents** - Stores load dll events  
- **MiscEvents** - Stores several types of events, including Windows Defender blocks (Windows Defender Antivirus, Exploit Guard, Windows Defender SmartScreen, Windows Defender Application Guard, and Firewall), process injection events, access to LSASS processes, and others.
+- **MiscEvents** - Stores several types of events, process injection events, access to LSASS processes, and others.
 These tables include data from the last 30 days.
--- a/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md
@ -10,15 +10,13 @@ ms.pagetype: security
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: medium
-ms.date: 05/29/2018
+ms.date: 09/12/2018
 ---
 # Configure machine proxy and Internet connectivity settings
 **Applies to:**
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
@ -46,18 +44,24 @@ The WinHTTP configuration setting is independent of the Windows Internet (WinINe
 ## Configure the proxy server manually using a registry-based static proxy
 Configure a registry-based static proxy to allow only Windows Defender ATP sensor to report diagnostic data and communicate with Windows Defender ATP services if a computer is not be permitted to connect to the Internet.
-The static proxy is configurable through Group Policy (GP). The group policy can be found under: **Administrative Templates > Windows Components > Data Collection and Preview Builds > Configure connected user experiences and telemetry**.
+The static proxy is configurable through Group Policy (GP). The group policy can be found under: 
 - Administrative Templates > Windows Components > Data Collection and Preview Builds > Configure Authenticated Proxy usage for the Connected User Experience and Telemetry Service
    - Set it to **Enabled** and select **Disable Authenticated Proxy usage**:
    ![Image of Group Policy setting](images/atp-gpo-proxy1.png)
 - **Administrative Templates > Windows Components > Data Collection and Preview Builds > Configure connected user experiences and telemetry**:
    - Configure the proxy:<br>
      ![Image of Group Policy setting](images/atp-gpo-proxy2.png)
-The policy sets two registry values `TelemetryProxyServer` as REG_SZ and `DisableEnterpriseAuthProxy` as REG_DWORD under the registry key `HKLM\Software\Policies\Microsoft\Windows\DataCollection`.
+    The policy sets two registry values `TelemetryProxyServer` as REG_SZ and `DisableEnterpriseAuthProxy` as REG_DWORD under the registry key `HKLM\Software\Policies\Microsoft\Windows\DataCollection`.
-The registry value `TelemetryProxyServer` takes the following string format:
+    The registry value `TelemetryProxyServer` takes the following string format:
-```text
+    ```text
-<server name or ip>:<port>
+    <server name or ip>:<port>
-```
+    ```
-For example: 10.0.0.6:8080
+    For example: 10.0.0.6:8080
-The registry value `DisableEnterpriseAuthProxy` should be set to 1.
+    The registry value `DisableEnterpriseAuthProxy` should be set to 1.
 ## Configure the proxy server manually using netsh command
@ -82,7 +86,7 @@ For example: netsh winhttp set proxy 10.0.0.6:8080
 ## Enable access to Windows Defender ATP service URLs in the proxy server
 If a proxy or firewall is blocking all traffic by default and allowing only specific domains through or HTTPS scanning (SSL inspection) is enabled, make sure that the following URLs are white-listed to permit communication with Windows Defender ATP service in port 80 and 443:
->![NOTE]
+>[!NOTE]
 > URLs that include v20 in them are only needed if you have Windows 10, version 1803 or later machines. For example, ```us-v20.events.data.microsoft.com``` is only needed if the machine is on Windows 10, version 1803 or later. 
 Service location | Microsoft.com DNS record
--- a/windows/security/threat-protection/windows-defender-atp/images/atp-gpo-proxy1.png
+++ b/windows/security/threat-protection/windows-defender-atp/images/atp-gpo-proxy1.png
--- a/windows/security/threat-protection/windows-defender-atp/images/atp-gpo-proxy2.png
+++ b/windows/security/threat-protection/windows-defender-atp/images/atp-gpo-proxy2.png
--- a/windows/security/threat-protection/windows-defender-atp/troubleshoot-siem-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/troubleshoot-siem-windows-defender-advanced-threat-protection.md
@ -35,7 +35,9 @@ If your client secret expires or if you've misplaced the copy provided when you
 3. Select your tenant.
-4. Click **App registrations** > **All apps**, then select your SIEM tool application. The application name is `https://windowsdefenderatpsiemconnector`.
+4. Click **App registrations**. Then in the applications list, select the application:
    - For SIEM: `https://WindowsDefenderATPSiemConnector`
    - For Threat intelligence API: `https://WindowsDefenderATPCustomerTiConnector`
 5. Select **Keys** section, then provide a key description and specify the key validity duration.
--- a/windows/security/threat-protection/windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity.md
@ -180,6 +180,7 @@ This field helps to enumerate and report state on the relevant security properti
 | **4.** | If present, Secure Memory Overwrite is available.       |
 | **5.** | If present, NX protections are available.               |
 | **6.** | If present, SMM mitigations are available.              |
 | **7.** | If present, Mode Based Execution Control is available.  |
 #### InstanceIdentifier
@ -199,6 +200,7 @@ This field describes the required security properties to enable virtualization-b
 | **4.** | If present, Secure Memory Overwrite is needed.      |
 | **5.** | If present, NX protections are needed.              |
 | **6.** | If present, SMM mitigations are needed.             |
 | **7.** | If present, Mode Based Execution Control is needed. |
 #### SecurityServicesConfigured
`@ -32,4 +32,4 @@ Organizations participating in the CME effort work together to help eradicate se`

	`Any organization that is involved in cybersecurity and antimalware or interested in fighting cybercrime can participate in CME campaigns by enrolling in the [Virus Information Alliance (VIA) program](virus-information-alliance-criteria.md). It ensures that everyone agrees to use the information and tools available for campaigns for their intended purpose (that is, the eradication of malware).`	`Any organization that is involved in cybersecurity and antimalware or interested in fighting cybercrime can participate in CME campaigns by enrolling in the [Virus Information Alliance (VIA) program](virus-information-alliance-criteria.md). It ensures that everyone agrees to use the information and tools available for campaigns for their intended purpose (that is, the eradication of malware).`

	`Please apply using our [membership application form](https://www.microsoft.com/security/portal/partnerships/apply.aspx) to get started.`	`If your organization meets these criteria and would like to apply for membership, contact us at [mvi@microsoft.com](mailto:mvi@microsoft.com). Please indicate whether you would like to join CME, [VIA](./virus-information-alliance-criteria.md), or [MVI](./virus-initiative-criteria.md).`
`@ -54,4 +54,4 @@ Your organization must meet the following eligibility requirements to participat`

	`### Apply to MVI`	`### Apply to MVI`

	`If your organization wants to apply and meets this criteria, you can apply using our [membership application form](https://www.microsoft.com/security/portal/partnerships/apply.aspx).`	`If your organization meets these criteria and would like to apply for membership, contact us at [mvi@microsoft.com](mailto:mvi@microsoft.com). Please indicate whether you would like to join MVI, [VIA](./virus-information-alliance-criteria.md), or [CME](./coordinated-malware-eradication.md).`