From 10c0e7510626d50bea29e309d14f9978e03ca1c7 Mon Sep 17 00:00:00 2001
From: nimishasatapathy <75668234+nimishasatapathy@users.noreply.github.com>
Date: Mon, 1 Feb 2021 15:48:51 +0530
Subject: [PATCH 01/35] 4797298_updates_4formattingerrors

---
 .../policy-csp-admx-microsoftdefenderantivirus.md    | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md b/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md
index 5862dadff7..94b2dbcc6d 100644
--- a/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md
+++ b/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md
@@ -3224,7 +3224,8 @@ ADMX Info:
 <!--/Policy-->
 <hr/>
 <!--Policy-->
-<a href="" id="admx-microsoftdefenderantivirus-reporting-disablegenericreports"></a>**ADMX_MicrosoftDefenderAntivirus/Reporting_DisablegenericrePorts**  
+
+<a href="" id="admx-microsoftdefenderantivirus-reporting-disabl"></a>**ADMX_MicrosoftDefenderAntivirus/Reporting_DisablegenericrePorts** 
 
 <!--SupportedSKUs-->
 <table>
@@ -3357,7 +3358,8 @@ ADMX Info:
 <!--/Policy-->
 <hr/>
 <!--Policy-->
-<a href="" id="admx-microsoftdefenderantivirus-reporting-recentlycleanedtimeout"></a>**ADMX_MicrosoftDefenderAntivirus/Reporting_RecentlyCleanedTimeout**  
+
+<a href="" id="admx-microsoftdefenderantivirus-reporting-recentlycleanedtimeout"></a>**ADMX_MicrosoftDefenderAntivirus/Reporting_RecentlyCleanedTimeout**
 
 <!--SupportedSKUs-->
 <table>
@@ -4249,7 +4251,8 @@ ADMX Info:
 <!--/Policy-->
 <hr/>
 <!--Policy-->
-<a href="" id="admx-microsoftdefenderantivirus-scan-disablescanningmappednetworkdrivesforfullscan"></a>**ADMX_MicrosoftDefenderAntivirus/Scan_DisableScanningMappedNetworkDrivesForFullScan**  
+
+<a href="" id="admx-microsoftdefenderantivirus-scan-disablescanningmappednetworkdrivesforfullscan"></a>**ADMX_MicrosoftDefenderAntivirus/Scan_DisableScanningMappedNetworkDrivesForFullScan**   
 
 <!--SupportedSKUs-->
 <table>
@@ -6135,7 +6138,8 @@ ADMX Info:
 <!--/Policy-->
 <hr/>
 <!--Policy-->
-<a href="" id="admx-microsoftdefenderantivirus-signatureupdate-signaturedisablenotification"></a>**ADMX_MicrosoftDefenderAntivirus/SignatureUpdate_SignatureDisableNotification**  
+
+ <a href="" id="admx-microsoftdefenderantivirus-signatureupdate-signaturedisablenotification"></a>**ADMX_MicrosoftDefenderAntivirus/SignatureUpdate_SignatureDisableNotification**  
 
 <!--SupportedSKUs-->
 <table>

From 28319aff41da8bf65816f6ba16c56c052c024186 Mon Sep 17 00:00:00 2001
From: nimishasatapathy <75668234+nimishasatapathy@users.noreply.github.com>
Date: Fri, 26 Feb 2021 00:39:25 +0530
Subject: [PATCH 02/35] updated

---
 windows/client-management/mdm/TOC.md          |   1 +
 .../mdm/policies-in-policy-csp-admx-backed.md |   1 +
 .../policy-configuration-service-provider.md  |   8 ++
 .../mdm/policy-csp-admx-winsrv.md             | 119 ++++++++++++++++++
 4 files changed, 129 insertions(+)
 create mode 100644 windows/client-management/mdm/policy-csp-admx-winsrv.md

diff --git a/windows/client-management/mdm/TOC.md b/windows/client-management/mdm/TOC.md
index 3675333e76..d2e032e691 100644
--- a/windows/client-management/mdm/TOC.md
+++ b/windows/client-management/mdm/TOC.md
@@ -272,6 +272,7 @@
 #### [ADMX_WindowsStore](policy-csp-admx-windowsstore.md)
 #### [ADMX_WinInit](policy-csp-admx-wininit.md)
 #### [ADMX_WinLogon](policy-csp-admx-winlogon.md)
+#### [ADMX-Winsrv](policy-csp-admx-winsrv.md)
 #### [ADMX_wlansvc](policy-csp-admx-wlansvc.md)
 #### [ADMX_WPN](policy-csp-admx-wpn.md)
 #### [ApplicationDefaults](policy-csp-applicationdefaults.md)
diff --git a/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
index a93f4e23d3..f745a9f9ad 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
@@ -1333,6 +1333,7 @@ ms.date: 10/08/2020
 - [ADMX_WinLogon/LogonHoursPolicyDescription](./policy-csp-admx-winlogon.md#admx-winlogon-logonhourspolicydescription)
 - [ADMX_WinLogon/ReportCachedLogonPolicyDescription](./policy-csp-admx-winlogon.md#admx-winlogon-reportcachedlogonpolicydescription)
 - [ADMX_WinLogon/SoftwareSASGeneration](./policy-csp-admx-winlogon.md#admx-winlogon-softwaresasgeneration)
+- [ADMX_Winsrv/AllowBlockingAppsAtShutdown](./policy-csp-admx-winsrv.md#admx-winsrv-allowblockingappsatshutdown)
 - [ADMX_wlansvc/SetCost](./policy-csp-admx-wlansvc.md#admx-wlansvc-setcost)
 - [ADMX_wlansvc/SetPINEnforced](./policy-csp-admx-wlansvc.md#admx-wlansvc-setpinenforced)
 - [ADMX_wlansvc/SetPINPreferred](./policy-csp-admx-wlansvc.md#admx-wlansvc-setpinpreferred)
diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md
index 5056143d53..3b90c561dd 100644
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@@ -8547,6 +8547,14 @@ The following diagram shows the Policy configuration service provider in tree fo
   </dd>
 </dl>
 
+### Winsrv policies
+
+<dl>
+  <dd>
+    <a href="./policy-csp-Winsrv.md#winsrv-allowblockingappsatshutdown" id="winsrv-allowblockingappsatshutdown">Winsrv/AllowBlockingAppsAtShutdown</a>
+  </dd>
+</dl>
+
 ## Policies in Policy CSP supported by Group Policy and ADMX-backed policies in Policy CSP
 - [Policies in Policy CSP supported by Group Policy](policy-csps-supported-by-group-policy.md)
 - [ADMX-backed policies in Policy CSP](policy-csps-admx-backed.md)
diff --git a/windows/client-management/mdm/policy-csp-admx-winsrv.md b/windows/client-management/mdm/policy-csp-admx-winsrv.md
new file mode 100644
index 0000000000..56a6b7c6a2
--- /dev/null
+++ b/windows/client-management/mdm/policy-csp-admx-winsrv.md
@@ -0,0 +1,119 @@
+---
+title: Policy CSP - ADMX_Winsrv
+description: Policy CSP - ADMX_Winsrv
+ms.author: dansimp
+ms.localizationpriority: medium
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: manikadhiman
+ms.date: 02/25/2021
+ms.reviewer: 
+manager: dansimp
+---
+
+# Policy CSP - ADMX_Winsrv
+> [!WARNING]
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
+
+<hr/>
+
+<!--Policies-->
+## ADMX_Winsrv policies  
+
+<dl>
+  <dd>
+    <a href="#admx-winsrv-allowblockingappsatshutdown">ADMX_Winsrv/AllowBlockingAppsAtShutdown</a>
+  </dd>
+</dl>
+
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-winsrv.-allowblockingappsatshutdown"></a>**ADMX_Winsrv/AllowBlockingAppsAtShutdown**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Available in the latest Windows 10 Insider Preview Build. This policy setting specifies whether Windows will allow console applications and GUI applications without visible top-level windows to block or cancel shutdown.
+
+By default, such applications are automatically terminated if they attempt to cancel shutdown or block it indefinitely.
+
+- If you enable this setting, console applications or GUI applications without visible top-level windows that block or cancel shutdown will not be automatically terminated during shutdown.
+- If you disable or do not configure this setting, these applications will be automatically terminated during shutdown, helping to ensure that windows can shut down faster and more smoothly.
+
+> [!NOTE]
+> This policy setting applies to all sites in Trusted zones.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Turn off automatic termination of applications that block or cancel shutdown*
+-   GP name: *AllowBlockingAppsAtShutdown*
+-   GP path: *System\Shutdown Options*
+-   GP ADMX file name: *Winsrv.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+Footnotes:
+
+- 1 - Available in Windows 10, version 1607
+- 2 - Available in Windows 10, version 1703
+- 3 - Available in Windows 10, version 1709
+- 4 - Available in Windows 10, version 1803
+- 5 - Available in Windows 10, version 1809
+- 6 - Available in Windows 10, version 1903
+- 7 - Available in Windows 10, version 1909
+- 8 - Available in Windows 10, version 2004
+- 9 - Available in Windows 10, version 20H2
+
+<!--/Policies-->
+

From c2f3ba729e52c5e9e7604b729282f5d8c66eb4f0 Mon Sep 17 00:00:00 2001
From: nimishasatapathy <75668234+nimishasatapathy@users.noreply.github.com>
Date: Wed, 17 Mar 2021 20:00:31 +0530
Subject: [PATCH 03/35] Updated

---
 .../client-management/mdm/policies-in-policy-csp-admx-backed.md | 2 +-
 .../mdm/policy-configuration-service-provider.md                | 2 +-
 windows/client-management/mdm/policy-csp-admx-winsrv.md         | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
index bf5102d568..aeca7d2f72 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
@@ -1334,7 +1334,7 @@ ms.date: 10/08/2020
 - [ADMX_WinLogon/LogonHoursPolicyDescription](./policy-csp-admx-winlogon.md#admx-winlogon-logonhourspolicydescription)
 - [ADMX_WinLogon/ReportCachedLogonPolicyDescription](./policy-csp-admx-winlogon.md#admx-winlogon-reportcachedlogonpolicydescription)
 - [ADMX_WinLogon/SoftwareSASGeneration](./policy-csp-admx-winlogon.md#admx-winlogon-softwaresasgeneration)
-- [ADMX_Winsrv/AllowBlockingAppsAtShutdown](./policy-csp-admx-winsrv.md#admx-winsrv-allowblockingappsatshutdown)
+- [ADMX_Winsrv/AllowBlockingAppsAtShutdown](./policy-csp-admx-winsrv.md#admx-winsrv.-allowblockingappsatshutdown)
 - [ADMX_wlansvc/SetCost](./policy-csp-admx-wlansvc.md#admx-wlansvc-setcost)
 - [ADMX_wlansvc/SetPINEnforced](./policy-csp-admx-wlansvc.md#admx-wlansvc-setpinenforced)
 - [ADMX_wlansvc/SetPINPreferred](./policy-csp-admx-wlansvc.md#admx-wlansvc-setpinpreferred)
diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md
index 6978c78e3d..7c8cb5bcf6 100644
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@@ -8558,7 +8558,7 @@ The following diagram shows the Policy configuration service provider in tree fo
 
 <dl>
   <dd>
-    <a href="./policy-csp-Winsrv.md#winsrv-allowblockingappsatshutdown" id="winsrv-allowblockingappsatshutdown">Winsrv/AllowBlockingAppsAtShutdown</a>
+    <a href="./policy-csp-winsrv.md#winsrv-allowblockingappsatshutdown" id="winsrv-allowblockingappsatshutdown">Winsrv/AllowBlockingAppsAtShutdown</a>
   </dd>
 </dl>
 
diff --git a/windows/client-management/mdm/policy-csp-admx-winsrv.md b/windows/client-management/mdm/policy-csp-admx-winsrv.md
index 56a6b7c6a2..1898b68b88 100644
--- a/windows/client-management/mdm/policy-csp-admx-winsrv.md
+++ b/windows/client-management/mdm/policy-csp-admx-winsrv.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 <dl>
   <dd>
-    <a href="#admx-winsrv-allowblockingappsatshutdown">ADMX_Winsrv/AllowBlockingAppsAtShutdown</a>
+    <a href="#admx-winsrv.-allowblockingappsatshutdown">ADMX_Winsrv/AllowBlockingAppsAtShutdown</a>
   </dd>
 </dl>
 

From 09585b6ede3b1a4227994a3c8a3c4a1750e1ea08 Mon Sep 17 00:00:00 2001
From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com>
Date: Wed, 24 Mar 2021 22:38:39 +0530
Subject: [PATCH 04/35] removed backward-slash

as per user feedback #9361 , so i removed extra backward slash
---
 windows/client-management/mdm/vpnv2-csp.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/client-management/mdm/vpnv2-csp.md b/windows/client-management/mdm/vpnv2-csp.md
index e4a2c9975f..921891e030 100644
--- a/windows/client-management/mdm/vpnv2-csp.md
+++ b/windows/client-management/mdm/vpnv2-csp.md
@@ -30,8 +30,8 @@ Here are the requirements for this CSP:
 
 The XSDs for all EAP methods are shipped in the box and can be found at the following locations:
 
-- `C:\\Windows\\schemas\\EAPHost`
-- `C:\\Windows\\schemas\\EAPMethods`
+- `C:\Windows\schemas\EAPHost`
+- `C:\Windows\schemas\EAPMethods`
 
 The following shows the VPNv2 configuration service provider in tree format.
 

From 193275bc0f59f08e80483f5038e2e33ddd836f56 Mon Sep 17 00:00:00 2001
From: Nimisha Satapathy <v-nsatapathy@microsoft.com>
Date: Thu, 25 Mar 2021 15:29:05 +0530
Subject: [PATCH 05/35] Update policy-configuration-service-provider.md

---
 .../mdm/policy-configuration-service-provider.md                | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md
index 7c8cb5bcf6..3734efcae5 100644
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@@ -8558,7 +8558,7 @@ The following diagram shows the Policy configuration service provider in tree fo
 
 <dl>
   <dd>
-    <a href="./policy-csp-winsrv.md#winsrv-allowblockingappsatshutdown" id="winsrv-allowblockingappsatshutdown">Winsrv/AllowBlockingAppsAtShutdown</a>
+    <a href="./policy-csp-winsrv.md#winsrv.-allowblockingappsatshutdown" id="winsrv.-allowblockingappsatshutdown">Winsrv/AllowBlockingAppsAtShutdown</a>
   </dd>
 </dl>
 

From b769c6bb8b613bcd28fa795e6f775ae9baf8cde2 Mon Sep 17 00:00:00 2001
From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com>
Date: Thu, 25 Mar 2021 17:04:54 +0530
Subject: [PATCH 06/35] added version 20h2

after checking with build no 19042 and 19043 , then I conformed settings are available in windows 10 v20H2
---
 windows/client-management/mdm/policy-csp-power.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/windows/client-management/mdm/policy-csp-power.md b/windows/client-management/mdm/policy-csp-power.md
index d17cdbe1bc..e710db1e1b 100644
--- a/windows/client-management/mdm/policy-csp-power.md
+++ b/windows/client-management/mdm/policy-csp-power.md
@@ -1739,6 +1739,7 @@ Footnotes:
 - 6 - Available in Windows 10, version 1903.
 - 7 - Available in Windows 10, version 1909.
 - 8 - Available in Windows 10, version 2004.
+- 9 - Available in Windows 10, version 20H2.
 
 <!--/Policies-->
 

From 771d2852f62a8510e0cd8d7775b39be0d741c2a1 Mon Sep 17 00:00:00 2001
From: Dynakarp <69023488+Dynakarp@users.noreply.github.com>
Date: Sat, 27 Mar 2021 21:44:46 -0500
Subject: [PATCH 07/35] Fix invalid file extension

---
 .../common-exclusion-mistakes-microsoft-defender-antivirus.md   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/common-exclusion-mistakes-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/common-exclusion-mistakes-microsoft-defender-antivirus.md
index 3108c5ea6b..fa0088f89f 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/common-exclusion-mistakes-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/common-exclusion-mistakes-microsoft-defender-antivirus.md
@@ -34,7 +34,7 @@ Do not define exclusions for the folder locations, file extensions, and processe
 
 | Folder locations | File extensions | Processes |
 |:--|:--|:--|
-| `%systemdrive%` <br/> `C:`<br/> `C:\` <br/> `C:\*` <br/> `%ProgramFiles%\Java` <br/> `C:\Program Files\Java` <br/> `%ProgramFiles%\Contoso\` <br/> `C:\Program Files\Contoso\` <br/> `%ProgramFiles(x86)%\Contoso\` <br/> `C:\Program Files (x86)\Contoso\` <br/> `C:\Temp` <br/> `C:\Temp\` <br/> `C:\Temp\*` <br/> `C:\Users\` <br/> `C:\Users\*` <br/> `C:\Users\<UserProfileName>\AppData\Local\Temp\` <br/> `C:\Users\<UserProfileName>\AppData\LocalLow\Temp\` <br/> `C:\Users\<UserProfileName>\AppData\Roaming\Temp\` <br/> `%Windir%\Prefetch` <br/> `C:\Windows\Prefetch` <br/> `C:\Windows\Prefetch\` <br/> `C:\Windows\Prefetch\*` <br/> `%Windir%\System32\Spool` <br/> `C:\Windows\System32\Spool` <br/> `C:\Windows\System32\CatRoot2` <br/> `%Windir%\Temp` <br/> `C:\Windows\Temp` <br/> `C:\Windows\Temp\` <br/> `C:\Windows\Temp\*` | `.7zip` <br/> `.bat` <br/> `.bin` <br/> `.cab` <br/> `.cmd` <br/> `.com` <br/> `.cpl` <br/> `.dll` <br/> `.exe` <br/> `.fla` <br/> `.gif` <br/> `.gz` <br/> `.hta` <br/> `.inf` <br/> `.java` <br/> `.jar` <br/> `.job` <br/> `.jpeg` <br/> `.jpg` <br/> `.js` <br/> `.ko` <br/> `.ko.gz` <br/> `.msi` <br/> `.ocx` <br/> `.png` <br/> `.ps1` <br/> `.py` <br/> `.rar` <br/> `.reg` <br/> `.scr` <br/> `.sys` <br/> `.tar` <br/> `.tmp` <br/> `.url` <br/> `.vbe` <br/> `.vbs` <br/> `.wsf` <br/> `.zip` | `AcroRd32.exe` <br/> `bitsadmin.exe` <br/> `excel.exe` <br/> `iexplore.exe` <br/> `java.exe` <br/> `outlook.exe` <br/> `psexec.exe` <br/> `powerpnt.exe` <br/> `powershell.exe` <br/> `schtasks.exe`  <br/> `svchost.exe` <br/>`wmic.exe` <br/> `winword.exe` <br/> `wuauclt.exe` <br/> `addinprocess.exe` <br/> `addinprocess32.exe` <br/> `addinutil.exe` <br/> `bash.exe` <br/> `bginfo.exe`[1] <br/>`cdb.exe` <br/> `csi.exe` <br/> `dbghost.exe` <br/> `dbgsvc.exe` <br/> `dnx.exe` <br/> `fsi.exe` <br/> `fsiAnyCpu.exe` <br/> `kd.exe` <br/> `ntkd.exe` <br/> `lxssmanager.dll` <br/> `msbuild.exe`[2] <br/> `mshta.exe` <br/> `ntsd.exe` <br/> `rcsi.exe` <br/> `system.management.automation.dll` <br/> `windbg.exe` |
+| `%systemdrive%` <br/> `C:`<br/> `C:\` <br/> `C:\*` <br/> `%ProgramFiles%\Java` <br/> `C:\Program Files\Java` <br/> `%ProgramFiles%\Contoso\` <br/> `C:\Program Files\Contoso\` <br/> `%ProgramFiles(x86)%\Contoso\` <br/> `C:\Program Files (x86)\Contoso\` <br/> `C:\Temp` <br/> `C:\Temp\` <br/> `C:\Temp\*` <br/> `C:\Users\` <br/> `C:\Users\*` <br/> `C:\Users\<UserProfileName>\AppData\Local\Temp\` <br/> `C:\Users\<UserProfileName>\AppData\LocalLow\Temp\` <br/> `C:\Users\<UserProfileName>\AppData\Roaming\Temp\` <br/> `%Windir%\Prefetch` <br/> `C:\Windows\Prefetch` <br/> `C:\Windows\Prefetch\` <br/> `C:\Windows\Prefetch\*` <br/> `%Windir%\System32\Spool` <br/> `C:\Windows\System32\Spool` <br/> `C:\Windows\System32\CatRoot2` <br/> `%Windir%\Temp` <br/> `C:\Windows\Temp` <br/> `C:\Windows\Temp\` <br/> `C:\Windows\Temp\*` | `.7z` <br/> `.bat` <br/> `.bin` <br/> `.cab` <br/> `.cmd` <br/> `.com` <br/> `.cpl` <br/> `.dll` <br/> `.exe` <br/> `.fla` <br/> `.gif` <br/> `.gz` <br/> `.hta` <br/> `.inf` <br/> `.java` <br/> `.jar` <br/> `.job` <br/> `.jpeg` <br/> `.jpg` <br/> `.js` <br/> `.ko` <br/> `.ko.gz` <br/> `.msi` <br/> `.ocx` <br/> `.png` <br/> `.ps1` <br/> `.py` <br/> `.rar` <br/> `.reg` <br/> `.scr` <br/> `.sys` <br/> `.tar` <br/> `.tmp` <br/> `.url` <br/> `.vbe` <br/> `.vbs` <br/> `.wsf` <br/> `.zip` | `AcroRd32.exe` <br/> `bitsadmin.exe` <br/> `excel.exe` <br/> `iexplore.exe` <br/> `java.exe` <br/> `outlook.exe` <br/> `psexec.exe` <br/> `powerpnt.exe` <br/> `powershell.exe` <br/> `schtasks.exe`  <br/> `svchost.exe` <br/>`wmic.exe` <br/> `winword.exe` <br/> `wuauclt.exe` <br/> `addinprocess.exe` <br/> `addinprocess32.exe` <br/> `addinutil.exe` <br/> `bash.exe` <br/> `bginfo.exe`[1] <br/>`cdb.exe` <br/> `csi.exe` <br/> `dbghost.exe` <br/> `dbgsvc.exe` <br/> `dnx.exe` <br/> `fsi.exe` <br/> `fsiAnyCpu.exe` <br/> `kd.exe` <br/> `ntkd.exe` <br/> `lxssmanager.dll` <br/> `msbuild.exe`[2] <br/> `mshta.exe` <br/> `ntsd.exe` <br/> `rcsi.exe` <br/> `system.management.automation.dll` <br/> `windbg.exe` |
 
 >[!NOTE]
 > You can chose to exclude file types, such as `.gif`, `.jpg`, `.jpeg`, or `.png` if your environment has a modern, up-to-date software with a strict update policy to handle any vulnerabilities.

From e39d70cc5492f89d1f1bb73b077ce36b20e0903a Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Sun, 28 Mar 2021 09:28:33 +0500
Subject: [PATCH 08/35] Update
 configure-extension-file-exclusions-microsoft-defender-antivirus.md

---
 ...xtension-file-exclusions-microsoft-defender-antivirus.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md
index 72b9e21580..490e1e1e06 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md
@@ -183,8 +183,8 @@ The following table describes how the wildcards can be used and provides some ex
 
 |Wildcard  |Examples  |
 |:---------|:---------|
-|`*` (asterisk) <br/><br/>In **file name and file extension inclusions**, the asterisk replaces any number of characters, and only applies to files in the last folder defined in the argument. <br/><br/>In **folder exclusions**, the asterisk replaces a single folder. Use multiple `*` with folder slashes `\` to indicate multiple nested folders. After matching the number of wild carded and named folders, all subfolders are also included.   | `C:\MyData\*.txt` would include `C:\MyData\notes.txt`<br/><br/>`C:\somepath\*\Data` would include any file in `C:\somepath\Archives\Data and its subfolders` and `C:\somepath\Authorized\Data and its subfolders` <br/><br/>`C:\Serv\*\*\Backup` would include any file in `C:\Serv\Primary\Denied\Backup and its subfolders` and `C:\Serv\Secondary\Allowed\Backup and its subfolders`     |
-|`?` (question mark)  <br/><br/>In **file name and file extension inclusions**, the question mark replaces a single character, and only applies to files in the last folder defined in the argument. <br/><br/>In **folder exclusions**, the question mark replaces a single character in a folder name. After matching the number of wild carded and named folders, all subfolders are also included.   |`C:\MyData\my?` would include `C:\MyData\my1.zip` <br/><br/>`C:\somepath\?\Data` would include any file in `C:\somepath\P\Data` and its subfolders <br/><br/>`C:\somepath\test0?\Data` would include any file in `C:\somepath\test01\Data` and its subfolders          |
+|`*` (asterisk) <br/><br/>In **file name and file extension inclusions**, the asterisk replaces any number of characters, and only applies to files in the last folder defined in the argument. <br/><br/>In **folder exclusions**, the asterisk replaces a single folder. Use multiple `*` with folder slashes `\` to indicate multiple nested folders. After matching the number of wild carded and named folders, all subfolders are also included.   | `C:\MyData\*.txt` would include `C:\MyData\notes.txt`<br/><br/>`C:\somepath\*\Data` would include any file in `C:\somepath\Archives\Data` and its subfolders and `C:\somepath\Authorized\Data` and its subfolders <br/><br/>`C:\Serv\*\*\Backup` would include any file in `C:\Serv\Primary\Denied\Backup` and its subfolders and `C:\Serv\Secondary\Allowed\Backup` and its subfolders     |
+|`?` (question mark)  <br/><br/>In **file name and file extension inclusions**, the question mark replaces a single character, and only applies to files in the last folder defined in the argument. <br/><br/>In **folder exclusions**, the question mark replaces a single character in a folder name. After matching the number of wild carded and named folders, all subfolders are also included.   |`C:\MyData\my?.zip` would include `C:\MyData\my1.zip` <br/><br/>`C:\somepath\?\Data` would include any file in `C:\somepath\P\Data` and its subfolders <br/><br/>`C:\somepath\test0?\Data` would include any file in `C:\somepath\test01\Data` and its subfolders          |
 |Environment variables <br/><br/>The defined variable is populated as a path when the exclusion is evaluated.          |`%ALLUSERSPROFILE%\CustomLogFiles` would include `C:\ProgramData\CustomLogFiles\Folder1\file1.txt`         |
         
 
@@ -360,4 +360,4 @@ You can also copy the string into a blank text file and attempt to save it with
 - [Configure and validate exclusions in Microsoft Defender Antivirus scans](configure-exclusions-microsoft-defender-antivirus.md)
 - [Configure and validate exclusions for files opened by processes](configure-process-opened-file-exclusions-microsoft-defender-antivirus.md)
 - [Configure Microsoft Defender Antivirus exclusions on Windows Server](configure-server-exclusions-microsoft-defender-antivirus.md)
-- [Common mistakes to avoid when defining exclusions](common-exclusion-mistakes-microsoft-defender-antivirus.md)
\ No newline at end of file
+- [Common mistakes to avoid when defining exclusions](common-exclusion-mistakes-microsoft-defender-antivirus.md)

From f792e5b308fe6d755ba4fd19c74c4d1b7fa7ce30 Mon Sep 17 00:00:00 2001
From: Office Content Publishing
 <34616516+officedocspr@users.noreply.github.com>
Date: Sat, 27 Mar 2021 23:33:42 -0700
Subject: [PATCH 09/35] Uploaded file: store-for-business-content-updates.md -
 2021-03-27 23:33:42.2339

---
 .../includes/store-for-business-content-updates.md  | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/store-for-business/includes/store-for-business-content-updates.md b/store-for-business/includes/store-for-business-content-updates.md
index 913373f54b..5bfd1836da 100644
--- a/store-for-business/includes/store-for-business-content-updates.md
+++ b/store-for-business/includes/store-for-business-content-updates.md
@@ -2,9 +2,20 @@
 

 
 
+## Week of March 22, 2021
+
+
+| Published On |Topic title | Change |
+|------|------------|--------|
+| 3/26/2021 | [Acquire apps in Microsoft Store for Business (Windows 10)](/microsoft-store/acquire-apps-microsoft-store-for-business) | modified |
+| 3/26/2021 | [Apps in Microsoft Store for Business and Education (Windows 10)](/microsoft-store/apps-in-microsoft-store-for-business) | modified |
+| 3/26/2021 | [Change history for Microsoft Store for Business and Education](/microsoft-store/sfb-change-history) | modified |
+| 3/26/2021 | [Whats new in Microsoft Store for Business and Education](/microsoft-store/release-history-microsoft-store-business-education) | modified |
+
+
 ## Week of March 15, 2021
 
 
 | Published On |Topic title | Change |
 |------|------------|--------|
-| 3/17/2021 | [Roles and permissions in Microsoft Store for Business and Education (Windows 10)](../roles-and-permissions-microsoft-store-for-business.md) | modified |
\ No newline at end of file
+| 3/17/2021 | [Roles and permissions in Microsoft Store for Business and Education (Windows 10)](/microsoft-store/roles-and-permissions-microsoft-store-for-business) | modified |

From 7e9215ca6b8910289e7436ad40962879a75f6666 Mon Sep 17 00:00:00 2001
From: Dynakarp <69023488+Dynakarp@users.noreply.github.com>
Date: Sun, 28 Mar 2021 09:02:48 -0500
Subject: [PATCH 10/35] Update
 windows/security/threat-protection/microsoft-defender-antivirus/common-exclusion-mistakes-microsoft-defender-antivirus.md

Correct a typo.

Co-authored-by: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 .../common-exclusion-mistakes-microsoft-defender-antivirus.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/common-exclusion-mistakes-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/common-exclusion-mistakes-microsoft-defender-antivirus.md
index fa0088f89f..3ce1ffde39 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/common-exclusion-mistakes-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/common-exclusion-mistakes-microsoft-defender-antivirus.md
@@ -36,8 +36,8 @@ Do not define exclusions for the folder locations, file extensions, and processe
 |:--|:--|:--|
 | `%systemdrive%` <br/> `C:`<br/> `C:\` <br/> `C:\*` <br/> `%ProgramFiles%\Java` <br/> `C:\Program Files\Java` <br/> `%ProgramFiles%\Contoso\` <br/> `C:\Program Files\Contoso\` <br/> `%ProgramFiles(x86)%\Contoso\` <br/> `C:\Program Files (x86)\Contoso\` <br/> `C:\Temp` <br/> `C:\Temp\` <br/> `C:\Temp\*` <br/> `C:\Users\` <br/> `C:\Users\*` <br/> `C:\Users\<UserProfileName>\AppData\Local\Temp\` <br/> `C:\Users\<UserProfileName>\AppData\LocalLow\Temp\` <br/> `C:\Users\<UserProfileName>\AppData\Roaming\Temp\` <br/> `%Windir%\Prefetch` <br/> `C:\Windows\Prefetch` <br/> `C:\Windows\Prefetch\` <br/> `C:\Windows\Prefetch\*` <br/> `%Windir%\System32\Spool` <br/> `C:\Windows\System32\Spool` <br/> `C:\Windows\System32\CatRoot2` <br/> `%Windir%\Temp` <br/> `C:\Windows\Temp` <br/> `C:\Windows\Temp\` <br/> `C:\Windows\Temp\*` | `.7z` <br/> `.bat` <br/> `.bin` <br/> `.cab` <br/> `.cmd` <br/> `.com` <br/> `.cpl` <br/> `.dll` <br/> `.exe` <br/> `.fla` <br/> `.gif` <br/> `.gz` <br/> `.hta` <br/> `.inf` <br/> `.java` <br/> `.jar` <br/> `.job` <br/> `.jpeg` <br/> `.jpg` <br/> `.js` <br/> `.ko` <br/> `.ko.gz` <br/> `.msi` <br/> `.ocx` <br/> `.png` <br/> `.ps1` <br/> `.py` <br/> `.rar` <br/> `.reg` <br/> `.scr` <br/> `.sys` <br/> `.tar` <br/> `.tmp` <br/> `.url` <br/> `.vbe` <br/> `.vbs` <br/> `.wsf` <br/> `.zip` | `AcroRd32.exe` <br/> `bitsadmin.exe` <br/> `excel.exe` <br/> `iexplore.exe` <br/> `java.exe` <br/> `outlook.exe` <br/> `psexec.exe` <br/> `powerpnt.exe` <br/> `powershell.exe` <br/> `schtasks.exe`  <br/> `svchost.exe` <br/>`wmic.exe` <br/> `winword.exe` <br/> `wuauclt.exe` <br/> `addinprocess.exe` <br/> `addinprocess32.exe` <br/> `addinutil.exe` <br/> `bash.exe` <br/> `bginfo.exe`[1] <br/>`cdb.exe` <br/> `csi.exe` <br/> `dbghost.exe` <br/> `dbgsvc.exe` <br/> `dnx.exe` <br/> `fsi.exe` <br/> `fsiAnyCpu.exe` <br/> `kd.exe` <br/> `ntkd.exe` <br/> `lxssmanager.dll` <br/> `msbuild.exe`[2] <br/> `mshta.exe` <br/> `ntsd.exe` <br/> `rcsi.exe` <br/> `system.management.automation.dll` <br/> `windbg.exe` |
 
->[!NOTE]
-> You can chose to exclude file types, such as `.gif`, `.jpg`, `.jpeg`, or `.png` if your environment has a modern, up-to-date software with a strict update policy to handle any vulnerabilities.
+> [!NOTE]
+> You can choose to exclude file types, such as `.gif`, `.jpg`, `.jpeg`, or `.png` if your environment has a modern, up-to-date software with a strict update policy to handle any vulnerabilities.
 
 ## Using just the file name in the exclusion list
 

From 1b893a69c3fdb612c64c97506a2db85e3026ded8 Mon Sep 17 00:00:00 2001
From: "Linda Taylor (SNAKE FIGHTER)" <lindakup@microsoft.com>
Date: Mon, 29 Mar 2021 10:04:40 +0100
Subject: [PATCH 11/35] Update policy-csp-localusersandgroups.md

Added a missing command for completely turning off logging.
---
 windows/client-management/mdm/policy-csp-localusersandgroups.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/windows/client-management/mdm/policy-csp-localusersandgroups.md b/windows/client-management/mdm/policy-csp-localusersandgroups.md
index 8fc0ccab54..2cd2e5f34e 100644
--- a/windows/client-management/mdm/policy-csp-localusersandgroups.md
+++ b/windows/client-management/mdm/policy-csp-localusersandgroups.md
@@ -251,6 +251,8 @@ To troubleshoot Name/SID lookup APIs:
 
     ```cmd
     Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Lsa" -Name LspDbgInfoLevel -Value 0x0 -Type dword -Force
+    
+    Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Lsa" -Name LspDbgTraceOptions -Value 0x0 -Type dword -Force
     ```
 ```xml
 <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" version="1.0">

From b729926aa2234f0122a832271a154a4d48082719 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Mon, 29 Mar 2021 13:28:46 -0700
Subject: [PATCH 12/35] Update
 configure-extension-file-exclusions-microsoft-defender-antivirus.md

---
 ...-extension-file-exclusions-microsoft-defender-antivirus.md | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md
index 490e1e1e06..af3e8d59d7 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md
@@ -99,8 +99,6 @@ See [How to create and deploy antimalware policies: Exclusion settings](/configm
 
 5. Choose **OK**.
 
-    ![The Group Policy setting for file and folder exclusions](images/defender/wdav-path-exclusions.png)
-
 6. Open the **Extension Exclusions** setting for editing and add your exclusions.
 
     - Set the option to **Enabled**.
@@ -139,7 +137,7 @@ The following are allowed as the `<exclusion list>`:
 > [!IMPORTANT]
 > If you have created a list, either with `Set-MpPreference` or `Add-MpPreference`, using the `Set-MpPreference` cmdlet again will overwrite the existing list.
 
-For example, the following code snippet would cause Microsoft Defender AV scans to exclude any file with the `.test` file extension:
+For example, the following code snippet would cause Microsoft Defender Antivirus scans to exclude any file with the `.test` file extension:
 
 ```PowerShell
 Add-MpPreference -ExclusionExtension ".test"

From 61d43b2f2686b1f4f6654988c9ffe0d2af0a7967 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Mon, 29 Mar 2021 13:33:16 -0700
Subject: [PATCH 13/35] Update
 configure-extension-file-exclusions-microsoft-defender-antivirus.md

---
 ...ension-file-exclusions-microsoft-defender-antivirus.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md
index af3e8d59d7..e73616fdc6 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md
@@ -40,7 +40,7 @@ This article  describes how to configure exclusion lists for the files and folde
 
 | Exclusion | Examples | Exclusion list |
 |:---|:---|:---|
-|Any file with a specific extension | All files with the specified extension, anywhere on the machine.<br/>Valid syntax: `.test` and `test`  | Extension exclusions |
+|Any file with a specific extension | All files with the specified extension, anywhere on the machine. <p> Valid syntax: `.test` and `test`  | Extension exclusions |
 |Any file under a specific folder | All files under the `c:\test\sample` folder | File and folder exclusions |
 | A specific file in a specific folder | The file `c:\sample\sample.test` only | File and folder exclusions |
 | A specific process | The executable file `c:\test\process.exe` | File and folder exclusions |
@@ -181,9 +181,9 @@ The following table describes how the wildcards can be used and provides some ex
 
 |Wildcard  |Examples  |
 |:---------|:---------|
-|`*` (asterisk) <br/><br/>In **file name and file extension inclusions**, the asterisk replaces any number of characters, and only applies to files in the last folder defined in the argument. <br/><br/>In **folder exclusions**, the asterisk replaces a single folder. Use multiple `*` with folder slashes `\` to indicate multiple nested folders. After matching the number of wild carded and named folders, all subfolders are also included.   | `C:\MyData\*.txt` would include `C:\MyData\notes.txt`<br/><br/>`C:\somepath\*\Data` would include any file in `C:\somepath\Archives\Data` and its subfolders and `C:\somepath\Authorized\Data` and its subfolders <br/><br/>`C:\Serv\*\*\Backup` would include any file in `C:\Serv\Primary\Denied\Backup` and its subfolders and `C:\Serv\Secondary\Allowed\Backup` and its subfolders     |
-|`?` (question mark)  <br/><br/>In **file name and file extension inclusions**, the question mark replaces a single character, and only applies to files in the last folder defined in the argument. <br/><br/>In **folder exclusions**, the question mark replaces a single character in a folder name. After matching the number of wild carded and named folders, all subfolders are also included.   |`C:\MyData\my?.zip` would include `C:\MyData\my1.zip` <br/><br/>`C:\somepath\?\Data` would include any file in `C:\somepath\P\Data` and its subfolders <br/><br/>`C:\somepath\test0?\Data` would include any file in `C:\somepath\test01\Data` and its subfolders          |
-|Environment variables <br/><br/>The defined variable is populated as a path when the exclusion is evaluated.          |`%ALLUSERSPROFILE%\CustomLogFiles` would include `C:\ProgramData\CustomLogFiles\Folder1\file1.txt`         |
+|`*` (asterisk) <p> In **file name and file extension inclusions**, the asterisk replaces any number of characters, and only applies to files in the last folder defined in the argument. <p> In **folder exclusions**, the asterisk replaces a single folder. Use multiple `*` with folder slashes `\` to indicate multiple nested folders. After matching the number of wild carded and named folders, all subfolders are also included.   | `C:\MyData\*.txt` includes `C:\MyData\notes.txt` <p> `C:\somepath\*\Data` includes any file in `C:\somepath\Archives\Data` and its subfolders, and `C:\somepath\Authorized\Data` and its subfolders <p> `C:\Serv\*\*\Backup` includes any file in `C:\Serv\Primary\Denied\Backup` and its subfolders and `C:\Serv\Secondary\Allowed\Backup` and its subfolders     |
+|`?` (question mark)  <p> In **file name and file extension inclusions**, the question mark replaces a single character, and only applies to files in the last folder defined in the argument. <p> In **folder exclusions**, the question mark replaces a single character in a folder name. After matching the number of wild carded and named folders, all subfolders are also included.   |`C:\MyData\my?.zip` includes `C:\MyData\my1.zip` <p> `C:\somepath\?\Data` includes any file in `C:\somepath\P\Data` and its subfolders  <p> `C:\somepath\test0?\Data` would include any file in `C:\somepath\test01\Data` and its subfolders          |
+|Environment variables <p> The defined variable is populated as a path when the exclusion is evaluated.          |`%ALLUSERSPROFILE%\CustomLogFiles` would include `C:\ProgramData\CustomLogFiles\Folder1\file1.txt`         |
         
 
 > [!IMPORTANT]

From 6fda07b26035c000dd5c7116fc41f708eeb0dfa4 Mon Sep 17 00:00:00 2001
From: Gary Moore <v-gmoor@microsoft.com>
Date: Mon, 29 Mar 2021 16:50:12 -0700
Subject: [PATCH 14/35] Corrected note style, list type, and UI reference

Notes should use our custom Markdown elements. https://review.docs.microsoft.com/en-us/office-authoring-guide/pr-criteria?branch=master#pr-quality-review-criteria

Sequential steps should enumerated. https://review.docs.microsoft.com/en-us/office-authoring-guide/pr-criteria?branch=master#pr-quality-review-criteria

It ellipses are appended to commands in the UI, they should not be included in procedures. https://styleguides.azurewebsites.net/Styleguide/Read?id=2700&topicid=29014
---
 ...e-exclusions-microsoft-defender-antivirus.md | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md
index 72b9e21580..3fa9bda9d0 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md
@@ -31,7 +31,8 @@ ms.technology: mde
 
 You can exclude certain files from Microsoft Defender Antivirus scans by modifying exclusion lists. **Generally, you shouldn't need to apply exclusions**. Microsoft Defender Antivirus includes many automatic exclusions based on known operating system behaviors and typical management files, such as those used in enterprise management, database management, and other enterprise scenarios and situations.
 
-**Note**: Exclusions apply to Potentially Unwanted Apps (PUA) detections as well.
+> [!NOTE]
+> Exclusions apply to Potentially Unwanted Apps (PUA) detections as well.
 
 > [!NOTE]
 > Automatic exclusions apply only to Windows Server 2016 and above. These exclusions are not visible in the Windows Security app and in PowerShell.
@@ -92,10 +93,10 @@ See [How to create and deploy antimalware policies: Exclusion settings](/configm
 
 4. Open the **Path Exclusions** setting for editing, and add your exclusions.
 
-    - Set the option to **Enabled**.
-    - Under the **Options** section, click **Show...**.
-    - Specify each folder on its own line under the **Value name** column.
-    - If you are specifying a file, ensure you enter a fully qualified path to the file, including the drive letter, folder path, filename, and extension. Enter **0** in the **Value** column.
+    1. Set the option to **Enabled**.
+    1. Under the **Options** section, click **Show**.
+    1. Specify each folder on its own line under the **Value name** column.
+    1. If you are specifying a file, ensure that you enter a fully qualified path to the file, including the drive letter, folder path, file name, and extension. Enter **0** in the **Value** column.
 
 5. Choose **OK**.
 
@@ -103,9 +104,9 @@ See [How to create and deploy antimalware policies: Exclusion settings](/configm
 
 6. Open the **Extension Exclusions** setting for editing and add your exclusions.
 
-    - Set the option to **Enabled**.
-    - Under the **Options** section, select **Show...**.
-    - Enter each file extension on its own line under the **Value name** column.  Enter **0** in the **Value** column.
+    1. Set the option to **Enabled**.
+    1. Under the **Options** section, select **Show**.
+    1. Enter each file extension on its own line under the **Value name** column.  Enter **0** in the **Value** column.
 
 7. Choose **OK**.
 

From d3491ffe45b67a1f824895c87ddf59b11464f79e Mon Sep 17 00:00:00 2001
From: nimishasatapathy <75668234+nimishasatapathy@users.noreply.github.com>
Date: Tue, 30 Mar 2021 15:50:08 +0530
Subject: [PATCH 15/35] Updated

---
 .../mdm/policy-configuration-service-provider.md              | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md
index 3734efcae5..fd3ec0aaba 100644
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@@ -8554,11 +8554,11 @@ The following diagram shows the Policy configuration service provider in tree fo
   </dd>
 </dl>
 
-### Winsrv policies
+### ADMX Winsrv policies
 
 <dl>
   <dd>
-    <a href="./policy-csp-winsrv.md#winsrv.-allowblockingappsatshutdown" id="winsrv.-allowblockingappsatshutdown">Winsrv/AllowBlockingAppsAtShutdown</a>
+    <a href="./policy-csp-admx-winsrv.md#winsrv.-allowblockingappsatshutdown" id="winsrv.-allowblockingappsatshutdown">Winsrv/AllowBlockingAppsAtShutdown</a>
   </dd>
 </dl>
 

From 0153c340941452ff4192c5c1c927f1bf390b2f22 Mon Sep 17 00:00:00 2001
From: nimishasatapathy <75668234+nimishasatapathy@users.noreply.github.com>
Date: Tue, 30 Mar 2021 15:56:56 +0530
Subject: [PATCH 16/35] Updated

---
 .../mdm/policy-configuration-service-provider.md                | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md
index fd3ec0aaba..c85b3d7194 100644
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@@ -8558,7 +8558,7 @@ The following diagram shows the Policy configuration service provider in tree fo
 
 <dl>
   <dd>
-    <a href="./policy-csp-admx-winsrv.md#winsrv.-allowblockingappsatshutdown" id="winsrv.-allowblockingappsatshutdown">Winsrv/AllowBlockingAppsAtShutdown</a>
+    <a href="./policy-csp-admx-winsrv.md#winsrv.-allowblockingappsatshutdown" id="#admx-winsrv.-allowblockingappsatshutdown">ADMX_Winsrv/AllowBlockingAppsAtShutdown</a>
   </dd>
 </dl>
 

From 97113301d3eae6bd230c1dcb3cd9b6e32d4e1b2b Mon Sep 17 00:00:00 2001
From: nimishasatapathy <75668234+nimishasatapathy@users.noreply.github.com>
Date: Tue, 30 Mar 2021 16:03:05 +0530
Subject: [PATCH 17/35] updated

---
 windows/client-management/mdm/policy-csp-admx-winsrv.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-admx-winsrv.md b/windows/client-management/mdm/policy-csp-admx-winsrv.md
index 1898b68b88..ac5a01bce6 100644
--- a/windows/client-management/mdm/policy-csp-admx-winsrv.md
+++ b/windows/client-management/mdm/policy-csp-admx-winsrv.md
@@ -23,7 +23,7 @@ manager: dansimp
 
 <dl>
   <dd>
-    <a href="#admx-winsrv.-allowblockingappsatshutdown">ADMX_Winsrv/AllowBlockingAppsAtShutdown</a>
+    <a href="#admx-winsrv-allowblockingappsatshutdown">ADMX_Winsrv/AllowBlockingAppsAtShutdown</a>
   </dd>
 </dl>
 
@@ -31,7 +31,7 @@ manager: dansimp
 <hr/>
 
 <!--Policy-->
-<a href="" id="admx-winsrv.-allowblockingappsatshutdown"></a>**ADMX_Winsrv/AllowBlockingAppsAtShutdown**  
+<a href="" id="admx-winsrv-allowblockingappsatshutdown"></a>**ADMX_Winsrv/AllowBlockingAppsAtShutdown**  
 
 <!--SupportedSKUs-->
 <table>

From e564f4d178335c7c49a5abbb26eddf0e5f53986d Mon Sep 17 00:00:00 2001
From: nimishasatapathy <75668234+nimishasatapathy@users.noreply.github.com>
Date: Tue, 30 Mar 2021 16:20:09 +0530
Subject: [PATCH 18/35] Updated

---
 .../mdm/policies-in-policy-csp-admx-backed.md                 | 2 +-
 .../mdm/policy-configuration-service-provider.md              | 2 +-
 .../mdm/policy-csp-admx-microsoftdefenderantivirus.md         | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
index 9f3f62b646..03fef4f8a1 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
@@ -463,7 +463,7 @@ ms.date: 10/08/2020
 - [ADMX_MicrosoftDefenderAntivirus/Reporting_AdditionalActionTimeout](./policy-csp-admx-microsoftdefenderantivirus.md#admx-microsoftdefenderantivirus-reporting-additionalactiontimeout)
 - [ADMX_MicrosoftDefenderAntivirus/Reporting_CriticalFailureTimeout](./policy-csp-admx-microsoftdefenderantivirus.md#admx-microsoftdefenderantivirus-reporting-criticalfailuretimeout)
 - [ADMX_MicrosoftDefenderAntivirus/Reporting_DisableEnhancedNotifications](./policy-csp-admx-microsoftdefenderantivirus.md#admx-microsoftdefenderantivirus-reporting-disableenhancednotifications)
-- [ADMX_MicrosoftDefenderAntivirus/Reporting_DisablegenericrePorts](./policy-csp-admx-microsoftdefenderantivirus.md#admx-microsoftdefenderantivirus-reporting-disablegenericreports)
+- [ADMX_MicrosoftDefenderAntivirus/Reporting_Disablegenericreports](./policy-csp-admx-microsoftdefenderantivirus.md#admx-microsoftdefenderantivirus-reporting-disablegenericreports)
 - [ADMX_MicrosoftDefenderAntivirus/Reporting_NonCriticalTimeout](./policy-csp-admx-microsoftdefenderantivirus.md#admx-microsoftdefenderantivirus-reporting-noncriticaltimeout)
 - [ADMX_MicrosoftDefenderAntivirus/Reporting_RecentlyCleanedTimeout](./policy-csp-admx-microsoftdefenderantivirus.md#admx-microsoftdefenderantivirus-reporting-recentlycleanedtimeout)
 - [ADMX_MicrosoftDefenderAntivirus/Reporting_WppTracingComponents](./policy-csp-admx-microsoftdefenderantivirus.md#admx-microsoftdefenderantivirus-reporting-wpptracingcomponents)
diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md
index 071df833d0..3bf1c2a03a 100644
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@@ -1714,7 +1714,7 @@ The following diagram shows the Policy configuration service provider in tree fo
     <a href="./policy-csp-admx-microsoftdefenderantivirus.md#admx-microsoftdefenderantivirus-reporting-disableenhancednotifications" id="admx-microsoftdefenderantivirus-reporting-disableenhancednotifications">ADMX_MicrosoftDefenderAntivirus/Reporting_DisableEnhancedNotifications</a>
   </dd>
   <dd>
-    <a href="./policy-csp-admx-microsoftdefenderantivirus.md#admx-microsoftdefenderantivirus-reporting-disablegenericreports" id="admx-microsoftdefenderantivirus-reporting-disablegenericreports">ADMX_MicrosoftDefenderAntivirus/Reporting_DisablegenericrePorts</a>
+    <a href="./policy-csp-admx-microsoftdefenderantivirus.md#admx-microsoftdefenderantivirus-reporting-disablegenericreports" id="admx-microsoftdefenderantivirus-reporting-disablegenericreports">ADMX_MicrosoftDefenderAntivirus/Reporting_Disablegenericreports</a>
   </dd>
   <dd>
     <a href="./policy-csp-admx-microsoftdefenderantivirus.md#admx-microsoftdefenderantivirus-reporting-noncriticaltimeout" id="admx-microsoftdefenderantivirus-reporting-noncriticaltimeout">ADMX_MicrosoftDefenderAntivirus/Reporting_NonCriticalTimeout</a>
diff --git a/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md b/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md
index 8b3d27a436..ca641e1edd 100644
--- a/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md
+++ b/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md
@@ -146,7 +146,7 @@ manager: dansimp
     <a href="#admx-microsoftdefenderantivirus-reporting-disableenhancednotifications">ADMX_MicrosoftDefenderAntivirus/Reporting_DisableEnhancedNotifications</a>
   </dd>
   <dd>
-    <a href="#admx-microsoftdefenderantivirus-reporting-disablegenericreports">ADMX_MicrosoftDefenderAntivirus/Reporting_DisablegenericrePorts</a>
+    <a href="#admx-microsoftdefenderantivirus-reporting-disablegenericreports">ADMX_MicrosoftDefenderAntivirus/Reporting_Disablegenericreports</a>
   </dd>
   <dd>
     <a href="#admx-microsoftdefenderantivirus-reporting-noncriticaltimeout">ADMX_MicrosoftDefenderAntivirus/Reporting_NonCriticalTimeout</a>
@@ -3282,7 +3282,7 @@ If you disable this setting, Watson events will not be sent.
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP English name: *Configure Watson events*
--   GP name: *Reporting_DisablegenericrePorts*
+-   GP name: *Reporting_Disablegenericreports*
 -   GP path: *Windows Components\Microsoft Defender Antivirus\Reporting*
 -   GP ADMX file name: *WindowsDefender.admx*
 

From 932f93cea46ffb64e9c11b3954d5353d00e1fb18 Mon Sep 17 00:00:00 2001
From: nimishasatapathy <75668234+nimishasatapathy@users.noreply.github.com>
Date: Tue, 30 Mar 2021 16:51:03 +0530
Subject: [PATCH 19/35] Updated

---
 .../mdm/policy-csp-admx-microsoftdefenderantivirus.md           | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md b/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md
index ca641e1edd..96061dc019 100644
--- a/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md
+++ b/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md
@@ -3222,6 +3222,8 @@ ADMX Info:
 
 <!--/ADMXBacked-->
 <!--/Policy-->
+
+<a href="" id="admx-microsoftdefenderantivirus-reporting-disablegenericreports"></a>**ADMX_MicrosoftDefenderAntivirus/Reporting_Disablegenericreports** 
 <hr/>
 
 <!--SupportedSKUs-->

From cacd97d7ce67bdc1522234f864f7f4e393e00e36 Mon Sep 17 00:00:00 2001
From: nimishasatapathy <75668234+nimishasatapathy@users.noreply.github.com>
Date: Tue, 30 Mar 2021 17:07:38 +0530
Subject: [PATCH 20/35] Updated

---
 .../mdm/policy-csp-admx-microsoftdefenderantivirus.md         | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md b/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md
index 96061dc019..2b47023734 100644
--- a/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md
+++ b/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md
@@ -3355,6 +3355,7 @@ ADMX Info:
 
 <!--/ADMXBacked-->
 <!--/Policy-->
+<a href="" id="admx-microsoftdefenderantivirus-reporting-recentlycleanedtimeout"></a>**ADMX_MicrosoftDefenderAntivirus/Reporting_RecentlyCleanedTimeout** 
 <hr/>
 
 <!--SupportedSKUs-->
@@ -4245,6 +4246,7 @@ ADMX Info:
 
 <!--/ADMXBacked-->
 <!--/Policy-->
+<a href="" id="admx-microsoftdefenderantivirus-scan-disablescanningmappednetworkdrivesforfullscan"></a>**ADMX_MicrosoftDefenderAntivirus/Scan_DisableScanningMappedNetworkDrivesForFullScan**
 <hr/>
 <!--Policy-->
 
@@ -6130,6 +6132,8 @@ ADMX Info:
 
 <!--/ADMXBacked-->
 <!--/Policy-->
+<a href="" id="admx-microsoftdefenderantivirus-signatureupdate-signaturedisablenotification"></a>**ADMX_MicrosoftDefenderAntivirus/SignatureUpdate_SignatureDisableNotification**  
+
 <hr/>
 <!--Policy-->
 

From 7733cf3c31c0a18c7f474189b036ed06e3a97a6f Mon Sep 17 00:00:00 2001
From: nimishasatapathy <75668234+nimishasatapathy@users.noreply.github.com>
Date: Tue, 30 Mar 2021 17:27:22 +0530
Subject: [PATCH 21/35] Updated

---
 .../client-management/mdm/policies-in-policy-csp-admx-backed.md | 2 +-
 .../mdm/policy-configuration-service-provider.md                | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
index 7e3a06ecb3..7b4ea25f8b 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
@@ -1340,7 +1340,7 @@ ms.date: 10/08/2020
 - [ADMX_WinLogon/LogonHoursPolicyDescription](./policy-csp-admx-winlogon.md#admx-winlogon-logonhourspolicydescription)
 - [ADMX_WinLogon/ReportCachedLogonPolicyDescription](./policy-csp-admx-winlogon.md#admx-winlogon-reportcachedlogonpolicydescription)
 - [ADMX_WinLogon/SoftwareSASGeneration](./policy-csp-admx-winlogon.md#admx-winlogon-softwaresasgeneration)
-- [ADMX_Winsrv/AllowBlockingAppsAtShutdown](./policy-csp-admx-winsrv.md#admx-winsrv.-allowblockingappsatshutdown)
+- [ADMX_Winsrv/AllowBlockingAppsAtShutdown](./policy-csp-admx-winsrvmd#admx-winsrv-allowblockingappsatshutdown)
 - [ADMX_wlansvc/SetCost](./policy-csp-admx-wlansvc.md#admx-wlansvc-setcost)
 - [ADMX_wlansvc/SetPINEnforced](./policy-csp-admx-wlansvc.md#admx-wlansvc-setpinenforced)
 - [ADMX_wlansvc/SetPINPreferred](./policy-csp-admx-wlansvc.md#admx-wlansvc-setpinpreferred)
diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md
index 28e21d3081..fcf736c763 100644
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@@ -8583,7 +8583,7 @@ The following diagram shows the Policy configuration service provider in tree fo
 
 <dl>
   <dd>
-    <a href="./policy-csp-admx-winsrv.md#winsrv.-allowblockingappsatshutdown" id="#admx-winsrv.-allowblockingappsatshutdown">ADMX_Winsrv/AllowBlockingAppsAtShutdown</a>
+    <a href="./policy-csp-admx-winsrv.md#winsrv-allowblockingappsatshutdown" id="#admx-winsrv-allowblockingappsatshutdown">ADMX_Winsrv/AllowBlockingAppsAtShutdown</a>
   </dd>
 </dl>
 

From a76a1476256e95018cac1a9b6e7602d759b26cbb Mon Sep 17 00:00:00 2001
From: nimishasatapathy <75668234+nimishasatapathy@users.noreply.github.com>
Date: Tue, 30 Mar 2021 23:14:33 +0530
Subject: [PATCH 22/35] Updated

---
 .../mdm/policies-in-policy-csp-admx-backed.md     |  2 +-
 .../mdm/policy-configuration-service-provider.md  | 15 ++++++++-------
 2 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
index 7b4ea25f8b..840038f03d 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
@@ -1340,7 +1340,7 @@ ms.date: 10/08/2020
 - [ADMX_WinLogon/LogonHoursPolicyDescription](./policy-csp-admx-winlogon.md#admx-winlogon-logonhourspolicydescription)
 - [ADMX_WinLogon/ReportCachedLogonPolicyDescription](./policy-csp-admx-winlogon.md#admx-winlogon-reportcachedlogonpolicydescription)
 - [ADMX_WinLogon/SoftwareSASGeneration](./policy-csp-admx-winlogon.md#admx-winlogon-softwaresasgeneration)
-- [ADMX_Winsrv/AllowBlockingAppsAtShutdown](./policy-csp-admx-winsrvmd#admx-winsrv-allowblockingappsatshutdown)
+- [ADMX_Winsrv/AllowBlockingAppsAtShutdown](./policy-csp-admx-winsrv.md#admx-winsrv-allowblockingappsatshutdown)
 - [ADMX_wlansvc/SetCost](./policy-csp-admx-wlansvc.md#admx-wlansvc-setcost)
 - [ADMX_wlansvc/SetPINEnforced](./policy-csp-admx-wlansvc.md#admx-wlansvc-setpinenforced)
 - [ADMX_wlansvc/SetPINPreferred](./policy-csp-admx-wlansvc.md#admx-wlansvc-setpinpreferred)
diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md
index fcf736c763..7900724db8 100644
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@@ -4600,6 +4600,14 @@ The following diagram shows the Policy configuration service provider in tree fo
   </dd>
 </dl>
 
+### ADMX_Winsrv policies
+
+<dl>
+  <dd>
+    <a href="./policy-csp-admx-winsrv.md#winsrv-allowblockingappsatshutdown" id="#admx-winsrv-allowblockingappsatshutdown">ADMX_Winsrv/AllowBlockingAppsAtShutdown</a>
+  </dd>
+</dl>
+
 ### ADMX_wlansvc policies  
 
 <dl>
@@ -8579,13 +8587,6 @@ The following diagram shows the Policy configuration service provider in tree fo
   </dd>
 </dl>
 
-### ADMX Winsrv policies
-
-<dl>
-  <dd>
-    <a href="./policy-csp-admx-winsrv.md#winsrv-allowblockingappsatshutdown" id="#admx-winsrv-allowblockingappsatshutdown">ADMX_Winsrv/AllowBlockingAppsAtShutdown</a>
-  </dd>
-</dl>
 
 ## Policies in Policy CSP supported by Group Policy and ADMX-backed policies in Policy CSP
 - [Policies in Policy CSP supported by Group Policy](./policies-in-policy-csp-supported-by-group-policy.md)

From 8e56f40793bf4ded680ee5bf58ec559f66a3e3c7 Mon Sep 17 00:00:00 2001
From: nimishasatapathy <75668234+nimishasatapathy@users.noreply.github.com>
Date: Tue, 30 Mar 2021 23:25:53 +0530
Subject: [PATCH 23/35] Updated

---
 .../mdm/policy-configuration-service-provider.md                | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md
index 7900724db8..1d1519a11c 100644
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@@ -4604,7 +4604,7 @@ The following diagram shows the Policy configuration service provider in tree fo
 
 <dl>
   <dd>
-    <a href="./policy-csp-admx-winsrv.md#winsrv-allowblockingappsatshutdown" id="#admx-winsrv-allowblockingappsatshutdown">ADMX_Winsrv/AllowBlockingAppsAtShutdown</a>
+    <a href="./policy-csp-admx-winsrv.md#admx-winsrv-allowblockingappsatshutdown" id="#admx-winsrv-allowblockingappsatshutdown">ADMX_Winsrv/AllowBlockingAppsAtShutdown</a>
   </dd>
 </dl>
 

From c4516850c25db323475949b038230fbfc1d8f56d Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Tue, 30 Mar 2021 16:45:27 -0700
Subject: [PATCH 24/35] Update .openpublishing.redirection.json

---
 .openpublishing.redirection.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index bf913445d1..fdbf286ffd 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -16122,7 +16122,7 @@
     },
     {
       "source_path": "windows/security/threat-protection/windows-defender-antivirus/antivirus-false-positives-negatives.md",
-      "redirect_url": "/windows/security/threat-protection/microsoft-defender-antivirus/antivirus-false-positives-negatives",
+      "redirect_url": "/microsoft-365/security/defender-endpoint/defender-endpoint-false-positives-negatives",
       "redirect_document_id": false
     },
     {
@@ -16522,7 +16522,7 @@
     },
     {
       "source_path": "windows/security/threat-protection/microsoft-defender-antivirus/antivirus-false-positives-negatives.md",
-      "redirect_url": "/windows/security/threat-protection/microsoft-defender-atp/defender-endpoint-false-positives-negatives",
+      "redirect_url": "/microsoft-365/security/defender-endpoint/defender-endpoint-false-positives-negatives",
       "redirect_document_id": false
     },
     {

From 0236f143fd4bd84056ab45d20ba7f2ecd4d3f214 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Wed, 31 Mar 2021 12:01:19 -0700
Subject: [PATCH 25/35] Update use-group-policy-microsoft-defender-antivirus.md

---
 ...oup-policy-microsoft-defender-antivirus.md | 206 +++++++++---------
 1 file changed, 103 insertions(+), 103 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/use-group-policy-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/use-group-policy-microsoft-defender-antivirus.md
index c971a082f3..11fea9546d 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/use-group-policy-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/use-group-policy-microsoft-defender-antivirus.md
@@ -10,8 +10,8 @@ ms.localizationpriority: medium
 author: denisebmsft
 ms.author: deniseb
 ms.custom: nextgen
-ms.date: 10/01/2018
-ms.reviewer: ksarens
+ms.date: 03/31/2021
+ms.reviewer: ksarens, jtoole, pahuijbr
 manager: dansimp
 ms.technology: mde
 ---
@@ -43,109 +43,109 @@ In general, you can use the following procedure to configure or change Microsoft
 
 The following table in this topic lists the Group Policy settings available in Windows 10, version 1703, and provides links to the appropriate topic in this documentation library (where applicable).
 
-Location | Setting | Article
----|---|---
-Client interface | Enable headless UI mode | [Prevent users from seeing or interacting with the Microsoft Defender Antivirus user interface](prevent-end-user-interaction-microsoft-defender-antivirus.md)
-Client interface | Display additional text to clients when they need to perform an action | [Configure the notifications that appear on endpoints](configure-notifications-microsoft-defender-antivirus.md)
-Client interface | Suppress all notifications | [Configure the notifications that appear on endpoints](configure-notifications-microsoft-defender-antivirus.md)
-Client interface | Suppresses reboot notifications | [Configure the notifications that appear on endpoints](configure-notifications-microsoft-defender-antivirus.md)
-Exclusions | Extension Exclusions | [Configure and validate exclusions in Microsoft Defender Antivirus scans](configure-exclusions-microsoft-defender-antivirus.md)
-Exclusions | Path Exclusions | [Configure and validate exclusions in Microsoft Defender Antivirus scans](configure-exclusions-microsoft-defender-antivirus.md)
-Exclusions | Process Exclusions | [Configure and validate exclusions in Microsoft Defender Antivirus scans](configure-exclusions-microsoft-defender-antivirus.md)
-Exclusions | Turn off Auto Exclusions | [Configure and validate exclusions in Microsoft Defender Antivirus scans](configure-exclusions-microsoft-defender-antivirus.md)
-MAPS | Configure the 'Block at First Sight' feature | [Enable block at first sight](configure-block-at-first-sight-microsoft-defender-antivirus.md)
-MAPS | Join Microsoft MAPS | [Enable cloud-delivered protection](enable-cloud-protection-microsoft-defender-antivirus.md)
-MAPS | Send file samples when further analysis is required | [Enable cloud-delivered protection](enable-cloud-protection-microsoft-defender-antivirus.md)
-MAPS | Configure local setting override for reporting to Microsoft MAPS | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md)
-MpEngine | Configure extended cloud check | [Configure the cloud block timeout period](configure-cloud-block-timeout-period-microsoft-defender-antivirus.md)
-MpEngine | Select cloud protection level | [Specify the cloud-delivered protection level](specify-cloud-protection-level-microsoft-defender-antivirus.md)
-Network inspection system | Specify additional definition sets for network traffic inspection | Not used
-Network inspection system | Turn on definition retirement | Not used
-Network inspection system | Turn on protocol recognition | Not used
-Quarantine | Configure local setting override for the removal of items from Quarantine folder | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md)
-Quarantine | Configure removal of items from Quarantine folder | [Configure remediation for Microsoft Defender Antivirus scans](configure-remediation-microsoft-defender-antivirus.md)
-Real-time protection | Configure local setting override for monitoring file and program activity on your computer | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md)
-Real-time protection | Configure local setting override for monitoring for incoming and outgoing file activity | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md)
-Real-time protection | Configure local setting override for scanning all downloaded files and attachments | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md)
-Real-time protection | Configure local setting override for turn on behavior monitoring | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md)
-Real-time protection | Configure local setting override to turn on real-time protection | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md)
-Real-time protection | Define the maximum size of downloaded files and attachments to be scanned | [Enable and configure Microsoft Defender Antivirus always-on protection and monitoring](configure-real-time-protection-microsoft-defender-antivirus.md)
-Real-time protection | Monitor file and program activity on your computer | [Enable and configure Microsoft Defender Antivirus always-on protection and monitoring](configure-real-time-protection-microsoft-defender-antivirus.md)
-Real-time protection | Scan all downloaded files and attachments | [Enable and configure Microsoft Defender Antivirus always-on protection and monitoring](configure-real-time-protection-microsoft-defender-antivirus.md)
-Real-time protection | Turn off real-time protection | [Enable and configure Microsoft Defender Antivirus always-on protection and monitoring](configure-real-time-protection-microsoft-defender-antivirus.md)
-Real-time protection | Turn on behavior monitoring | [Enable and configure Microsoft Defender Antivirus always-on protection and monitoring](configure-real-time-protection-microsoft-defender-antivirus.md)
-Real-time protection | Turn on process scanning whenever real-time protection is enabled | [Enable and configure Microsoft Defender Antivirus always-on protection and monitoring](configure-real-time-protection-microsoft-defender-antivirus.md)
-Real-time protection | Turn on raw volume write notifications | [Enable and configure Microsoft Defender Antivirus always-on protection and monitoring](configure-real-time-protection-microsoft-defender-antivirus.md)
-Real-time protection | Configure monitoring for incoming and outgoing file and program activity | [Enable and configure Microsoft Defender Antivirus always-on protection and monitoring](configure-real-time-protection-microsoft-defender-antivirus.md)
-Remediation | Configure local setting override for the time of day to run a scheduled full scan to complete remediation | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md)
-Remediation | Specify the day of the week to run a scheduled full scan to complete remediation | [Configure scheduled Microsoft Defender Antivirus scans](scheduled-catch-up-scans-microsoft-defender-antivirus.md)
-Remediation | Specify the time of day to run a scheduled full scan to complete remediation | [Configure scheduled Microsoft Defender Antivirus scans](scheduled-catch-up-scans-microsoft-defender-antivirus.md)
-Reporting | Configure Watson events | Not used
-Reporting | Configure Windows software trace preprocessor components | Not used
-Reporting | Configure WPP tracing level | Not used
-Reporting | Configure time out for detections in critically failed state | Not used
-Reporting | Configure time out for detections in non-critical failed state | Not used
-Reporting | Configure time out for detections in recently remediated state | Not used
-Reporting | Configure time out for detections requiring additional action | Not used
-Reporting | Turn off enhanced notifications | [Configure the notifications that appear on endpoints](configure-notifications-microsoft-defender-antivirus.md)
-Root | Turn off Microsoft Defender Antivirus | Not used (This setting must be set to **Not configured** to ensure any installed third-party antivirus apps work correctly)
-Root | Define addresses to bypass proxy server | Not used
-Root | Define proxy autoconfig (.pac) for connecting to the network | Not used
-Root | Define proxy server for connecting to the network | Not used
-Root | Configure local administrator merge behavior for lists | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md)
-Root | Allow antimalware service to start up with normal priority | [Configure remediation for Microsoft Defender Antivirus scans](configure-remediation-microsoft-defender-antivirus.md)
-Root | Allow antimalware service to remain running always | [Configure remediation for Microsoft Defender Antivirus scans](configure-remediation-microsoft-defender-antivirus.md)
-Root | Turn off routine remediation | [Configure remediation for Microsoft Defender Antivirus scans](configure-remediation-microsoft-defender-antivirus.md)
-Root | Randomize scheduled task times | [Configure scheduled scans for Microsoft Defender Antivirus](scheduled-catch-up-scans-microsoft-defender-antivirus.md)
-Scan | Allow users to pause scan | [Prevent users from seeing or interacting with the Microsoft Defender Antivirus user interface](prevent-end-user-interaction-microsoft-defender-antivirus.md) (Not supported on Windows 10)
-Scan | Check for the latest virus and spyware definitions before running a scheduled scan | [Manage event-based forced updates](manage-event-based-updates-microsoft-defender-antivirus.md)
-Scan | Define the number of days after which a catch-up scan is forced | [Manage updates for endpoints that are out of date](manage-outdated-endpoints-microsoft-defender-antivirus.md)
-Scan | Turn on catch up full scan | [Manage updates for endpoints that are out of date](manage-outdated-endpoints-microsoft-defender-antivirus.md)
-Scan | Turn on catch up quick scan | [Manage updates for endpoints that are out of date](manage-outdated-endpoints-microsoft-defender-antivirus.md)
-Scan | Configure local setting override for maximum percentage of CPU utilization | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md)
-Scan | Configure local setting override for schedule scan day | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md)
-Scan | Configure local setting override for scheduled quick scan time | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md)
-Scan | Configure local setting override for scheduled scan time | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md)
-Scan | Configure local setting override for the scan type to use for a scheduled scan | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md)
-Scan | Create a system restore point | [Configure remediation for Microsoft Defender Antivirus scans](configure-remediation-microsoft-defender-antivirus.md)
-Scan | Turn on removal of items from scan history folder | [Configure remediation for Microsoft Defender Antivirus scans](configure-remediation-microsoft-defender-antivirus.md)
-Scan | Turn on heuristics | [Enable and configure Microsoft Defender Antivirus always-on protection and monitoring](configure-real-time-protection-microsoft-defender-antivirus.md)
-Scan | Turn on e-mail scanning | [Configure scanning options in Microsoft Defender Antivirus](configure-advanced-scan-types-microsoft-defender-antivirus.md)
-Scan | Turn on reparse point scanning | [Configure scanning options in Microsoft Defender Antivirus](configure-advanced-scan-types-microsoft-defender-antivirus.md)
-Scan | Run full scan on mapped network drives | [Configure scanning options in Microsoft Defender Antivirus](configure-advanced-scan-types-microsoft-defender-antivirus.md)
-Scan | Scan archive files | [Configure scanning options in Microsoft Defender Antivirus](configure-advanced-scan-types-microsoft-defender-antivirus.md)
-Scan | Scan network files | [Configure scanning options in Microsoft Defender Antivirus](configure-advanced-scan-types-microsoft-defender-antivirus.md)
-Scan | Scan packed executables | [Configure scanning options in Microsoft Defender Antivirus](configure-advanced-scan-types-microsoft-defender-antivirus.md)
-Scan | Scan removable drives | [Configure scanning options in Microsoft Defender Antivirus](configure-advanced-scan-types-microsoft-defender-antivirus.md)
-Scan | Specify the maximum depth to scan archive files | [Configure scanning options in Microsoft Defender Antivirus](configure-advanced-scan-types-microsoft-defender-antivirus.md)
-Scan | Specify the maximum percentage of CPU utilization during a scan | [Configure scanning options in Microsoft Defender Antivirus](configure-advanced-scan-types-microsoft-defender-antivirus.md)
-Scan | Specify the maximum size of archive files to be scanned | [Configure scanning options in Microsoft Defender Antivirus](configure-advanced-scan-types-microsoft-defender-antivirus.md)
-Scan | Specify the day of the week to run a scheduled scan | [Configure scheduled scans for Microsoft Defender Antivirus](scheduled-catch-up-scans-microsoft-defender-antivirus.md)
-Scan | Specify the interval to run quick scans per day | [Configure scheduled scans for Microsoft Defender Antivirus](scheduled-catch-up-scans-microsoft-defender-antivirus.md)
-Scan | Specify the scan type to use for a scheduled scan | [Configure scheduled scans for Microsoft Defender Antivirus](scheduled-catch-up-scans-microsoft-defender-antivirus.md)
-Scan | Specify the time for a daily quick scan | [Configure scheduled scans for Microsoft Defender Antivirus](scheduled-catch-up-scans-microsoft-defender-antivirus.md)
-Scan | Specify the time of day to run a scheduled scan | [Configure scheduled scans for Microsoft Defender Antivirus](scheduled-catch-up-scans-microsoft-defender-antivirus.md)
-Scan | Start the scheduled scan only when computer is on but not in use | [Configure scheduled scans for Microsoft Defender Antivirus](scheduled-catch-up-scans-microsoft-defender-antivirus.md)
-Security intelligence updates | Allow security intelligence updates from Microsoft Update | [Manage updates for mobile devices and virtual machines (VMs)](manage-updates-mobile-devices-vms-microsoft-defender-antivirus.md)
-Security intelligence updates | Allow security intelligence updates when running on battery power | [Manage updates for mobile devices and virtual machines (VMs)](manage-updates-mobile-devices-vms-microsoft-defender-antivirus.md)
-Security intelligence updates | Allow notifications to disable definitions-based reports to Microsoft MAPS | [Manage event-based forced updates](manage-event-based-updates-microsoft-defender-antivirus.md)
-Security intelligence updates | Allow real-time security intelligence updates based on reports to Microsoft MAPS | [Manage event-based forced updates](manage-event-based-updates-microsoft-defender-antivirus.md)
-Security intelligence updates | Check for the latest virus and spyware definitions on startup | [Manage event-based forced updates](manage-event-based-updates-microsoft-defender-antivirus.md)
-Security intelligence updates | Define file shares for downloading security intelligence updates | [Manage Microsoft Defender Antivirus protection and security intelligence updates](manage-protection-updates-microsoft-defender-antivirus.md)
-Security intelligence updates | Define the number of days after which a catch up security intelligence update is required | [Manage updates for endpoints that are out of date](manage-outdated-endpoints-microsoft-defender-antivirus.md)
-Security intelligence updates | Define the number of days before spyware definitions are considered out of date | [Manage updates for endpoints that are out of date](manage-outdated-endpoints-microsoft-defender-antivirus.md)
-Security intelligence updates | Define the number of days before virus definitions are considered out of date | [Manage updates for endpoints that are out of date](manage-outdated-endpoints-microsoft-defender-antivirus.md)
-Security intelligence updates | Define the order of sources for downloading security intelligence updates | [Manage Microsoft Defender Antivirus protection and security intelligence updates](manage-protection-updates-microsoft-defender-antivirus.md)
-Security intelligence updates | Initiate security intelligence update on startup | [Manage event-based forced updates](manage-event-based-updates-microsoft-defender-antivirus.md)
-Security intelligence updates | Specify the day of the week to check for security intelligence updates | [Manage when protection updates should be downloaded and applied](manage-protection-update-schedule-microsoft-defender-antivirus.md)
-Security intelligence updates | Specify the interval to check for security intelligence updates | [Manage when protection updates should be downloaded and applied](manage-protection-update-schedule-microsoft-defender-antivirus.md)
-Security intelligence updates | Specify the time to check for security intelligence updates | [Manage when protection updates should be downloaded and applied](manage-protection-update-schedule-microsoft-defender-antivirus.md)
-Security intelligence updates | Turn on scan after Security intelligence update | [Configure scheduled scans for Microsoft Defender Antivirus](scheduled-catch-up-scans-microsoft-defender-antivirus.md)
-Threats | Specify threat alert levels at which default action should not be taken when detected | [Configure remediation for Microsoft Defender Antivirus scans](configure-remediation-microsoft-defender-antivirus.md)
-Threats | Specify threats upon which default action should not be taken when detected | [Configure remediation for Microsoft Defender Antivirus scans](configure-remediation-microsoft-defender-antivirus.md)
+| Location | Setting | Article |
+|:---|:---|:---|
+| Client interface | Enable headless UI mode | [Prevent users from seeing or interacting with the Microsoft Defender Antivirus user interface](prevent-end-user-interaction-microsoft-defender-antivirus.md) |
+| Client interface | Display additional text to clients when they need to perform an action | [Configure the notifications that appear on endpoints](configure-notifications-microsoft-defender-antivirus.md) |
+| Client interface | Suppress all notifications | [Configure the notifications that appear on endpoints](configure-notifications-microsoft-defender-antivirus.md) |
+| Client interface | Suppresses reboot notifications | [Configure the notifications that appear on endpoints](configure-notifications-microsoft-defender-antivirus.md) |
+| Exclusions | Extension Exclusions | [Configure and validate exclusions in Microsoft Defender Antivirus scans](configure-exclusions-microsoft-defender-antivirus.md) |
+| Exclusions | Path Exclusions | [Configure and validate exclusions in Microsoft Defender Antivirus scans](configure-exclusions-microsoft-defender-antivirus.md) |
+| Exclusions | Process Exclusions | [Configure and validate exclusions in Microsoft Defender Antivirus scans](configure-exclusions-microsoft-defender-antivirus.md) | 
+| Exclusions | Turn off Auto Exclusions | [Configure and validate exclusions in Microsoft Defender Antivirus scans](configure-exclusions-microsoft-defender-antivirus.md) |
+| MAPS | Configure the 'Block at First Sight' feature | [Enable block at first sight](configure-block-at-first-sight-microsoft-defender-antivirus.md) |
+| MAPS | Join Microsoft MAPS | [Enable cloud-delivered protection](enable-cloud-protection-microsoft-defender-antivirus.md) |
+| MAPS | Send file samples when further analysis is required | [Enable cloud-delivered protection](enable-cloud-protection-microsoft-defender-antivirus.md) |
+| MAPS | Configure local setting override for reporting to Microsoft MAPS | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md) |
+| MpEngine | Configure extended cloud check | [Configure the cloud block timeout period](configure-cloud-block-timeout-period-microsoft-defender-antivirus.md) |
+| MpEngine | Select cloud protection level | [Specify the cloud-delivered protection level](specify-cloud-protection-level-microsoft-defender-antivirus.md) |
+| Network inspection system | Specify additional definition sets for network traffic inspection | No longer relevant |
+| Network inspection system | Turn on definition retirement | No longer relevant |
+| Network inspection system | Turn on protocol recognition | No longer relevant |
+| Quarantine | Configure local setting override for the removal of items from Quarantine folder | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md) |
+| Quarantine | Configure removal of items from Quarantine folder | [Configure remediation for Microsoft Defender Antivirus scans](configure-remediation-microsoft-defender-antivirus.md) |
+| Real-time protection | Configure local setting override for monitoring file and program activity on your computer | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md) |
+| Real-time protection | Configure local setting override for monitoring for incoming and outgoing file activity | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md) |
+| Real-time protection | Configure local setting override for scanning all downloaded files and attachments | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md) |
+| Real-time protection | Configure local setting override for turn on behavior monitoring | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md) |
+| Real-time protection | Configure local setting override to turn on real-time protection | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md) |
+| Real-time protection | Define the maximum size of downloaded files and attachments to be scanned | [Enable and configure Microsoft Defender Antivirus always-on protection and monitoring](configure-real-time-protection-microsoft-defender-antivirus.md) |
+| Real-time protection | Monitor file and program activity on your computer | [Enable and configure Microsoft Defender Antivirus always-on protection and monitoring](configure-real-time-protection-microsoft-defender-antivirus.md) |
+| Real-time protection | Scan all downloaded files and attachments | [Enable and configure Microsoft Defender Antivirus always-on protection and monitoring](configure-real-time-protection-microsoft-defender-antivirus.md) |
+| Real-time protection | Turn off real-time protection | [Enable and configure Microsoft Defender Antivirus always-on protection and monitoring](configure-real-time-protection-microsoft-defender-antivirus.md) |
+| Real-time protection | Turn on behavior monitoring | [Enable and configure Microsoft Defender Antivirus always-on protection and monitoring](configure-real-time-protection-microsoft-defender-antivirus.md) |
+| Real-time protection | Turn on process scanning whenever real-time protection is enabled | [Enable and configure Microsoft Defender Antivirus always-on protection and monitoring](configure-real-time-protection-microsoft-defender-antivirus.md) |
+| Real-time protection | Turn on raw volume write notifications | [Enable and configure Microsoft Defender Antivirus always-on protection and monitoring](configure-real-time-protection-microsoft-defender-antivirus.md) |
+| Real-time protection | Configure monitoring for incoming and outgoing file and program activity | [Enable and configure Microsoft Defender Antivirus always-on protection and monitoring](configure-real-time-protection-microsoft-defender-antivirus.md) |
+| Remediation | Configure local setting override for the time of day to run a scheduled full scan to complete remediation | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md) |
+| Remediation | Specify the day of the week to run a scheduled full scan to complete remediation | [Configure scheduled Microsoft Defender Antivirus scans](scheduled-catch-up-scans-microsoft-defender-antivirus.md) |
+| Remediation | Specify the time of day to run a scheduled full scan to complete remediation | [Configure scheduled Microsoft Defender Antivirus scans](scheduled-catch-up-scans-microsoft-defender-antivirus.md) |
+| Reporting | Configure Watson events | No longer relevant |
+| Reporting | Configure Windows software trace preprocessor components |  No longer relevant |
+| Reporting | Configure WPP tracing level | No longer relevant |
+| Reporting | Configure time out for detections in critically failed state | No longer relevant |
+| Reporting | Configure time out for detections in non-critical failed state |  No longer relevant |
+| Reporting | Configure time out for detections in recently remediated state | No longer relevant |
+| Reporting | Configure time out for detections requiring additional action | No longer relevant |
+| Reporting | Turn off enhanced notifications | [Configure the notifications that appear on endpoints](configure-notifications-microsoft-defender-antivirus.md)
+| Root | Turn off Microsoft Defender Antivirus | Not used (This setting must be set to **Not configured** to ensure any installed third-party antivirus apps work correctly)
+| Root | Define addresses to bypass proxy server | No longer relevant |
+| Root | Define proxy autoconfig (.pac) for connecting to the network | No longer relevant |
+| Root | Define proxy server for connecting to the network | No longer relevant |
+| Root | Configure local administrator merge behavior for lists | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md) |
+| Root | Allow antimalware service to start up with normal priority | [Configure remediation for Microsoft Defender Antivirus scans](configure-remediation-microsoft-defender-antivirus.md) |
+| Root | Allow antimalware service to remain running always | [Configure remediation for Microsoft Defender Antivirus scans](configure-remediation-microsoft-defender-antivirus.md) |
+| Root | Turn off routine remediation | [Configure remediation for Microsoft Defender Antivirus scans](configure-remediation-microsoft-defender-antivirus.md) |
+| Root | Randomize scheduled task times | [Configure scheduled scans for Microsoft Defender Antivirus](scheduled-catch-up-scans-microsoft-defender-antivirus.md) |
+| Scan | Allow users to pause scan | [Prevent users from seeing or interacting with the Microsoft Defender Antivirus user interface](prevent-end-user-interaction-microsoft-defender-antivirus.md) (Not supported on Windows 10) |
+| Scan | Check for the latest virus and spyware definitions before running a scheduled scan | [Manage event-based forced updates](manage-event-based-updates-microsoft-defender-antivirus.md) |
+| Scan | Define the number of days after which a catch-up scan is forced | [Manage updates for endpoints that are out of date](manage-outdated-endpoints-microsoft-defender-antivirus.md) |
+| Scan | Turn on catch up full scan | [Manage updates for endpoints that are out of date](manage-outdated-endpoints-microsoft-defender-antivirus.md) |
+| Scan | Turn on catch up quick scan | [Manage updates for endpoints that are out of date](manage-outdated-endpoints-microsoft-defender-antivirus.md) |
+| Scan | Configure local setting override for maximum percentage of CPU utilization | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md) |
+| Scan | Configure local setting override for schedule scan day | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md) |
+| Scan | Configure local setting override for scheduled quick scan time | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md) |
+| Scan | Configure local setting override for scheduled scan time | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md) |
+| Scan | Configure local setting override for the scan type to use for a scheduled scan | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md) |
+| Scan | Create a system restore point | [Configure remediation for Microsoft Defender Antivirus scans](configure-remediation-microsoft-defender-antivirus.md) |
+| Scan | Turn on removal of items from scan history folder | [Configure remediation for Microsoft Defender Antivirus scans](configure-remediation-microsoft-defender-antivirus.md) |
+| Scan | Turn on heuristics | [Enable and configure Microsoft Defender Antivirus always-on protection and monitoring](configure-real-time-protection-microsoft-defender-antivirus.md) |
+| Scan | Turn on e-mail scanning | [Configure scanning options in Microsoft Defender Antivirus](configure-advanced-scan-types-microsoft-defender-antivirus.md) |
+| Scan | Turn on reparse point scanning | [Configure scanning options in Microsoft Defender Antivirus](configure-advanced-scan-types-microsoft-defender-antivirus.md) |
+| Scan | Run full scan on mapped network drives | [Configure scanning options in Microsoft Defender Antivirus](configure-advanced-scan-types-microsoft-defender-antivirus.md) |
+| Scan | Scan archive files | [Configure scanning options in Microsoft Defender Antivirus](configure-advanced-scan-types-microsoft-defender-antivirus.md) |
+| Scan | Scan network files | [Configure scanning options in Microsoft Defender Antivirus](configure-advanced-scan-types-microsoft-defender-antivirus.md) |
+| Scan | Scan packed executables | [Configure scanning options in Microsoft Defender Antivirus](configure-advanced-scan-types-microsoft-defender-antivirus.md) |
+| Scan | Scan removable drives | [Configure scanning options in Microsoft Defender Antivirus](configure-advanced-scan-types-microsoft-defender-antivirus.md) |
+| Scan | Specify the maximum depth to scan archive files | [Configure scanning options in Microsoft Defender Antivirus](configure-advanced-scan-types-microsoft-defender-antivirus.md) |
+| Scan | Specify the maximum percentage of CPU utilization during a scan | [Configure scanning options in Microsoft Defender Antivirus](configure-advanced-scan-types-microsoft-defender-antivirus.md) |
+| Scan | Specify the maximum size of archive files to be scanned | [Configure scanning options in Microsoft Defender Antivirus](configure-advanced-scan-types-microsoft-defender-antivirus.md) |
+| Scan | Specify the day of the week to run a scheduled scan | [Configure scheduled scans for Microsoft Defender Antivirus](scheduled-catch-up-scans-microsoft-defender-antivirus.md) |
+| Scan | Specify the interval to run quick scans per day | [Configure scheduled scans for Microsoft Defender Antivirus](scheduled-catch-up-scans-microsoft-defender-antivirus.md) |
+| Scan | Specify the scan type to use for a scheduled scan | [Configure scheduled scans for Microsoft Defender Antivirus](scheduled-catch-up-scans-microsoft-defender-antivirus.md) |
+| Scan | Specify the time for a daily quick scan | [Configure scheduled scans for Microsoft Defender Antivirus](scheduled-catch-up-scans-microsoft-defender-antivirus.md) |
+| Scan | Specify the time of day to run a scheduled scan | [Configure scheduled scans for Microsoft Defender Antivirus](scheduled-catch-up-scans-microsoft-defender-antivirus.md) |
+| Scan | Start the scheduled scan only when computer is on but not in use | [Configure scheduled scans for Microsoft Defender Antivirus](scheduled-catch-up-scans-microsoft-defender-antivirus.md) |
+| Security intelligence updates | Allow security intelligence updates from Microsoft Update | [Manage updates for mobile devices and virtual machines (VMs)](manage-updates-mobile-devices-vms-microsoft-defender-antivirus.md) |
+| Security intelligence updates | Allow security intelligence updates when running on battery power | [Manage updates for mobile devices and virtual machines (VMs)](manage-updates-mobile-devices-vms-microsoft-defender-antivirus.md) |
+| Security intelligence updates | Allow notifications to disable definitions-based reports to Microsoft MAPS | [Manage event-based forced updates](manage-event-based-updates-microsoft-defender-antivirus.md) |
+| Security intelligence updates | Allow real-time security intelligence updates based on reports to Microsoft MAPS | [Manage event-based forced updates](manage-event-based-updates-microsoft-defender-antivirus.md) |
+| Security intelligence updates | Check for the latest virus and spyware definitions on startup | [Manage event-based forced updates](manage-event-based-updates-microsoft-defender-antivirus.md) |
+| Security intelligence updates | Define file shares for downloading security intelligence updates | [Manage Microsoft Defender Antivirus protection and security intelligence updates](manage-protection-updates-microsoft-defender-antivirus.md) |
+| Security intelligence updates | Define the number of days after which a catch up security intelligence update is required | [Manage updates for endpoints that are out of date](manage-outdated-endpoints-microsoft-defender-antivirus.md) |
+| Security intelligence updates | Define the number of days before spyware definitions are considered out of date | [Manage updates for endpoints that are out of date](manage-outdated-endpoints-microsoft-defender-antivirus.md) |
+| Security intelligence updates | Define the number of days before virus definitions are considered out of date | [Manage updates for endpoints that are out of date](manage-outdated-endpoints-microsoft-defender-antivirus.md) |
+| Security intelligence updates | Define the order of sources for downloading security intelligence updates | [Manage Microsoft Defender Antivirus protection and security intelligence updates](manage-protection-updates-microsoft-defender-antivirus.md) |
+| Security intelligence updates | Initiate security intelligence update on startup | [Manage event-based forced updates](manage-event-based-updates-microsoft-defender-antivirus.md) |
+| Security intelligence updates | Specify the day of the week to check for security intelligence updates | [Manage when protection updates should be downloaded and applied](manage-protection-update-schedule-microsoft-defender-antivirus.md) |
+| Security intelligence updates | Specify the interval to check for security intelligence updates | [Manage when protection updates should be downloaded and applied](manage-protection-update-schedule-microsoft-defender-antivirus.md) |
+| Security intelligence updates | Specify the time to check for security intelligence updates | [Manage when protection updates should be downloaded and applied](manage-protection-update-schedule-microsoft-defender-antivirus.md) |
+| Security intelligence updates | Turn on scan after Security intelligence update | [Configure scheduled scans for Microsoft Defender Antivirus](scheduled-catch-up-scans-microsoft-defender-antivirus.md) |
+| Threats | Specify threat alert levels at which default action should not be taken when detected | [Configure remediation for Microsoft Defender Antivirus scans](configure-remediation-microsoft-defender-antivirus.md) |
+| Threats | Specify threats upon which default action should not be taken when detected | [Configure remediation for Microsoft Defender Antivirus scans](configure-remediation-microsoft-defender-antivirus.md) |
 
 
 ## Related articles
 
 - [Reference topics for management and configuration tools](configuration-management-reference-microsoft-defender-antivirus.md)
-- [Microsoft Defender Antivirus in Windows 10](microsoft-defender-antivirus-in-windows-10.md)
\ No newline at end of file
+- [Microsoft Defender Antivirus in Windows 10](microsoft-defender-antivirus-in-windows-10.md)

From 433e5d568d275f13fcb315c6634a7004b4b92bdb Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Wed, 31 Mar 2021 12:32:22 -0700
Subject: [PATCH 26/35] Update use-group-policy-microsoft-defender-antivirus.md

---
 .../use-group-policy-microsoft-defender-antivirus.md       | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/use-group-policy-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/use-group-policy-microsoft-defender-antivirus.md
index 11fea9546d..7c7bccc364 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/use-group-policy-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/use-group-policy-microsoft-defender-antivirus.md
@@ -80,13 +80,6 @@ The following table in this topic lists the Group Policy settings available in W
 | Remediation | Configure local setting override for the time of day to run a scheduled full scan to complete remediation | [Prevent or allow users to locally modify policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md) |
 | Remediation | Specify the day of the week to run a scheduled full scan to complete remediation | [Configure scheduled Microsoft Defender Antivirus scans](scheduled-catch-up-scans-microsoft-defender-antivirus.md) |
 | Remediation | Specify the time of day to run a scheduled full scan to complete remediation | [Configure scheduled Microsoft Defender Antivirus scans](scheduled-catch-up-scans-microsoft-defender-antivirus.md) |
-| Reporting | Configure Watson events | No longer relevant |
-| Reporting | Configure Windows software trace preprocessor components |  No longer relevant |
-| Reporting | Configure WPP tracing level | No longer relevant |
-| Reporting | Configure time out for detections in critically failed state | No longer relevant |
-| Reporting | Configure time out for detections in non-critical failed state |  No longer relevant |
-| Reporting | Configure time out for detections in recently remediated state | No longer relevant |
-| Reporting | Configure time out for detections requiring additional action | No longer relevant |
 | Reporting | Turn off enhanced notifications | [Configure the notifications that appear on endpoints](configure-notifications-microsoft-defender-antivirus.md)
 | Root | Turn off Microsoft Defender Antivirus | Not used (This setting must be set to **Not configured** to ensure any installed third-party antivirus apps work correctly)
 | Root | Define addresses to bypass proxy server | No longer relevant |

From 4cd808141d61331060e0ce20e1aa149e73b7fe14 Mon Sep 17 00:00:00 2001
From: poornagmsft <62666514+poornagmsft@users.noreply.github.com>
Date: Wed, 31 Mar 2021 15:26:13 -0700
Subject: [PATCH 27/35] Add additional troubleshooting link for loopback and
 UWA

Clarified that when developer changes the capability, they should uninstall and re install the app to ensure the rules are correctly added.
Also, added an additional link to "How to enable loopback and troubleshoot network isolation (Windows Runtime apps)." https://docs.microsoft.com/en-us/previous-versions/windows/apps/hh780593(v=win.10)#debug-network-isolation-issues
---
 .../windows-firewall/troubleshooting-uwp-firewall.md        | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md b/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md
index d9aa8838c5..8d370a3c04 100644
--- a/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md
+++ b/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md
@@ -72,6 +72,10 @@ For more information about loopback scenarios, see [Communicating with
 localhost
 (loopback)](/windows/iot-core/develop-your-app/loopback).
 
+Note: If you are in the middle of developing a UWA application and want to test its loopback, ensure to uninstall and re-install the UWA app if the network capabilties change for whatever reason. 
+
+Also, see [How to enable loopback and troubleshoot network isolation (Windows Runtime apps)](https://docs.microsoft.com/en-us/previous-versions/windows/apps/hh780593(v=win.10)#debug-network-isolation-issues).
+
 ## Debugging Live Drops
 
 If the issue happened recently, but you find you are not able to reproduce the issue, go to Debugging Past Drops for the appropriate trace commands.
@@ -1327,4 +1331,4 @@ The filter stated above with action permit:
 				</item>
 ```
 The capabilities field in a netEvent was added to the traces in the Windows 10
-May 2019 Update.
\ No newline at end of file
+May 2019 Update.

From df78a3161bb2c8036615d6b894fbcb5c83e0f444 Mon Sep 17 00:00:00 2001
From: poornagmsft <62666514+poornagmsft@users.noreply.github.com>
Date: Wed, 31 Mar 2021 16:49:18 -0700
Subject: [PATCH 28/35] addressed review comment to remove /en-us

---
 .../windows-firewall/troubleshooting-uwp-firewall.md            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md b/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md
index 8d370a3c04..68138aa202 100644
--- a/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md
+++ b/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md
@@ -74,7 +74,7 @@ localhost
 
 Note: If you are in the middle of developing a UWA application and want to test its loopback, ensure to uninstall and re-install the UWA app if the network capabilties change for whatever reason. 
 
-Also, see [How to enable loopback and troubleshoot network isolation (Windows Runtime apps)](https://docs.microsoft.com/en-us/previous-versions/windows/apps/hh780593(v=win.10)#debug-network-isolation-issues).
+Also, see [How to enable loopback and troubleshoot network isolation (Windows Runtime apps)](https://docs.microsoft.com/previous-versions/windows/apps/hh780593(v=win.10)#debug-network-isolation-issues).
 
 ## Debugging Live Drops
 

From b91e13da9e885e7a3599a9eb9f5800d6236a7238 Mon Sep 17 00:00:00 2001
From: ImranHabib <47118050+joinimran@users.noreply.github.com>
Date: Thu, 1 Apr 2021 11:43:56 +0500
Subject: [PATCH 29/35] Updated a link

Updated a link with the correct link.
---
 .../threat-protection/auditing/audit-special-logon.md       | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/auditing/audit-special-logon.md b/windows/security/threat-protection/auditing/audit-special-logon.md
index b17dccbcb1..c852e45990 100644
--- a/windows/security/threat-protection/auditing/audit-special-logon.md
+++ b/windows/security/threat-protection/auditing/audit-special-logon.md
@@ -38,9 +38,9 @@ This subcategory allows you to audit events generated by special logons such as
 
 | Computer Type     | General Success | General Failure | Stronger Success | Stronger Failure | Comments                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |
 |-------------------|-----------------|-----------------|------------------|------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| Domain Controller | Yes             | No              | Yes              | No               | This subcategory is very important because of [Special Groups](https://blogs.technet.com/b/askds/archive/2008/03/11/special-groups-auditing-via-group-policy-preferences.aspx) related events, you must enable this subcategory for Success audit if you use this feature.<br>At the same time this subcategory allows you to track account logon sessions to which sensitive privileges were assigned.<br>This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
-| Member Server     | Yes             | No              | Yes              | No               | This subcategory is very important because of [Special Groups](https://blogs.technet.com/b/askds/archive/2008/03/11/special-groups-auditing-via-group-policy-preferences.aspx) related events, you must enable this subcategory for Success audit if you use this feature.<br>At the same time this subcategory allows you to track account logon sessions to which sensitive privileges were assigned.<br>This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
-| Workstation       | Yes             | No              | Yes              | No               | This subcategory is very important because of [Special Groups](https://blogs.technet.com/b/askds/archive/2008/03/11/special-groups-auditing-via-group-policy-preferences.aspx) related events, you must enable this subcategory for Success audit if you use this feature.<br>At the same time this subcategory allows you to track account logon sessions to which sensitive privileges were assigned.<br>This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
+| Domain Controller | Yes             | No              | Yes              | No               | This subcategory is very important because of [Special Groups](https://techcommunity.microsoft.com/t5/ask-the-directory-services-team/special-groups-auditing-via-group-policy-preferences/ba-p/395095) related events, you must enable this subcategory for Success audit if you use this feature.<br>At the same time this subcategory allows you to track account logon sessions to which sensitive privileges were assigned.<br>This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
+| Member Server     | Yes             | No              | Yes              | No               | This subcategory is very important because of [Special Groups](https://techcommunity.microsoft.com/t5/ask-the-directory-services-team/special-groups-auditing-via-group-policy-preferences/ba-p/395095) related events, you must enable this subcategory for Success audit if you use this feature.<br>At the same time this subcategory allows you to track account logon sessions to which sensitive privileges were assigned.<br>This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
+| Workstation       | Yes             | No              | Yes              | No               | This subcategory is very important because of [Special Groups](https://techcommunity.microsoft.com/t5/ask-the-directory-services-team/special-groups-auditing-via-group-policy-preferences/ba-p/395095) related events, you must enable this subcategory for Success audit if you use this feature.<br>At the same time this subcategory allows you to track account logon sessions to which sensitive privileges were assigned.<br>This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
 
 **Events List:**
 

From 5f4a0198489eaa1c464759960b0fa5e8320954a7 Mon Sep 17 00:00:00 2001
From: Tina Burden <v-tibur@microsoft.com>
Date: Thu, 1 Apr 2021 08:11:29 -0700
Subject: [PATCH 30/35] pencil edit

---
 .../windows-firewall/troubleshooting-uwp-firewall.md            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md b/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md
index 68138aa202..a5d989ffdd 100644
--- a/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md
+++ b/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md
@@ -72,7 +72,7 @@ For more information about loopback scenarios, see [Communicating with
 localhost
 (loopback)](/windows/iot-core/develop-your-app/loopback).
 
-Note: If you are in the middle of developing a UWA application and want to test its loopback, ensure to uninstall and re-install the UWA app if the network capabilties change for whatever reason. 
+Note: If you are in the middle of developing a UWA application and want to test its loopback, ensure to uninstall and re-install the UWA app if the network capabilities change for whatever reason. 
 
 Also, see [How to enable loopback and troubleshoot network isolation (Windows Runtime apps)](https://docs.microsoft.com/previous-versions/windows/apps/hh780593(v=win.10)#debug-network-isolation-issues).
 

From 43295039548be078a990eaeed8826502f1461b2a Mon Sep 17 00:00:00 2001
From: Tina Burden <v-tibur@microsoft.com>
Date: Thu, 1 Apr 2021 08:12:23 -0700
Subject: [PATCH 31/35] pencil edit

---
 .../windows-firewall/troubleshooting-uwp-firewall.md           | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md b/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md
index a5d989ffdd..de14c20840 100644
--- a/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md
+++ b/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md
@@ -72,7 +72,8 @@ For more information about loopback scenarios, see [Communicating with
 localhost
 (loopback)](/windows/iot-core/develop-your-app/loopback).
 
-Note: If you are in the middle of developing a UWA application and want to test its loopback, ensure to uninstall and re-install the UWA app if the network capabilities change for whatever reason. 
+>[!NOTE]
+>If you are in the middle of developing a UWA application and want to test its loopback, ensure to uninstall and re-install the UWA app if the network capabilities change for whatever reason. 
 
 Also, see [How to enable loopback and troubleshoot network isolation (Windows Runtime apps)](https://docs.microsoft.com/previous-versions/windows/apps/hh780593(v=win.10)#debug-network-isolation-issues).
 

From 80817f131dc61beb46821914e5d36a020ec876de Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Mon, 5 Apr 2021 10:44:45 -0700
Subject: [PATCH 32/35] Update
 manage-updates-baselines-microsoft-defender-antivirus.md

---
 ...tes-baselines-microsoft-defender-antivirus.md | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-baselines-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-baselines-microsoft-defender-antivirus.md
index 91377e19b2..bd67d6ed4f 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-baselines-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-baselines-microsoft-defender-antivirus.md
@@ -13,7 +13,7 @@ ms.author: deniseb
 ms.custom: nextgen
 ms.reviewer: pahuijbr
 manager: dansimp
-ms.date: 03/19/2021
+ms.date: 04/02/2021
 ms.technology: mde
 ---
 
@@ -425,6 +425,20 @@ We recommend updating your Windows 10 (Enterprise, Pro, and Home editions), Wind
 For more information, see [Microsoft Defender update for Windows operating system installation images](https://support.microsoft.com/help/4568292/defender-update-for-windows-operating-system-installation-images).
 
 <details>
+<summary>1.1.2104.01</summary>
+
+&ensp;Package version: **1.1.2104.01**    
+&ensp;Platform version: **4.18.2102.4**   
+&ensp;Engine version: **1.18000.5**  
+&ensp;Signature version: **1.335.232.0**    
+    
+### Fixes
+- None
+
+### Additional information
+- None  
+<br/>
+</details><details>
 <summary>1.1.2103.01</summary>
 
 &ensp;Package version: **1.1.2103.01**    

From ec6d0d8fbc626d908ec5fc4df00d05548c66b65d Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Mon, 5 Apr 2021 16:44:16 -0700
Subject: [PATCH 33/35] Update understanding-malware.md

---
 .../intelligence/understanding-malware.md                | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/intelligence/understanding-malware.md b/windows/security/threat-protection/intelligence/understanding-malware.md
index 252ae4f268..5ce86ce593 100644
--- a/windows/security/threat-protection/intelligence/understanding-malware.md
+++ b/windows/security/threat-protection/intelligence/understanding-malware.md
@@ -40,6 +40,11 @@ There are many types of malware, including:
 - [Unwanted software](unwanted-software.md)
 - [Worms](worms-malware.md)
 
-Keep up with the latest malware news and research. Check out our [Microsoft security blogs](https://www.microsoft.com/security/blog/product/windows/) and follow us on [Twitter](https://twitter.com/wdsecurity) for the latest news, discoveries, and protections.
+## Additional resources and information
+
+- Keep up with the latest malware news and research. Check out our [Microsoft security blogs](https://www.microsoft.com/security/blog/product/windows/) and follow us on [Twitter](https://twitter.com/wdsecurity) for the latest news, discoveries, and protections.
+
+- Learn more about [Windows security](../../index.yml).
+
+- Learn how to [deploy threat protection capabilities across Microsoft 365 E5](/microsoft-365/solutions/deploy-threat-protection). 
 
-Learn more about [Windows security](../../index.yml).
\ No newline at end of file

From 9e35b7872960d59badb1716010c7f2ceaaa07017 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Mon, 5 Apr 2021 16:45:41 -0700
Subject: [PATCH 34/35] Update fileless-threats.md

---
 .../threat-protection/intelligence/fileless-threats.md      | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/intelligence/fileless-threats.md b/windows/security/threat-protection/intelligence/fileless-threats.md
index 0aef1cf896..98da71d16d 100644
--- a/windows/security/threat-protection/intelligence/fileless-threats.md
+++ b/windows/security/threat-protection/intelligence/fileless-threats.md
@@ -101,4 +101,8 @@ Besides being vulnerable at the firmware level, CPUs could be manufactured with
 
 At Microsoft, we actively monitor the security landscape to identify new threat trends and develop solutions to mitigate classes of threats. We instrument durable protections that are effective against a wide range of threats. Through AntiMalware Scan Interface (AMSI), behavior monitoring, memory scanning, and boot sector protection, Microsoft Defender for Endpoint](https://www.microsoft.com/windowsforbusiness?ocid=docs-fileless) can inspect fileless threats even with heavy obfuscation. Machine learning technologies in the cloud allow us to scale these protections against new and emerging threats.
 
-To learn more, read: [Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV](https://cloudblogs.microsoft.com/microsoftsecure/2018/09/27/out-of-sight-but-not-invisible-defeating-fileless-malware-with-behavior-monitoring-amsi-and-next-gen-av/)
\ No newline at end of file
+To learn more, read: [Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV](https://cloudblogs.microsoft.com/microsoftsecure/2018/09/27/out-of-sight-but-not-invisible-defeating-fileless-malware-with-behavior-monitoring-amsi-and-next-gen-av/)
+
+## Additional resources and information
+
+Learn how to [deploy threat protection capabilities across Microsoft 365 E5](/microsoft-365/solutions/deploy-threat-protection).

From d66654c02ce633d842bf7ff18516ec037fc17312 Mon Sep 17 00:00:00 2001
From: Sinead O'Sullivan <siosulli@microsoft.com>
Date: Tue, 6 Apr 2021 10:54:25 +0100
Subject: [PATCH 35/35] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...ndows-operating-system-components-to-microsoft-services.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index dccf2b6ba4..91517590b5 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -1766,7 +1766,7 @@ If you're running Windows 10, version 1607 or later, you need to:
 
     -or-
 
-  - Create a new REG_DWORD registry setting named **DisableWindowsConsumerFeatures** in **HKEY_LOCAL_MACHINE\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent** with a **value of 1 (one)**
+  - Create a new REG_DWORD registry setting named **DisableWindowsConsumerFeatures** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent** with a **value of 1 (one)**
    
  
 This policy setting controls whether the lock screen appears for users.  The Do not display the lock screen Group Policy should be set to Enable to prevent the lock screen from being displayed. The Group Computer Configuration\Administrative templates\Control Panel\Personalization!Do not display the lock screen.
@@ -1918,4 +1918,4 @@ For China releases of Windows 10 there is one additional Regkey to be set to pre
 |www.microsoft.com/pkiops/*|
 
 
-To learn more, see [Device update management](/windows/client-management/mdm/device-update-management) and [Configure Automatic Updates by using Group Policy](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc720539(v=ws.10)).
\ No newline at end of file
+To learn more, see [Device update management](/windows/client-management/mdm/device-update-management) and [Configure Automatic Updates by using Group Policy](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc720539(v=ws.10)).