Merged PR 11417: 9/19 AM Publish

2025-06-19 12:23:37 +00:00 · 2018-09-19 17:55:55 +00:00
parent e1aadb549e e6ace9f86f
commit 9ef96135a1
6 changed files with 58 additions and 16 deletions
--- a/devices/surface-hub/index.md
+++ b/devices/surface-hub/index.md
@ -54,6 +54,7 @@ In some ways, adding your new Surface Hub is just like adding any other Microsof
 ## Additional resources
 - [Surface Hub update history](https://support.microsoft.com/help/4037666/surface-surface-hub-update-history)
 - [Surface Hub help](https://support.microsoft.com/hub/4343507/surface-hub-help)
 - [Surface IT Pro Blog](https://blogs.technet.microsoft.com/surface/)
 - [Surface Playlist of videos](https://www.youtube.com/playlist?list=PLXtHYVsvn_b__1Baibdu4elN4SoF3JTBZ)
 - [Microsoft Surface on Twitter](https://twitter.com/surface)
--- a/windows/client-management/mdm/assignedaccess-csp.md
+++ b/windows/client-management/mdm/assignedaccess-csp.md
@ -7,7 +7,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: MariciaAlforque
-ms.date: 04/25/2018
+ms.date: 09/18/2018
 ---
 # AssignedAccess CSP
@ -95,15 +95,36 @@ In Windows 10, version 1803, Assigned Access runtime status only supports monito
 Note that status codes available in the Status payload correspond to a specific KioskModeAppRuntimeStatus.
 |Status code  | KioskModeAppRuntimeStatus |
 |---------|---------|
 | 1     | KioskModeAppRunning         |
 | 2     | KioskModeAppNotFound          |
 | 3     | KioskModeAppActivationFailure         |
 Additionally, the status payload includes a profileId that can be used by the MDM server to correlate which kiosk app caused the error.
-Additionally, the status payload includes a profileId, which can be used by the MDM server to correlate which kiosk app caused the error.
+In Windows 10, version 1810, Assigned Access runtime status supports monitoring single-app kiosk and multi-app modes. Here are the possible status codes.
 |Status|Description|
 |---|---|
 |Running|The AssignedAccess account (kiosk or multi-app) is running normally.|
 |AppNotFound|The kiosk app isn't deployed to the machine.|
 |ActivationFailed|The AssignedAccess account (kiosk or multi-app) failed to sign in.|
 |AppNoResponse|The kiosk app launched successfully but is now unresponsive.|
 Note that status codes available in the Status payload correspond to a specific AssignedAccessRuntimeStatus.
 |Status code|AssignedAccessRuntimeStatus|
 |---|---|
 |1|Running|
 |2|AppNotFound|
 |3|ActivationFailed|
 |4|AppNoResponse|
 Additionally, the Status payload includes the following fields:
 - profileId: can be used by the MDM server to correlate which account caused the error.
 - OperationList: list of failed operations that occurred while applying the assigned access CSP, if any exist.
 Supported operation is Get.
@ -1116,10 +1137,11 @@ ShellLauncherConfiguration Get
    <xs:simpleType name="status_t">
        <xs:restriction base="xs:int">
-            <xs:enumeration value="0"/>
+            <xs:enumeration value="0"/> <!-- Unknown -->
-            <xs:enumeration value="1"/>
+            <xs:enumeration value="1"/> <!-- Running -->
-            <xs:enumeration value="2"/>
+            <xs:enumeration value="2"/> <!-- AppNotFound -->
-            <xs:enumeration value="3"/>
+            <xs:enumeration value="3"/> <!-- ActivationFailed -->
            <xs:enumeration value="4"/> <!-- AppNoResponse -->
        </xs:restriction>
    </xs:simpleType>
@ -1129,19 +1151,35 @@ ShellLauncherConfiguration Get
        </xs:restriction>
    </xs:simpleType>
    <xs:complexType name="operation_t">
        <xs:sequence minOccurs="1" maxOccurs="1">
            <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>
            <xs:element name="errorCode" type="xs:int" minOccurs="1" maxOccurs="1"/>
            <xs:element name="data" type="xs:string" minOccurs="0" maxOccurs="1"/>
        </xs:sequence>
    </xs:complexType>
    <xs:complexType name="operationlist_t">
        <xs:sequence minOccurs="1" maxOccurs="1">
            <xs:element name="Operation" type="operation_t" minOccurs="1" maxOccurs="unbounded"/>
        </xs:sequence>
    </xs:complexType>
    <xs:complexType name="event_t">
        <xs:sequence minOccurs="1" maxOccurs="1">
            <xs:element name="status" type="status_t" minOccurs="1" maxOccurs="1"/>
            <xs:element name="profileId" type="guid_t" minOccurs="1" maxOccurs="1"/>
            <xs:element name="errorCode" type="xs:int" minOccurs="0" maxOccurs="1"/>
            <xs:element name="OperationList" type="operationlist_t" minOccurs="0" maxOccurs="1"/>
        </xs:sequence>
-        <xs:attribute name="Name" type="xs:string" fixed="KioskModeAppRuntimeStatus" use="required"/>
+        <xs:attribute name="Name" type="xs:string" use="required"/>
    </xs:complexType>
    <xs:element name="Events">
        <xs:complexType>
-            <xs:sequence minOccurs="1" maxOccurs="1">
+            <xs:choice minOccurs="1" maxOccurs="1">
                <xs:element name="Event" type="event_t" minOccurs="1" maxOccurs="1"/>
-            </xs:sequence>
+            </xs:choice>
        </xs:complexType>
    </xs:element>
 </xs:schema>
--- a/windows/configuration/windows-10-start-layout-options-and-policies.md
+++ b/windows/configuration/windows-10-start-layout-options-and-policies.md
@ -116,7 +116,7 @@ The new taskbar layout for upgrades to Windows 10, version 1607 or later, will a
 If your Start layout customization is not applied as expected, open **Event Viewer** and navigate to **Applications and Services Log** > **Microsoft** > **Windows** > **ShellCommon-StartLayoutPopulation** > **Operational**, and check for one of the following events:
 - **Event 22** is logged when the xml is malformed, meaning the specified file simply isn’t valid xml.   This can occur if the file has extra spaces or unexpected characters, or if the file is not saved in the UTF8 format.
- **Event 64**  is logged when the xml is valid, but has unexpected values. This can happen when the desired configuration is not understood or source is not found such as a missing or misspelled .lnk.
+- **Event 64**  is logged when the xml is valid, but has unexpected values. This can happen when the desired configuration is not understood, elements are not in [the required order](start-layout-xml-desktop.md#required-order), or source is not found, such as a missing or misspelled .lnk.
--- a/windows/security/identity-protection/user-account-control/how-user-account-control-works.md
+++ b/windows/security/identity-protection/user-account-control/how-user-account-control-works.md
@ -159,8 +159,8 @@ To better understand each component, review the table below:
 <p>UAC has four levels of notification to choose from and a slider to use to select the notification level:</p>
 <ul>
 <li>
-<p>High</p>
+  <p><b>Always Notify</b></p>
-<p>If the slider is set to <b>Always notify</b>, the system checks whether the secure desktop is enabled.</p>
+<p>If the slider is set to <b>Always notify</b>, the system will notify you when programs try to install software or make changes to your computer.</p>
 </li>
 <li>
 <p>Medium</p>
--- a/windows/security/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md
@ -22,19 +22,21 @@ ms.date: 09/06/2018
 Depending on the Microsoft security products that you use, some advanced features might be available for you to integrate Windows Defender ATP with.
-Turn on the following advanced features to get better protected from potentially malicious files and gain better insight during security investigations:
+Use the following advanced features to get better protected from potentially malicious files and gain better insight during security investigations:
 ## Automated investigation
 When you enable this feature, you'll be able to take advantage of the automated investigation and remediation features of the service. For more information, see [Automated investigations](automated-investigations-windows-defender-advanced-threat-protection.md).
 ## Auto-resolve remediated alerts
-You can configure the automated investigations capability to resolve alerts where the automated analysis result status is "No threats found" or "Remediated". 
+For tenants created on or after Windows 10, version 1809 the automated investigations capability is configured by default to resolve alerts where the automated analysis result status is "No threats found" or "Remediated".  If you don’t want to have alerts auto-resolved, you’ll need to manually turn off the feature.
 >[!TIP] 
 >For tenants created prior that version, you'll need to manually turn this feature on.
 >[!NOTE]
 > - The result of the auto-resolve action may influence the Machine risk level calculation which is based on the active alerts found on a machine.  
 >- If a security operations analyst manually sets the status of an alert to "In progress" or "Resolved" the auto-resolve capability will not overrite it.
 If you don't want to have alerts auto-resolved, you'll need to manually turn off the feature.
 ## Block file
 This feature is only available if your organization uses Windows Defender Antivirus as the active antimalware solution and that the cloud-based protection feature is enabled.
--- a/windows/security/threat-protection/windows-security-baselines.md
+++ b/windows/security/threat-protection/windows-security-baselines.md
@ -16,6 +16,7 @@ ms.date: 06/25/2018
 -   Windows 10
 -   Windows Server 2016 
 -   Office 2016 
 ## Using security baselines in your organization