Merge branch 'master' into App-v-revision

2025-06-21 05:13:40 +00:00 · 2018-02-27 15:43:20 -08:00
parent b0c0d7ed3d 54fe949a90
commit ac3a40dd84
13 changed files with 269 additions and 232 deletions
--- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
+++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
@ -10,7 +10,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 02/05/2018
+ms.date: 02/26/2018
 ---

 # What's new in MDM enrollment and management
@ -1411,6 +1411,7 @@ The DM agent for [push-button reset](https://msdn.microsoft.com/windows/hardware
 <li>Display/EnablePerProcessDpi</li>
 <li>Display/EnablePerProcessDpiForApps</li>
 <li>Experience/AllowWindowsSpotlightOnSettings</li>
+<li>TextInput/AllowHardwareKeyboardTextSuggestions</li>
 <ul>
 </td></tr>
 <tr class="odd">
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@ -7,7 +7,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 01/12/2018
+ms.date: 02/26/2018
 ---

 # Policy CSP
@ -2811,6 +2811,7 @@ The following diagram shows the Policy configuration service provider in tree fo
  <dd>
    <a href="policy-csp-systemservices.md#systemservices-configurexboxlivenetworkingservicestartupmode" id="systemservices-configurexboxlivenetworkingservicestartupmode">SystemServices/ConfigureXboxLiveNetworkingServiceStartupMode</a>
  </dd>
+</dl>

 ### TaskScheduler policies

@ -2823,6 +2824,9 @@ The following diagram shows the Policy configuration service provider in tree fo
 ### TextInput policies

 <dl>
+  <dd>
+    <a href="./policy-csp-textinput.md#textinput-allowhardwarekeyboardtextsuggestions" id="textinput-allowhardwarekeyboardtextsuggestions">TextInput/AllowHardwareKeyboardTextSuggestions</a>
+  </dd>
  <dd>
    <a href="./policy-csp-textinput.md#textinput-allowimelogging" id="textinput-allowimelogging">TextInput/AllowIMELogging</a>
  </dd>
--- a/windows/client-management/mdm/policy-csp-browser.md
+++ b/windows/client-management/mdm/policy-csp-browser.md
@ -2331,62 +2331,6 @@ The following list shows the supported values:
 <!--/SupportedValues-->
 <!--/Policy-->
 <hr/>
-<!--StartPolicy-->
-<a href="" id="browser-usesharedfolderforbooks"></a>**Browser/UseSharedFolderForBooks**  
-
-<!--StartSKU-->
-<table>
-<tr>
-	<th>Home</th>
-	<th>Pro</th>
-	<th>Business</th>
-	<th>Enterprise</th>
-	<th>Education</th>
-	<th>Mobile</th>
-	<th>Mobile Enterprise</th>
-</tr>
-<tr>
-	<td><img src="images/crossmark.png" alt="cross mark" /></td>
-	<td><img src="images/checkmark.png" alt="check mark" /><sup>4</sup></td>
-	<td><img src="images/checkmark.png" alt="check mark" /><sup>4</sup></td>
-	<td><img src="images/checkmark.png" alt="check mark" /><sup>4</sup></td>
-	<td><img src="images/checkmark.png" alt="check mark" /><sup>4</sup></td>
-	<td><img src="images/crossmark.png" alt="cross mark" /></td>
-	<td><img src="images/crossmark.png" alt="cross mark" /></td>
-</tr>
-</table>
-
-<!--EndSKU-->
-<!--StartScope-->
-[Scope](./policy-configuration-service-provider.md#policy-scope):
-
-> [!div class = "checklist"]
-> * User
-> * Device
-
-<hr/>
-
-<!--EndScope-->
-<!--StartDescription-->
-This setting specifies whether organizations should use a folder shared across users to store books from the Books Library.
-
-<!--EndDescription-->
-<!--SupportedValues-->
-The following list shows the supported values:
-
-   0 - No shared folder.
-   1 - Use a shared folder.
-
-
-<!--/SupportedValues-->
-<!--Example-->
-
-<!--/Example-->
-<!--Validation-->
-
-<!--/Validation-->
-<!--EndPolicy-->
-<hr/>

 Footnote:

--- a/windows/client-management/mdm/policy-csp-textinput.md
+++ b/windows/client-management/mdm/policy-csp-textinput.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 01/30/2018
+ms.date: 02/26/2018
 ---

 # Policy CSP - TextInput
@ -21,6 +21,9 @@ ms.date: 01/30/2018
 ## TextInput policies  

 <dl>
+  <dd>
+    <a href="#textinput-allowhardwarekeyboardtextsuggestions">TextInput/AllowHardwareKeyboardTextSuggestions</a>
+  </dd>
  <dd>
    <a href="#textinput-allowimelogging">TextInput/AllowIMELogging</a>
  </dd>
@ -66,6 +69,56 @@ ms.date: 01/30/2018
 </dl>


+<hr/>
+
+<!--Policy-->
+<a href="" id="textinput-allowhardwarekeyboardtextsuggestions"></a>**TextInput/AllowHardwareKeyboardTextSuggestions**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+	<th>Home</th>
+	<th>Pro</th>
+	<th>Business</th>
+	<th>Enterprise</th>
+	<th>Education</th>
+	<th>Mobile</th>
+	<th>Mobile Enterprise</th>
+</tr>
+<tr>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>4</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>4</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>4</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>4</sup></td>
+	<td></td>
+	<td></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+Added in Windows 10, version 1803.  Specifies text prediction for hardware keyboard is always disabled. When this policy is set to 0, text prediction for hardware keyboard is always disabled.
+
+<!--/Description-->
+<!--SupportedValues-->
+The following list shows the supported values:
+
+-   0 – Text prediction for the hardware keyboard is disabled and the switch is unusable (user cannot activate the feature).
+-   1 (default) – Text prediction for the hardware keyboard is enabled. User can change the setting.
+
+<!--/SupportedValues-->
+<!--/Policy-->
+
 <hr/>

 <!--Policy-->
--- a/windows/deployment/update/waas-windows-insider-for-business.md
+++ b/windows/deployment/update/waas-windows-insider-for-business.md
@ -19,7 +19,7 @@ ms.date: 10/27/2017

 > **Looking for information about Windows 10 for personal or home use?** See [Windows Update: FAQ](https://support.microsoft.com/help/12373/windows-update-faq)

-For many IT pros, gaining visibility into feature updates early, before they’re available to the Semi-Annual Channel, can be both intriguing and valuable for future end user communications as well as provide additional prestaging for Semi-Annual Channel devices. With Windows 10, feature flighting enables Windows Insiders to consume and deploy preproduction code to their test devices, gaining early visibility into the next build. Testing the early builds of Windows 10 helps both Microsoft and its customers because they have the opportunity to discover possible issues before the update is ever publicly available and can report it to Microsoft. Also, as flighted builds get closer to their release to the Semi-Annual Channel, organizations can test their deployment on test devices for compatibility validation.
+For many IT Pros, gaining visibility into feature updates early, before they’re available to the Semi-Annual Channel, can be both intriguing and valuable for future end user communications as well as provide additional prestaging for Semi-Annual Channel devices. With Windows 10, feature flighting enables Windows Insiders to consume and deploy preproduction code to their test devices, gaining early visibility into the next build. Testing the early builds of Windows 10 helps both Microsoft and its customers because they have the opportunity to discover possible issues before the update is ever publicly available and can report it to Microsoft. Also, as flighted builds get closer to their release to the Semi-Annual Channel, organizations can test their deployment on test devices for compatibility validation.

 The Windows Insider Program for Business gives you the opportunity to: 
 * Get early access to Windows Insider Preview Builds. 
@ -50,32 +50,50 @@ Below are additional details to accomplish the steps described above.

 ## Register to the Windows Insider Program for Business

-Registration in the Windows Insider Program for Business can be done individually per user or for an entire organization: 
+The first step to installing a Windows 10 Insider Preview build is to register as a Windows Insider. You and your users have two registration options. 

-### Individual registration
-
->[!IMPORTANT]
->This step is a prerequisite to register your organization's Azure AD domain. 
-
-Navigate to the [**Getting Started**](https://insider.windows.com/en-us/getting-started/) page on [Windows Insider](https://insider.windows.com), go to **Register your organization account** and follow the instructions.
+### Register using your work account (recommended) 
+•	Registering with your work account in Azure Active Directory (AAD) is required to submit feedback on behalf of your organization and manage Insider Preview builds on other PCs in your domain.   

 >[!NOTE]
->Make sure your device is [connected to your company's Azure AD subscription](waas-windows-insider-for-business-faq.md#connected-to-aad). 
+>Requires Windows 10 Version 1703 or later. Confirm by going to Settings>System>About. If you do not have an AAD account, [find out how to get an Azure Active Directory tenant](https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-howto-tenant).

-### Organizational registration
+### Register your personal account
+Use the same account that you use for other Microsoft services. If you don’t have a Microsoft account, it is easy to get one. [Get a Microsoft account](https://account.microsoft.com/account).

-This method enables to your register your entire organization to the Windows Insider Program for Business, to avoid having to register each individual user.
+## Install Windows Insider Preview Builds
+You can install Windows 10 Insider Preview builds directly on individual PCs, manage installation across multiple PCs in an organization, or install on a virtual machine. 

->[!IMPORTANT] 
->The account performing these steps has to first be registered to the program individually. Additionally, Global Administrator privileges on the Azure AD domain are required.
+### Install on an individual PC

-1. On the [Windows Insider](https://insider.windows.com) website, go to **For Business > Getting Started** to [register your organizational Azure AD account](https://insider.windows.com/en-us/insidersigninaad/).
-2. **Register your domain**. Rather than have each user register individually for Insider Preview builds, administrators can simply [register their domain](https://insider.windows.com/en-us/for-business-organization-admin/) and control settings centrally.</br>**Note:** The signed-in user needs to be a **Global Administrator** of the Azure AD domain in order to be able to register the domain.
+1.	Open  [Windows Insider Program settings](ms-settings:windowsinsider) (On your Windows 10 PC, go to Start > Settings > Update & security > Windows Insider Program). Note: To see this setting, you need to have administrator rights to your PC.
+2.	Link your Microsoft or work account that you used to register as a Windows Insider. 
+3.	Follow the prompts. 

->[!NOTE]
->At this point, the Windows Insider Program for Business only supports [Azure Active Directory (Azure AD)](/azure/active-directory/active-directory-whatis) (and not Active Directory on premises) as a corporate authentication method.
->
->If your company is currently not using Azure AD – but has a paid subscription to Office 365, Microsoft Dynamics CRM Online, Enterprise Mobility Suite, or other Microsoft services – you have a free subscription to Microsoft Azure Active Directory. This subscription can be used to create users for enrollment in the Windows Insider Program for Business.
+(images/WIP4Biz_Prompts.png)
+
+### Install across multiple PCs
+
+Administrators can install and manage Insider Preview builds centrally across multiple PCs within their domain. Here’s how: 
+
+1.	**Register your domain with the Windows Insider Program**
+To register a domain, you must be registered in the Windows Insider Program with your work account in Azure Active Directory and you must be assigned a **Global Administrator** role on that Azure AD domain. Also requires Windows 10 Version 1703 or later. 
+
+**Register your domain**. Rather than have each user register individually for Insider Preview builds, administrators can simply [register their domain](https://insider.windows.com/en-us/for-business-organization-admin/) and control settings centrally.</br>**Note:** The signed-in user needs to be a **Global Administrator** of the Azure AD domain in order to be able to register the domain.
+
+>[!Notes]
+>•	At this point, the Windows Insider Program for Business only supports [Azure Active Directory (Azure AD)](https://docs.microsoft.com/en-us/azure/active-directory/active-directory-whatis) (and not Active Directory on premises) as a corporate authentication method. 
+>•	If your company has a paid subscription to Office 365, Microsoft Dynamics CRM Online, Enterprise Mobility Suite, or other Microsoft services – you have a free subscription to Microsoft Azure Active Directory. This subscription can be used to create users for enrollment in the Windows Insider Program for Business.
+>•	If you do not have an AAD account, install Insider Preview builds on individual PCs with a registered Microsoft account.    
+
+2. **Apply Policies**
+Once you have registered your enterprise domain, you can control how and when devices receive Windows Insider Preview builds on their devices. See: [How to manage Windows 10 Insider Preview builds across your organization](https://docs.microsoft.com/en-us/windows/deployment/update/waas-windows-insider-for-business).
+
+### Install on a virtual machine. 
+This option enables you to run Insider Preview builds without changing the Windows 10 production build already running on a PC.  
+•	For guidance on setting up virtual machines on your PC see: [Introduction to Hyper-V on Windows 10](https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/about/). 
+•	To download the latest Insider Preview build to run on your virtual machine see: 
+[Windows Insider Preview downloads](https://www.microsoft.com/en-us/software-download/windowsinsiderpreviewadvanced) 

 ## Manage Windows Insider Preview builds

@ -161,6 +179,58 @@ To switch flights prior to Windows 10, version 1709, follow these steps:
  * [Windows Insider Slow](#slow)
  * [Release Preview](#release-preview)

+## Explore new Insider Preview features
+Windows 10 Insider Preview builds offer organizations a valuable and exciting opportunity to evaluate new Windows features well before general release. What’s more, by providing feedback to Microsoft on these features, you and other Insiders in your organization can help shape Windows for your specific business needs. Here’s how to get the most out of your feature exploration: 
+
+**Objective: Release Channel**
+Feature Exploration: Fast Ring
+Insider Preview builds in the Fast Ring are released approximately once a week and contain the very latest features. This makes them ideal for feature exploration. 
+
+**Objective: Users**
+Feature Exploration: Because Fast Ring builds are released so early in the development cycle, we recommend limiting feature exploration in your organization to IT administrators and developers running Insider Preview builds on secondary machines.  
+
+**Objective: Tasks**
+Feature Exploration:
+•	Install and manage Insider Preview builds on PCs (per machine or centrally across multiple machines)  
+•	Explore new features in Windows designed for organizations, including new features related to current and planned line of business applications 
+•	Before running an Insider Preview build, check our [Windows Insider blog](https://blogs.windows.com/windowsexperience/tag/windows-insider-program/#k3WWwxKCTWHCO82H.97) for a summary current features. 
+
+**Objective: Feedback**
+Feature Exploration: 
+•	Provide feedback via [Feedback Hub app](insiderhub://home/). This helps us make adjustments to features as quickly as possible.
+•	Encourage users to sign into the Feedback Hub using their AAD work accounts. This enables both you and Microsoft to track feedback submitted by users within your specific organization. (Note: This tracking is only visible to Microsoft and registered Insiders within your organization’s domain.) 
+•	[Learn how to provide effective feedback in the Feedback Hub](https://insider.windows.com/en-us/how-to-feedback/)
+
+## Validate Insider Preview builds 
+Along with exploring new features, you also have the option to validate your apps and infrastructure on Insider Preview builds. This activity can play an important role in your [Windows 10 deployment strategy](https://docs.microsoft.com/en-us/windows/deployment/update/waas-windows-insider-for-business). Early validation has several benefits: 
+•	Get a head start on your Windows validation process 
+•	Identify issues sooner to accelerate your Windows deployment 
+•	Engage Microsoft earlier for help with potential compatibility issues 
+•	Deploy Windows 10 Semi-Annual releases faster and more confidently 
+•	Maximize the 18-month support Window that comes with each Semi-Annual release. 
+
+(images/WIP4Biz_deployment.png)
+Windows 10 Insider Preview builds enable organization to prepare sooner for Windows Semi-Annual releases and reduce the overall validation effort required with traditional deployments. 
+
+**Objective: Release Channel**
+Application and infrastructure validation: SLOW RING
+Insider Preview builds in the Slow Ring are released approximately once a month. They are more stable than Fast Ring releases, making them better suited for validation purposes. Slow Ring releases can be run on either secondary or primary production machines by skilled users.
+
+**Objective: Recommended Users**
+Application and infrastructure validation: In addition to Insiders who may have participated in feature exploration, we also recommend including a small group of application users from each business department to ensure a representative sample. 
+
+**Objective: Recommended Tasks**
+Application and infrastructure validation: Before running an Insider Preview build, check our [Windows Insider blog](https://blogs.windows.com/windowsexperience/tag/windows-insider-program/#k3WWwxKCTWHCO82H.97) and [Windows Insider Tech Community](https://techcommunity.microsoft.com/t5/Windows-Insider-Program/bd-p/WindowsInsiderProgram) pages for updates on current issues and fixes. 
+
+**Objective: Feedback**
+Application and infrastructure validation:Provide feedback in the Feedback Hub app and also inform app vendors of any significant issues.  
+
+**Objective: Guidance**
+Application and infrastructure validation:
+•	[Use Upgrade Readiness to create an app inventory and identify mission-critical apps](https://technet.microsoft.com/itpro/windows/deploy/upgrade-readiness-identify-apps) 
+•	[Use Device Health to identify problem devices and device drivers](https://docs.microsoft.com/en-us/windows/deployment/update/device-health-monitor)
+•	[Windows 10 application compatibility](https://technet.microsoft.com/windows/mt703793)
+
 ## How to switch between your MSA and your Corporate AAD account

 If you were using your Microsoft Account (MSA) to enroll to the Windows Insider Program, switch to your organizational account by going to **Settings > Updates & Security >  Windows Insider Program**, and under **Windows Insider account** select **Change**.
@ -189,7 +259,7 @@ When providing feedback, please consider the following:

 ### User consent requirement

-With the current version of the Feedback Hub app, we need the user's consent to access their AAD account profile data (We read their name, organizational tenant ID and user ID). When they sign in for the first time with the AAD account, they will see a popup asking for their permission, like this:
+Feedback Hub needs the user’s consent to access their AAD account profile data (we read their name, organizational tenant ID and user ID). When they sign in for the first time with the AAD account, they will see a popup asking for their permission, like this:

 ![Feedback Hub consent to AAD pop-up](images/waas-wipfb-aad-consent.png)

@ -271,6 +341,15 @@ Your individual registration with the Insider program will not be impacted. If y
 >[!IMPORTANT]
 >Once your domain is unregistered, setting the **Branch Readiness Level** to preview builds will have no effect. Return this setting to its unconfigured state in order to enable users to control it from their devices.

+## Community 
+
+Windows Insiders are a part of a global community focused on innovation, creativity, and growth in their world.  
+
+The Windows Insider program enables you to deepen connections to learn from peers and to connect to subject matter experts (inside Microsoft, Insiders in your local community and in another country) who understand your unique challenges, and who can provide strategic advice on how to maximize your impact.
+ 
+Collaborate and learn from experts in the [WINDOWS INSIDER TECH COMMUNITY](https://techcommunity.microsoft.com/t5/Windows-Insider-Program/bd-p/WindowsInsiderProgram)
+
+
 ## Additional help resources

 * [**Windows Blog**](https://blogs.windows.com/blog/tag/windows-insider-program/) - With each new build release we publish a Windows Blog post that outlines key feature changes as well as known issues that Insiders may encounter while using the build.
@ -281,10 +360,9 @@ Your individual registration with the Insider program will not be impacted. If y
 - [Windows Insider Program for Business using Azure Active Directory](waas-windows-insider-for-business-aad.md)
 - [Windows Insider Program for Business Frequently Asked Questions](waas-windows-insider-for-business-faq.md)

-
 ## Related Topics
 - [Overview of Windows as a service](waas-overview.md)
 - [Prepare servicing strategy for Windows 10 updates](waas-servicing-strategy-windows-10-updates.md)
 - [Build deployment rings for Windows 10 updates](waas-deployment-rings-windows-10-updates.md)
 - [Assign devices to servicing channels for Windows 10 updates](waas-servicing-channels-windows-10-updates.md)
- [Optimize update delivery for Windows 10 updates](waas-optimize-windows-10-updates.md)
+- [Optimize update delivery for Windows 10 updates](waas-optimize-windows-10-updates.md)
--- a/windows/hub/TOC.md
+++ b/windows/hub/TOC.md
@ -5,8 +5,6 @@
 ## [Configuration](/windows/configuration)
 ## [Client management](/windows/client-management)
 ## [Application management](/windows/application-management)
-## [Identity and access management](/windows/security/identity-protection)
-## [Information protection](/windows/security/information-protection)
-## [Threat protection](/windows/security/threat-protection)
+## [Security](/windows/security)
 ## [Troubleshooting](/windows/client-management/windows-10-support-solutions)
 ## [Other Windows client versions](https://docs.microsoft.com/previous-versions/windows)
--- a/windows/hub/index.md
+++ b/windows/hub/index.md
@ -37,12 +37,6 @@ Find the latest how to and support content that IT pros need to evaluate, plan,
      <a href="/windows/deployment/index">
        <img src="images/deployment.png" alt="Windows 10 deployment" title="Windows 10 deployment" />
      <br/>Deployment </a><br>
-    </td>
-       <td align="center" style="width:25%; border:0;">
-      <a href="/windows/client-management/index">
-        <img src="images/clientmanagement.png" alt="Windows 10 client management" title="Client management" />
-      <br/>Client Management </a><br>
-    </td>
  </tr>
  <tr style="text-align:center;">
    <td align="center" style="width:25%; border:0;"><br>
@ -50,21 +44,15 @@ Find the latest how to and support content that IT pros need to evaluate, plan,
        <img src="images/applicationmanagement.png" alt="Manage applications in your Windows 10 enterprise deployment" title="Application management" />
      <br/>Application Management </a>
    </td>
-    <td align="center" style="width:25%; border:0;"><br>
-      <a href="/windows/access-protection/index">
-        <img src="images/accessprotection.png" alt="Windows 10 access protection" title="Windows 10 access protection" />
-      <br/>Access Protection </a>
+       <td align="center" style="width:25%; border:0;"><br>
+      <a href="/windows/client-management/index">
+        <img src="images/clientmanagement.png" alt="Windows 10 client management" title="Client management" />
+      <br/>Client Management </a>
    </td>
    <td align="center" style="width:25%; border:0;"><br>
-      <a href="/windows/device-security/index">
-        <img src="images/devicesecurity.png" alt="Windows 10 device security" title="W10 device security" />
-      <br/>Device Security </a>
-    </td>
-    <td align="center" style="width:25%; border:0;"><br>
-      <a href="/windows/threat-protection/index">
-        <img src="images/threatprotection.png" alt="Windows 10 threat protection" title="Windows 10 threat protection" />
-      <br/>Threat Protection </a>
-    </td>
+      <a href="/windows/security/index">
+        <img src="images/threatprotection.png" alt="Windows 10 security" title="W10 security" />
+      <br/>Security </a>
  </tr>
 </table>

@ -74,9 +62,9 @@ Find the latest how to and support content that IT pros need to evaluate, plan,

 The Windows 10 operating system introduces a new way to build, deploy, and service Windows: Windows as a service. Microsoft has reimagined each part of the process, to simplify the lives of IT pros and maintain a consistent Windows 10 experience for its customers.

-  These improvements focus on maximizing customer involvement in Windows development, simplifying the deployment and servicing of Windows client computers, and leveling out the resources needed to deploy and maintain Windows over time.
+These improvements focus on maximizing customer involvement in Windows development, simplifying the deployment and servicing of Windows client computers, and leveling out the resources needed to deploy and maintain Windows over time.
  
-  - [Read more about Windows as a Service](/windows/deployment/update/waas-overview)
+- [Read more about Windows as a Service](/windows/deployment/update/waas-overview)

 ## Related topics
 [Windows 10 TechCenter](https://go.microsoft.com/fwlink/?LinkId=620009)
--- a/windows/security/identity-protection/hello-for-business/hello-deployment-cert-trust.md
+++ b/windows/security/identity-protection/hello-for-business/hello-deployment-cert-trust.md
@ -20,7 +20,7 @@ ms.date: 07/27/2017

 Windows Hello for Business replaces username and password sign-in to Windows with strong user authentication based on asymmetric key pair.  The following deployment guide provides the information needed to successfully deploy Windows Hello for Business in an existing environment.  

-Below, you can find all the infromation you will need to deploy Windows Hello for Business in a Certificate Trust Model in your on-premises environment:
+Below, you can find all the information you will need to deploy Windows Hello for Business in a Certificate Trust Model in your on-premises environment:
 1. [Validate Active Directory prerequisites](hello-cert-trust-validate-ad-prereq.md)
 2. [Validate and Configure Public Key Infrastructure](hello-cert-trust-validate-pki.md)
 3. [Prepare and Deploy Windows Server 2016 Active Directory Federation Services](hello-cert-trust-adfs.md)
--- a/windows/security/index.yml
+++ b/windows/security/index.yml
@ -14,6 +14,8 @@ metadata:

  keywords: protect, company, data, Windows, device, app, management, Microsoft365, e5, e3

+  ms.localizationpriority: high
+
  author: brianlic-msft

  ms.author: brianlic
--- a/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md
@ -9,8 +9,8 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 localizationpriority: medium
-author: iaanw
-ms.author: iawilt
+author: andreabichsel
+ms.author: v-anbic
 ms.date: 12/12/2017
 ---

@ -33,10 +33,10 @@ Windows Defender Exploit Guard (Windows Defender EG) is a new set of host intrus

 There are four features in Windows Defender EG:

- [Exploit protection](exploit-protection-exploit-guard.md) can apply exploit mitigation techniques to apps your organization uses, both individually and to all apps
- [Attack surface reduction rules](attack-surface-reduction-exploit-guard.md) can reduce the attack surface of your applications with intelligent rules that stop the vectors used by Office-,  script- and mail-based malware 
- [Network protection](network-protection-exploit-guard.md) extends the malware and social engineering protection offered by Windows Defender SmartScreen in Microsoft Edge to cover network traffic and connectivity on your organization's devices
- [Controlled folder access](controlled-folders-exploit-guard.md) helps protect files in key system folders from changes made by malicious and suspicious apps, including file-encrypting ransomware malware
+- [Exploit protection](exploit-protection-exploit-guard.md) can apply exploit mitigation techniques to apps your organization uses, both individually and to all apps. Works with third-party antivirus solutions and Windows Defender Antivirus (Windows Defender AV).
+- [Attack surface reduction rules](attack-surface-reduction-exploit-guard.md) can reduce the attack surface of your applications with intelligent rules that stop the vectors used by Office-,  script- and mail-based malware. Requires Windows Defender AV. 
+- [Network protection](network-protection-exploit-guard.md) extends the malware and social engineering protection offered by Windows Defender SmartScreen in Microsoft Edge to cover network traffic and connectivity on your organization's devices. Requires Windows Defender AV.
+- [Controlled folder access](controlled-folders-exploit-guard.md) helps protect files in key system folders from changes made by malicious and suspicious apps, including file-encrypting ransomware malware. Requires Windows Defender AV.


 You can evaluate each feature of Windows Defender EG with the guides at the following link, which provide pre-built PowerShell scripts and testing tools so you can see the features in action:
--- a/windows/whats-new/whats-new-windows-10-version-1607.md
+++ b/windows/whats-new/whats-new-windows-10-version-1607.md
@ -81,7 +81,7 @@ Additional changes for Windows Hello in Windows 10, version 1607:

 ### VPN

- The VPN client can integrate with the Conditional Access Framework, a cloud-pased policy engine built into Azure Active Directory, to provide a device compliance option for remote clients.
+- The VPN client can integrate with the Conditional Access Framework, a cloud-based policy engine built into Azure Active Directory, to provide a device compliance option for remote clients.
 - The VPN client can integrate with Windows Information Protection (WIP) policy to provide additional security. [Learn more about Windows Information Protection](/windows/threat-protection/windows-information-protection/protect-enterprise-data-using-wip), previously known as Enterprise Data Protection.
 - New VPNv2 configuration service provider (CSP) adds configuration settings. For details, see [What's new in MDM enrollment and management](https://msdn.microsoft.com/en-us/library/windows/hardware/mt299056%28v=vs.85%29.aspx#whatsnew_1607)
 - Microsoft Intune: *VPN Profile (Windows 10 Desktop and Mobile and later)* policy template includes support for native VPN plug-ins.
--- a/windows/whats-new/whats-new-windows-10-version-1703.md
+++ b/windows/whats-new/whats-new-windows-10-version-1703.md
@ -122,7 +122,7 @@ New features in Windows Defender Advanced Threat Protection (ATP) for Windows 10

 You can read more about ransomware mitigations and detection capability in Windows Defender Advanced Threat Protection in the blog: [Averting ransomware epidemics in corporate networks with Windows Defender ATP](https://blogs.technet.microsoft.com/mmpc/2017/01/30/averting-ransomware-epidemics-in-corporate-networks-with-windows-defender-atp/).

-Get a quick, but in-depth overview of Windows Defender ATP for Windows 10 and the new capabilities in Windows 10, version 1703 see (Windows Defender ATP for Windows 10 Creators Update)[https://technet.microsoft.com/en-au/windows/mt782787].
+Get a quick, but in-depth overview of Windows Defender ATP for Windows 10 and the new capabilities in Windows 10, version 1703 see [Windows Defender ATP for Windows 10 Creators Update](https://technet.microsoft.com/en-au/windows/mt782787).

 ### Windows Defender Antivirus
 Windows Defender is now called Windows Defender Antivirus, and we've [increased the breadth of the documentation library for enterprise security admins](/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10).
@ -169,7 +169,7 @@ For Windows Phone devices, an administrator is able to initiate a remote PIN res

 For Windows desktops, users are able to reset a forgotten PIN through **Settings > Accounts > Sign-in options**.

-For more details, check out [What if I forget my PIN?](/windows/access-protection/hello-for-business/hello-why-pin-is-better-than-password#what-if-i-forget-my-pin).
+For more details, check out [What if I forget my PIN?](/windows/security/identity-protection/hello-for-business/hello-features#pin-reset).

 ### Windows Information Protection (WIP) and Azure Active Directory (Azure AD)
 Microsoft Intune helps you create and deploy your Windows Information Protection (WIP) policy, including letting you choose your allowed apps, your WIP-protection level, and how to find enterprise data on the network. For more info, see [Create a Windows Information Protection (WIP) policy using Microsoft Intune](/windows/threat-protection/windows-information-protection/create-wip-policy-using-intune) and [Associate and deploy your Windows Information Protection (WIP) and VPN policies by using Microsoft Intune](/windows/threat-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune).