From aca045a25e2d81f2ba9d7b13b4b05082a1244055 Mon Sep 17 00:00:00 2001
From: "Andrea Bichsel (Aquent LLC)" <v-anbic@microsoft.com>
Date: Mon, 19 Nov 2018 19:02:55 +0000
Subject: [PATCH] Added note to ASR rule.

---
 .../attack-surface-reduction-exploit-guard.md                  | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
index a3272ab6e6..13d105b946 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
@@ -158,6 +158,9 @@ Outlook will not be allowed to create child processes.
 
 This is a typical malware behavior, especially for macro-based attacks that attempt to use Office apps to launch or download malicious executables.
 
+>[!NOTE]
+>This rule applies to Outlook only.
+
 ### Rule: Block Adobe Reader from creating child processes
 
 This rule blocks Adobe Reader from creating child processes.