Merge branch 'master' of https://cpubwin.visualstudio.com/_git/it-client

2025-06-15 18:33:43 +00:00 · 2018-11-02 10:02:51 -07:00
parent 7d2f6bc48c 31dc630817
commit b2dc48343d
3 changed files with 12 additions and 14 deletions
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md
@ -14,7 +14,7 @@ ms.author: v-anbic
 ms.date: 09/03/2018
 ---

-# Enable and configure antivirius always-on protection and monitoring
+# Enable and configure antivirus always-on protection and monitoring

 **Applies to:**

--- a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md
@ -69,13 +69,13 @@ Functionality, configuration, and management is largely the same when using Wind

 ## Related topics

-[Windows Defender AV in the Windows Security app](windows-defender-security-center-antivirus.md)
-[Windows Defender AV on Windows Server 2016](windows-defender-antivirus-on-windows-server-2016.md)
-[Windows Defender AV compatibility](windows-defender-antivirus-compatibility.md)
-[Evaluate Windows Defender AV protection](evaluate-windows-defender-antivirus.md)
-[Deploy, manage updates, and report on Windows Defender AV](deploy-manage-report-windows-defender-antivirus.md)
-[Configure Windows Defender AV features](configure-windows-defender-antivirus-features.md)
-[Customize, initiate, and review the results of scans and remediation](customize-run-review-remediate-scans-windows-defender-antivirus.md)
-[Review event logs and error codes to troubleshoot issues](troubleshoot-windows-defender-antivirus.md)
-[Reference topics for management and configuration tools](configuration-management-reference-windows-defender-antivirus.md)
+- [Windows Defender AV in the Windows Security app](windows-defender-security-center-antivirus.md)
+- [Windows Defender AV on Windows Server 2016](windows-defender-antivirus-on-windows-server-2016.md)
+- [Windows Defender AV compatibility](windows-defender-antivirus-compatibility.md)
+- [Evaluate Windows Defender AV protection](evaluate-windows-defender-antivirus.md)
+- [Deploy, manage updates, and report on Windows Defender AV](deploy-manage-report-windows-defender-antivirus.md)
+- [Configure Windows Defender AV features](configure-windows-defender-antivirus-features.md)
+- [Customize, initiate, and review the results of scans and remediation](customize-run-review-remediate-scans-windows-defender-antivirus.md)
+- [Review event logs and error codes to troubleshoot issues](troubleshoot-windows-defender-antivirus.md)
+- [Reference topics for management and configuration tools](configuration-management-reference-windows-defender-antivirus.md)

--- a/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
@ -53,7 +53,7 @@ Use advanced protection against ransomware | c1db55ab-c21a-4637-bb3f-a12568109d3
 Block credential stealing from the Windows local security authority subsystem (lsass.exe) | 9e6c4e1f-7d60-472f-ba1a-a39ef669e4b2
 Block process creations originating from PSExec and WMI commands | d1e49aac-8f56-4280-b9ba-993a6d77406c
 Block untrusted and unsigned processes that run from USB | b2b3f03d-6a65-4f7b-a9c7-1c7ef74a9ba4
-Block only Office communication applications from creating child processes | 26190899-1602-49e8-8b27-eb1d0a1ce869
+Block Office communication applications from creating child processes | 26190899-1602-49e8-8b27-eb1d0a1ce869
 Block Adobe Reader from creating child processes | 7674ba52-37eb-4a4f-a9a1-f0f9a1619a2c

 The rules apply to the following Office apps:
@ -112,8 +112,6 @@ Malware and other threats can attempt to obfuscate or hide their malicious code

 This rule prevents scripts that appear to be obfuscated from running. 

-It uses the [AntiMalwareScanInterface (AMSI)](https://msdn.microsoft.com/en-us/library/windows/desktop/dn889587(v=vs.85).aspx) to determine if a script is potentially obfuscated, and then blocks such a script, or blocks scripts when an attempt is made to access them.
-
 ### Rule: Block Win32 API calls from Office macro

 Malware can use macro code in Office files to import and load Win32 DLLs, which can then be used to make API calls to allow further infection throughout the system.
@ -160,7 +158,7 @@ With this rule, admins can prevent unsigned or untrusted executable files from r
 - Executable files (such as .exe, .dll, or .scr) 
 - Script files (such as a PowerShell .ps, VisualBasic .vbs, or JavaScript .js file)

-### Rule: Block only Office communication applications from creating child processes
+### Rule: Block Office communication applications from creating child processes

 Office communication apps will not be allowed to create child processes. This includes Outlook.