From 7bd4a090227472446520a53fbce3c6e16aa41b35 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Wed, 31 May 2023 15:46:31 -0400
Subject: [PATCH 01/13] Move smartscreen and refresh
---
.../mdm/policy-csp-admx-windowsexplorer.md | 5 +-
windows/security/apps.md | 2 +-
windows/security/identity-protection/toc.yml | 2 +-
windows/security/index.yml | 2 +-
.../available-settings.md} | 2 +-
.../enhanced-phishing-protection.md} | 6 +--
...rosoft-Defender-Smartscreen-submission.png | Bin
.../images/icons/group-policy.svg | 0
.../images/icons/intune.svg | 0
.../images/icons/windows-os.svg | 0
.../microsoft-defender-smartscreen/index.md} | 5 +-
.../virus-and-threat-protection/toc.yml | 45 ++++++++++--------
windows/security/threat-protection/index.md | 15 ++----
...iew-of-threat-mitigations-in-windows-10.md | 12 ++---
.../whats-new-windows-11-version-22H2.md | 2 +-
15 files changed, 48 insertions(+), 50 deletions(-)
rename windows/security/{threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md => operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/available-settings.md} (99%)
rename windows/security/{threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen.md => operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection.md} (99%)
rename windows/security/{threat-protection => operating-system-security/virus-and-threat-protection}/microsoft-defender-smartscreen/images/Microsoft-Defender-Smartscreen-submission.png (100%)
rename windows/security/{threat-protection => operating-system-security/virus-and-threat-protection}/microsoft-defender-smartscreen/images/icons/group-policy.svg (100%)
rename windows/security/{threat-protection => operating-system-security/virus-and-threat-protection}/microsoft-defender-smartscreen/images/icons/intune.svg (100%)
rename windows/security/{threat-protection => operating-system-security/virus-and-threat-protection}/microsoft-defender-smartscreen/images/icons/windows-os.svg (100%)
rename windows/security/{threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md => operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/index.md} (95%)
diff --git a/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md b/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
index 4a8727e522..a6a0c31774 100644
--- a/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
+++ b/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
@@ -622,8 +622,7 @@ Some information is sent to Microsoft about files and programs run on PCs with t
-
-For more information, see [Microsoft Defender SmartScreen](/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview).
+For more information, see [Microsoft Defender SmartScreen](/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen).
@@ -3174,7 +3173,7 @@ If you enable this setting, the system removes the Map Network Drive and Disconn
This setting doesn't prevent users from connecting to another computer by typing the name of a shared folder in the Run dialog box.
> [!NOTE]
->
+>
This setting was documented incorrectly on the Explain tab in Group Policy for Windows 2000. The Explain tab states incorrectly that this setting prevents users from connecting and disconnecting drives.
diff --git a/windows/security/apps.md b/windows/security/apps.md
index a2e62786ce..b69ebc2103 100644
--- a/windows/security/apps.md
+++ b/windows/security/apps.md
@@ -23,4 +23,4 @@ The following table summarizes the Windows security features and capabilities fo
| Microsoft Defender Application Guard | Application Guard uses chip-based hardware isolation to isolate untrusted websites and untrusted Office files, seamlessly running untrusted websites and files in an isolated Hyper-V-based container, separate from the desktop operating system, and making sure that anything that happens within the container remains isolated from the desktop. Learn more [Microsoft Defender Application Guard overview](threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md). |
| Windows Sandbox | Windows Sandbox provides a lightweight desktop environment to safely run applications in isolation. Software installed inside the Windows Sandbox environment remains "sandboxed" and runs separately from the host machine. A sandbox is temporary. When it's closed, all the software and files and the state are deleted. You get a brand-new instance of the sandbox every time you open the application. Learn more: [Windows Sandbox](application-security/application-isolation/windows-sandbox/windows-sandbox-overview.md) |
| Email Security | With Windows S/MIME email security, users can encrypt outgoing messages and attachments, so only intended recipients with digital identification (ID)—also called a certificate—can read them. Users can digitally sign a message, which verifies the identity of the sender and ensures the message has not been tampered with.[Configure S/MIME for Windows 10](identity-protection/configure-s-mime.md) |
-| Microsoft Defender SmartScreen | Microsoft Defender SmartScreen protects against phishing or malware websites and applications, and the downloading of potentially malicious files. Learn more: [Microsoft Defender SmartScreen overview](threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md) |
+| Microsoft Defender SmartScreen | Microsoft Defender SmartScreen protects against phishing or malware websites and applications, and the downloading of potentially malicious files. Learn more: [Microsoft Defender SmartScreen overview](/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen) |
diff --git a/windows/security/identity-protection/toc.yml b/windows/security/identity-protection/toc.yml
index c90f5b2316..fcd058a974 100644
--- a/windows/security/identity-protection/toc.yml
+++ b/windows/security/identity-protection/toc.yml
@@ -32,7 +32,7 @@ items:
displayName: LAPS
href: /windows-server/identity/laps/laps-overview
- name: Enhanced Phishing Protection in Microsoft Defender SmartScreen
- href: ../threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen.md
+ href: ../operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection.md
displayName: EPP
- name: Access Control
items:
diff --git a/windows/security/index.yml b/windows/security/index.yml
index 535f5f269a..8cd670d32e 100644
--- a/windows/security/index.yml
+++ b/windows/security/index.yml
@@ -92,7 +92,7 @@ landingContent:
- text: Windows Sandbox
url: application-security\application-isolation\windows-sandbox\windows-sandbox-overview.md
- text: Microsoft Defender SmartScreen
- url: threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md
+ url: operating-system-security\virus-and-threat-protection\microsoft-defender-smartscreen\index.md
- text: S/MIME for Windows
url: identity-protection/configure-s-mime.md
# Cards and links should be based on top customer tasks or top subjects
diff --git a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md b/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/available-settings.md
similarity index 99%
rename from windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md
rename to windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/available-settings.md
index 3c1ed6dcea..18f1795945 100644
--- a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md
+++ b/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/available-settings.md
@@ -4,7 +4,7 @@ description: A list of all available settings for Microsoft Defender SmartScreen
ms.prod: windows-client
author: vinaypamnani-msft
ms.localizationpriority: medium
-ms.date: 09/28/2020
+ms.date: 05/31/2023
ms.reviewer:
manager: aaroncz
ms.author: vinpa
diff --git a/windows/security/threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen.md b/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection.md
similarity index 99%
rename from windows/security/threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen.md
rename to windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection.md
index aebf090b15..1abefbf7f4 100644
--- a/windows/security/threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen.md
+++ b/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection.md
@@ -8,7 +8,7 @@ ms.author: vinpa
ms.reviewer: paoloma
manager: aaroncz
ms.localizationpriority: medium
-ms.date: 10/07/2022
+ms.date: 05/31/2023
adobe-target: true
appliesto:
- ✅ Windows 11, version 22H2
@@ -73,7 +73,7 @@ Enhanced Phishing Protection can be configured using the following Administrativ
#### [:::image type="icon" source="images/icons/windows-os.svg"::: **CSP**](#tab/csp)
Enhanced Phishing Protection can be configured using the [WebThreatDefense CSP][WIN-1].
-
+
| Setting | OMA-URI | Data type |
|-------------------------|---------------------------------------------------------------------------|-----------|
| **ServiceEnabled** | `./Device/Vendor/MSFT/Policy/Config/WebThreatDefense/ServiceEnabled` | Integer |
@@ -90,7 +90,7 @@ By default, Enhanced Phishing Protection is deployed in audit mode, preventing n
To better help you protect your organization, we recommend turning on and using these specific Microsoft Defender SmartScreen settings.
#### [:::image type="icon" source="images/icons/intune.svg"::: **Intune**](#tab/intune)
-
+
|Settings catalog element|Recommendation|
|---------|---------|
|Service Enabled|**Enable**: Turns on Enhanced Phishing Protection in audit mode, which captures work or school password entry events and sends diagnostic data but doesn't show any notifications to your users.|
diff --git a/windows/security/threat-protection/microsoft-defender-smartscreen/images/Microsoft-Defender-Smartscreen-submission.png b/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/images/Microsoft-Defender-Smartscreen-submission.png
similarity index 100%
rename from windows/security/threat-protection/microsoft-defender-smartscreen/images/Microsoft-Defender-Smartscreen-submission.png
rename to windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/images/Microsoft-Defender-Smartscreen-submission.png
diff --git a/windows/security/threat-protection/microsoft-defender-smartscreen/images/icons/group-policy.svg b/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/images/icons/group-policy.svg
similarity index 100%
rename from windows/security/threat-protection/microsoft-defender-smartscreen/images/icons/group-policy.svg
rename to windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/images/icons/group-policy.svg
diff --git a/windows/security/threat-protection/microsoft-defender-smartscreen/images/icons/intune.svg b/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/images/icons/intune.svg
similarity index 100%
rename from windows/security/threat-protection/microsoft-defender-smartscreen/images/icons/intune.svg
rename to windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/images/icons/intune.svg
diff --git a/windows/security/threat-protection/microsoft-defender-smartscreen/images/icons/windows-os.svg b/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/images/icons/windows-os.svg
similarity index 100%
rename from windows/security/threat-protection/microsoft-defender-smartscreen/images/icons/windows-os.svg
rename to windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/images/icons/windows-os.svg
diff --git a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md b/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/index.md
similarity index 95%
rename from windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md
rename to windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/index.md
index b58a2be3ac..569457defe 100644
--- a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md
+++ b/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/index.md
@@ -12,7 +12,7 @@ adobe-target: true
ms.collection:
- tier2
- highpri
-ms.date: 03/20/2023
+ms.date: 05/31/2023
ms.topic: article
appliesto:
- ✅ Windows 11
@@ -42,7 +42,7 @@ Microsoft Defender SmartScreen provide an early warning system against websites
- **Reputation-based URL and app protection:** Microsoft Defender SmartScreen evaluates a website's URLs to determine if they're known to distribute or host unsafe content. It also provides reputation checks for apps, checking downloaded programs and the digital signature used to sign a file. If a URL, a file, an app, or a certificate has an established reputation, users don't see any warnings. If there's no reputation, the item is marked as a higher risk and presents a warning to the user.
- **Operating system integration:** Microsoft Defender SmartScreen is integrated into the Windows 10 operating system. It checks any files an app (including 3rd-party browsers and email clients) that attempts to download and run.
- **Improved heuristics and diagnostic data:** Microsoft Defender SmartScreen is constantly learning and endeavoring to stay up to date, so it can help to protect you against potentially malicious sites and files.
-- **Management through group policy and Microsoft Intune:** Microsoft Defender SmartScreen supports using both group policy and Microsoft Intune settings. For more info about all available settings, see [Available Microsoft Defender SmartScreen group policy and mobile device management (MDM) settings](microsoft-defender-smartscreen-available-settings.md).
+- **Management through group policy and Microsoft Intune:** Microsoft Defender SmartScreen supports using both group policy and Microsoft Intune settings. For more info about all available settings, see [Available Microsoft Defender SmartScreen group policy and mobile device management (MDM) settings](available-settings.md).
- **Blocking URLs associated with potentially unwanted applications:** In Microsoft Edge (based on Chromium), SmartScreen blocks URLs associated with potentially unwanted applications, or PUAs. For more information on blocking URLs associated with PUAs, see [Detect and block potentially unwanted applications](/microsoft-365/security/defender-endpoint/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus).
> [!IMPORTANT]
@@ -61,5 +61,4 @@ When submitting a file for Microsoft Defender SmartScreen, make sure to select *
## Related articles
- [SmartScreen frequently asked questions](https://fb.smartscreen.microsoft.com/smartscreenfaq.aspx)
-- [Available Microsoft Defender SmartScreen group policy and mobile device management (MDM) settings](microsoft-defender-smartscreen-available-settings.md)
- [Configuration service provider reference](/windows/client-management/mdm/configuration-service-provider-reference)
diff --git a/windows/security/operating-system-security/virus-and-threat-protection/toc.yml b/windows/security/operating-system-security/virus-and-threat-protection/toc.yml
index a8c5cdf1e5..639a85c09c 100644
--- a/windows/security/operating-system-security/virus-and-threat-protection/toc.yml
+++ b/windows/security/operating-system-security/virus-and-threat-protection/toc.yml
@@ -1,21 +1,26 @@
items:
-- name: Overview
- href: ../../threat-protection/index.md
-- name: Microsoft Defender Antivirus
- href: /microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows
-- name: Configuring LSA Protection
- href: /windows-server/security/credentials-protection-and-management/configuring-additional-lsa-protection?toc=/windows/security/toc.json&bc=/windows/security/breadcrumb/toc.json
-- name: Attack surface reduction (ASR)
- href: /microsoft-365/security/defender-endpoint/attack-surface-reduction
-- name: Tamper protection for MDE
- href: /microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection
-- name: Microsoft Vulnerable Driver Blocklist
- href: ../../threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
-- name: Controlled folder access
- href: /microsoft-365/security/defender-endpoint/controlled-folders
-- name: Exploit protection
- href: /microsoft-365/security/defender-endpoint/exploit-protection
-- name: Microsoft Defender SmartScreen
- href: ../../threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md
-- name: Microsoft Defender for Endpoint
- href: /microsoft-365/security/defender-endpoint
\ No newline at end of file
+ - name: Overview
+ href: index.md
+ - name: Microsoft Defender Antivirus 🔗
+ href: /microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows
+ - name: Configuring LSA Protection 🔗
+ href: /windows-server/security/credentials-protection-and-management/configuring-additional-lsa-protection?toc=/windows/security/toc.json&bc=/windows/security/breadcrumb/toc.json
+ - name: Attack surface reduction (ASR) 🔗
+ href: /microsoft-365/security/defender-endpoint/attack-surface-reduction
+ - name: Tamper protection for MDE 🔗
+ href: /microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection
+ - name: Microsoft Vulnerable Driver Blocklist
+ href: ../../threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
+ - name: Controlled folder access 🔗
+ href: /microsoft-365/security/defender-endpoint/controlled-folders
+ - name: Exploit protection 🔗
+ href: /microsoft-365/security/defender-endpoint/exploit-protection
+ - name: Microsoft Defender SmartScreen
+ href: microsoft-defender-smartscreen/index.md
+ items:
+ - name: Available settings
+ href: microsoft-defender-smartscreen/available-settings.md
+ - name: Enhanced Phishing Protection
+ href: microsoft-defender-smartscreen/enhanced-phishing-protection.md
+ - name: Microsoft Defender for Endpoint 🔗
+ href: /microsoft-365/security/defender-endpoint
diff --git a/windows/security/threat-protection/index.md b/windows/security/threat-protection/index.md
index dfaa642ba7..83cd0757b5 100644
--- a/windows/security/threat-protection/index.md
+++ b/windows/security/threat-protection/index.md
@@ -12,13 +12,7 @@ ms.date: 12/31/2017
# Windows threat protection
-**Applies to:**
-- Windows 10
-- Windows 11
-
-In Windows client, hardware and software work together to help protect you from new and emerging threats. Expanded security protections in Windows 11 help boost security from the chip, to the cloud.
-
-## Windows threat protection
+In Windows client, hardware and software work together to help protect you from new and emerging threats. Expanded security protections in Windows 11 help boost security from the chip, to the cloud.
See the following articles to learn more about the different areas of Windows threat protection:
@@ -28,15 +22,16 @@ See the following articles to learn more about the different areas of Windows th
- [Exploit Protection](/microsoft-365/security/defender-endpoint/exploit-protection)
- [Microsoft Defender Application Guard](/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview)
- [Microsoft Defender Device Guard](device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md)
-- [Microsoft Defender SmartScreen](/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview)
+- [Microsoft Defender SmartScreen](/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/)
- [Network Protection](/microsoft-365/security/defender-endpoint/network-protection)
- [Virtualization-Based Protection of Code Integrity](/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity)
- [Web Protection](/microsoft-365/security/defender-endpoint/web-protection-overview)
- [Windows Firewall](windows-firewall/windows-firewall-with-advanced-security.md)
- [Windows Sandbox](/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview)
-### Next-generation protection
-Next-generation protection is designed to identify and block new and emerging threats. Powered by the cloud and machine learning, Microsoft Defender Antivirus can help stop attacks in real-time.
+## Next-generation protection
+
+Next-generation protection is designed to identify and block new and emerging threats. Powered by the cloud and machine learning, Microsoft Defender Antivirus can help stop attacks in real-time.
- [Automated sandbox service](/microsoft-365/security/defender-endpoint/configure-block-at-first-sight-microsoft-defender-antivirus)
- [Behavior monitoring](/microsoft-365/security/defender-endpoint/configure-real-time-protection-microsoft-defender-antivirus)
diff --git a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
index c72345df1e..5c41c76d73 100644
--- a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
+++ b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
@@ -1,5 +1,5 @@
---
-title: Mitigate threats by using Windows 10 security features
+title: Mitigate threats by using Windows 10 security features
description: An overview of software and firmware threats faced in the current security landscape, and the mitigations that Windows 10 offers in response to these threats.
ms.prod: windows-client
ms.localizationpriority: medium
@@ -84,7 +84,7 @@ Windows Defender SmartScreen notifies users if they click on reported phishing a
For Windows 10, Microsoft improved SmartScreen (now called Windows Defender SmartScreen) protection capability by integrating its app reputation abilities into the operating system itself, which allows Windows Defender SmartScreen to check the reputation of files downloaded from the Internet and warn users when they're about to run a high-risk downloaded file. The first time a user runs an app that originates from the Internet, Windows Defender SmartScreen checks the reputation of the application by using digital signatures and other factors against a service that Microsoft maintains. If the app lacks a reputation or is known to be malicious, Windows Defender SmartScreen warns the user or blocks execution entirely, depending on how the administrator has configured Microsoft Intune or Group Policy settings.
-For more information, see [Microsoft Defender SmartScreen overview](microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md).
+For more information, see [Microsoft Defender SmartScreen overview]().
### Microsoft Defender Antivirus
@@ -124,7 +124,7 @@ Data Execution Prevention (DEP) does exactly that, by substantially reducing the
5. Click **OK**.
-You can now see which processes have DEP enabled.
+You can now see which processes have DEP enabled.
@@ -296,7 +296,7 @@ Some of the protections available in Windows 10 are provided through functions t
| Extension point disable to block the use of certain third-party extension points | [UpdateProcThreadAttribute function](/windows/win32/api/processthreadsapi/nf-processthreadsapi-updateprocthreadattribute)
\[PROCESS\_CREATION\_MITIGATION\_POLICY\_EXTENSION\_POINT\_DISABLE\_ALWAYS\_ON\] |
| Heap terminate on corruption to protect the system against a corrupted heap | [UpdateProcThreadAttribute function](/windows/win32/api/processthreadsapi/nf-processthreadsapi-updateprocthreadattribute)
\[PROCESS\_CREATION\_MITIGATION\_POLICY\_HEAP\_TERMINATE\_ALWAYS\_ON\] |
-## Understanding Windows 10 in relation to the Enhanced Mitigation Experience Toolkit
+## Understanding Windows 10 in relation to the Enhanced Mitigation Experience Toolkit
You might already be familiar with the [Enhanced Mitigation Experience Toolkit (EMET)](https://support.microsoft.com/topic/emet-mitigations-guidelines-b529d543-2a81-7b5a-d529-84b30e1ecee0), which has since 2009 offered various exploit mitigations, and an interface for configuring those mitigations. You can use this section to understand how EMET mitigations relate to those mitigations in Windows 10. Many of EMET's mitigations have been built into Windows 10, some with extra improvements. However, some EMET mitigations carry high-performance cost, or appear to be relatively ineffective against modern threats, and therefore haven't been brought into Windows 10.
@@ -322,7 +322,7 @@ One of EMET's strengths is that it allows you to import and export configuration
Install-Module -Name ProcessMitigations
```
-The Get-ProcessMitigation cmdlet gets the current mitigation settings from the registry or from a running process, or it can save all settings to an XML file.
+The Get-ProcessMitigation cmdlet gets the current mitigation settings from the registry or from a running process, or it can save all settings to an XML file.
To get the current settings on all running instances of notepad.exe:
@@ -377,7 +377,7 @@ ConvertTo-ProcessMitigationPolicy -EMETFilePath -OutputFilePath
**Enhanced Phishing Protection** in **Microsoft Defender SmartScreen** helps protect Microsoft school or work passwords against phishing and unsafe usage on websites and in applications. Enhanced Phishing Protection works alongside Windows security protections to help protect Windows 11 work or school sign-in passwords.
-For more information, see [Enhanced Phishing Protection in Microsoft Defender SmartScreen](/windows/security/threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen) and [Protect passwords with enhanced phishing protection](https://aka.ms/EnhancedPhishingProtectionBlog) in the Windows IT Pro blog.
+For more information, see [Enhanced Phishing Protection in Microsoft Defender SmartScreen](/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection) and [Protect passwords with enhanced phishing protection](https://aka.ms/EnhancedPhishingProtectionBlog) in the Windows IT Pro blog.
## Smart App Control
From 6e44a626e6aed3a1e3f9004ed9ddde7ea210c4c0 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Wed, 31 May 2023 16:00:41 -0400
Subject: [PATCH 02/13] Fix links
---
.../enhanced-phishing-protection.md | 4 ++--
.../microsoft-defender-smartscreen/index.md | 2 +-
.../virus-and-threat-protection/toc.yml | 2 --
3 files changed, 3 insertions(+), 5 deletions(-)
diff --git a/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection.md b/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection.md
index 1abefbf7f4..d4eafd6dd1 100644
--- a/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection.md
+++ b/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection.md
@@ -40,7 +40,7 @@ Enhanced Phishing Protection provides robust phishing protections for work or sc
- **Easy management through Group Policy and Microsoft Intune:** Enhanced Phishing Protection works with Group Policy and mobile device management (MDM) settings to help you manage your organization's computer settings. Based on how you set up Enhanced Phishing Protection, you can customize which phishing protection scenarios show users warning dialogs. For example, the Service Enabled setting determines whether the Enhanced Phishing Protection service is on or off. The feature is in audit mode if the other settings, which correspond to notification policies, aren't enabled.
-[!INCLUDE [enhanced-phishing-protection-with-smartscreen](../../../../includes/licensing/enhanced-phishing-protection-with-smartscreen.md)]
+[!INCLUDE [enhanced-phishing-protection-with-smartscreen](/includes/licensing/enhanced-phishing-protection-with-smartscreen.md)]
## Configure Enhanced Phishing Protection for your organization
@@ -122,7 +122,7 @@ To better help you protect your organization, we recommend turning on and using
- [SmartScreen Frequently Asked Questions](https://fb.smartscreen.microsoft.com/smartscreenfaq.aspx)
- [WebThreatDefense CSP][WIN-1]
-- [Threat protection](../index.md)
+- [Threat protection](index.md)
diff --git a/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/index.md b/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/index.md
index 569457defe..5128f46efc 100644
--- a/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/index.md
+++ b/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/index.md
@@ -48,7 +48,7 @@ Microsoft Defender SmartScreen provide an early warning system against websites
> [!IMPORTANT]
> SmartScreen protects against malicious files from the internet. It does not protect against malicious files on internal locations or network shares, such as shared folders with UNC paths or SMB/CIFS shares.
-[!INCLUDE [microsoft-defender-smartscreen](../../../../includes/licensing/microsoft-defender-smartscreen.md)]
+[!INCLUDE [microsoft-defender-smartscreen](/includes/licensing/microsoft-defender-smartscreen.md)]
## Submit files to Microsoft Defender SmartScreen for review
diff --git a/windows/security/operating-system-security/virus-and-threat-protection/toc.yml b/windows/security/operating-system-security/virus-and-threat-protection/toc.yml
index 639a85c09c..077e6d1c55 100644
--- a/windows/security/operating-system-security/virus-and-threat-protection/toc.yml
+++ b/windows/security/operating-system-security/virus-and-threat-protection/toc.yml
@@ -1,6 +1,4 @@
items:
- - name: Overview
- href: index.md
- name: Microsoft Defender Antivirus 🔗
href: /microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows
- name: Configuring LSA Protection 🔗
From 8c690c98571df145f8074a4a2cfec00259d4a43d Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Wed, 31 May 2023 16:05:44 -0400
Subject: [PATCH 03/13] test includes link
---
.../enhanced-phishing-protection.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection.md b/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection.md
index d4eafd6dd1..bdd0f93906 100644
--- a/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection.md
+++ b/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection.md
@@ -40,7 +40,7 @@ Enhanced Phishing Protection provides robust phishing protections for work or sc
- **Easy management through Group Policy and Microsoft Intune:** Enhanced Phishing Protection works with Group Policy and mobile device management (MDM) settings to help you manage your organization's computer settings. Based on how you set up Enhanced Phishing Protection, you can customize which phishing protection scenarios show users warning dialogs. For example, the Service Enabled setting determines whether the Enhanced Phishing Protection service is on or off. The feature is in audit mode if the other settings, which correspond to notification policies, aren't enabled.
-[!INCLUDE [enhanced-phishing-protection-with-smartscreen](/includes/licensing/enhanced-phishing-protection-with-smartscreen.md)]
+[!INCLUDE [enhanced-phishing-protection-with-smartscreen](/includes/licensing/enhanced-phishing-protection-with-smartscreen)]
## Configure Enhanced Phishing Protection for your organization
From 5f0eed413fcb6f47a662b6ce015f17f8e11ca386 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Wed, 31 May 2023 16:13:19 -0400
Subject: [PATCH 04/13] fix links again
---
.../enhanced-phishing-protection.md | 2 +-
.../microsoft-defender-smartscreen/index.md | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection.md b/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection.md
index bdd0f93906..74a3cd15d9 100644
--- a/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection.md
+++ b/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection.md
@@ -40,7 +40,7 @@ Enhanced Phishing Protection provides robust phishing protections for work or sc
- **Easy management through Group Policy and Microsoft Intune:** Enhanced Phishing Protection works with Group Policy and mobile device management (MDM) settings to help you manage your organization's computer settings. Based on how you set up Enhanced Phishing Protection, you can customize which phishing protection scenarios show users warning dialogs. For example, the Service Enabled setting determines whether the Enhanced Phishing Protection service is on or off. The feature is in audit mode if the other settings, which correspond to notification policies, aren't enabled.
-[!INCLUDE [enhanced-phishing-protection-with-smartscreen](/includes/licensing/enhanced-phishing-protection-with-smartscreen)]
+[!INCLUDE [enhanced-phishing-protection-with-smartscreen](../../../../../includes/licensing/enhanced-phishing-protection-with-smartscreen.md)]
## Configure Enhanced Phishing Protection for your organization
diff --git a/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/index.md b/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/index.md
index 5128f46efc..8b326614fd 100644
--- a/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/index.md
+++ b/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/index.md
@@ -48,7 +48,7 @@ Microsoft Defender SmartScreen provide an early warning system against websites
> [!IMPORTANT]
> SmartScreen protects against malicious files from the internet. It does not protect against malicious files on internal locations or network shares, such as shared folders with UNC paths or SMB/CIFS shares.
-[!INCLUDE [microsoft-defender-smartscreen](/includes/licensing/microsoft-defender-smartscreen.md)]
+[!INCLUDE [microsoft-defender-smartscreen](../../../../../includes/licensing/microsoft-defender-smartscreen.md)]
## Submit files to Microsoft Defender SmartScreen for review
From 896f9627ecd4fe34953dc0cf8f1873fad04e9ba2 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Wed, 31 May 2023 16:27:58 -0400
Subject: [PATCH 05/13] add redirects
---
.openpublishing.redirection.json | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index 2e4f6df9c5..022f0bc238 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -20825,6 +20825,21 @@
"redirect_url": "/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-overview",
"redirect_document_id": false
},
+ {
+ "source_path": "windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md",
+ "redirect_url": "/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/available-settings",
+ "redirect_document_id": false
+ },
+ {
+ "source_path": "windows/security/threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen.md",
+ "redirect_url": "/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection",
+ "redirect_document_id": false
+ },
+ {
+ "source_path": "windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md",
+ "redirect_url": "/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen",
+ "redirect_document_id": false
+ },
{
"source_path": "windows/security/information-protection/index.md",
"redirect_url": "/windows/security/encryption-data-protection",
From 8bb63f59cc27e1d2251ada8002cffaf5ee3f60a8 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Wed, 31 May 2023 16:35:41 -0400
Subject: [PATCH 06/13] Update TOC
---
.../virus-and-threat-protection/toc.yml | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/windows/security/operating-system-security/virus-and-threat-protection/toc.yml b/windows/security/operating-system-security/virus-and-threat-protection/toc.yml
index 077e6d1c55..ed1ff2ce5d 100644
--- a/windows/security/operating-system-security/virus-and-threat-protection/toc.yml
+++ b/windows/security/operating-system-security/virus-and-threat-protection/toc.yml
@@ -14,8 +14,9 @@ items:
- name: Exploit protection 🔗
href: /microsoft-365/security/defender-endpoint/exploit-protection
- name: Microsoft Defender SmartScreen
- href: microsoft-defender-smartscreen/index.md
items:
+ - name: Overview
+ href: microsoft-defender-smartscreen/index.md
- name: Available settings
href: microsoft-defender-smartscreen/available-settings.md
- name: Enhanced Phishing Protection
From 1843aed3af813701eb7d7fdd7920ca938a499c76 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Wed, 31 May 2023 17:16:31 -0400
Subject: [PATCH 07/13] Minor updates
---
.../virus-and-threat-protection/toc.yml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/windows/security/operating-system-security/virus-and-threat-protection/toc.yml b/windows/security/operating-system-security/virus-and-threat-protection/toc.yml
index ed1ff2ce5d..9f7c2d6f2f 100644
--- a/windows/security/operating-system-security/virus-and-threat-protection/toc.yml
+++ b/windows/security/operating-system-security/virus-and-threat-protection/toc.yml
@@ -1,13 +1,13 @@
items:
- name: Microsoft Defender Antivirus 🔗
href: /microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows
- - name: Configuring LSA Protection 🔗
+ - name: Configuring LSA Protection
href: /windows-server/security/credentials-protection-and-management/configuring-additional-lsa-protection?toc=/windows/security/toc.json&bc=/windows/security/breadcrumb/toc.json
- name: Attack surface reduction (ASR) 🔗
href: /microsoft-365/security/defender-endpoint/attack-surface-reduction
- name: Tamper protection for MDE 🔗
href: /microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection
- - name: Microsoft Vulnerable Driver Blocklist
+ - name: Microsoft Vulnerable Driver Blocklist 🔗
href: ../../threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
- name: Controlled folder access 🔗
href: /microsoft-365/security/defender-endpoint/controlled-folders
From e56bb71afb5bb9988a004a921873eda2eb50b70a Mon Sep 17 00:00:00 2001
From: Stephanie Savell <101299710+v-stsavell@users.noreply.github.com>
Date: Wed, 31 May 2023 17:56:47 -0500
Subject: [PATCH 08/13] Update policy-csp-admx-windowsexplorer.md
---
.../client-management/mdm/policy-csp-admx-windowsexplorer.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md b/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
index a6a0c31774..0b0bcc91c9 100644
--- a/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
+++ b/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
@@ -105,7 +105,7 @@ This setting allows an administrator to revert specific Windows Shell behavior t
- If you enable this setting, users can't configure their system to open items by single-clicking (such as in Mouse in Control Panel). As a result, the user interface looks and operates like the interface for Windows NT 4.0, and users can't restore the new features.
-Enabling this policy will also turn off the preview pane and set the folder options for File Explorer to Use classic folders view and disable the users ability to change these options.
+Enabling this policy will also turn off the preview pane and set the folder options for File Explorer to Use classic folders view and disable the user's ability to change these options.
- If you disable or not configure this policy, the default File Explorer behavior is applied to the user.
From 5fb61d00537a44b72c1276b24ca40e22985fda8a Mon Sep 17 00:00:00 2001
From: Stephanie Savell <101299710+v-stsavell@users.noreply.github.com>
Date: Wed, 31 May 2023 17:57:59 -0500
Subject: [PATCH 09/13] Update policy-csp-admx-windowsexplorer.md
---
.../client-management/mdm/policy-csp-admx-windowsexplorer.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md b/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
index 0b0bcc91c9..3228cd240a 100644
--- a/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
+++ b/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
@@ -3967,7 +3967,7 @@ To remove network computers from lists of network resources, use the "No Entire
-Configures the list of items displayed in the Places Bar in the Windows File/Open dialog. If enable this setting you can specify from 1 to 5 items to be displayed in the Places Bar.
+Configures the list of items displayed in the Places Bar in the Windows File/Open dialog. If this setting is enabled, you can specify from 1 to 5 items to be displayed in the Places Bar.
The valid items you may display in the Places Bar are:
From 9bd5540deeda02a8cc91a9c40a2295789187f057 Mon Sep 17 00:00:00 2001
From: Stephanie Savell <101299710+v-stsavell@users.noreply.github.com>
Date: Wed, 31 May 2023 17:58:40 -0500
Subject: [PATCH 10/13] Update policy-csp-admx-windowsexplorer.md
---
.../client-management/mdm/policy-csp-admx-windowsexplorer.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md b/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
index 3228cd240a..31a46e1227 100644
--- a/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
+++ b/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
@@ -3971,7 +3971,7 @@ Configures the list of items displayed in the Places Bar in the Windows File/Ope
The valid items you may display in the Places Bar are:
-1) Shortcuts to a local folders -- (ex. C:\Windows)
+1) Shortcuts to a local folder -- (ex. C:\Windows)
2) Shortcuts to remote folders -- (\\server\share)
From 985269e3aee8e57e74947c2918ffb49ee7db395b Mon Sep 17 00:00:00 2001
From: Stephanie Savell <101299710+v-stsavell@users.noreply.github.com>
Date: Wed, 31 May 2023 18:03:52 -0500
Subject: [PATCH 11/13] Update policy-csp-admx-windowsexplorer.md
---
.../client-management/mdm/policy-csp-admx-windowsexplorer.md | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md b/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
index 31a46e1227..d93f4952bf 100644
--- a/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
+++ b/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
@@ -3173,9 +3173,7 @@ If you enable this setting, the system removes the Map Network Drive and Disconn
This setting doesn't prevent users from connecting to another computer by typing the name of a shared folder in the Run dialog box.
> [!NOTE]
->
-
-This setting was documented incorrectly on the Explain tab in Group Policy for Windows 2000. The Explain tab states incorrectly that this setting prevents users from connecting and disconnecting drives.
+> This setting was documented incorrectly on the Explain tab in Group Policy for Windows 2000. The Explain tab states incorrectly that this setting prevents users from connecting and disconnecting drives.
> [!NOTE]
> It's a requirement for third-party applications with Windows 2000 or later certification to adhere to this setting.
From 665c066ad0a0dbb0cba042d9652e9e342c95713d Mon Sep 17 00:00:00 2001
From: Stephanie Savell <101299710+v-stsavell@users.noreply.github.com>
Date: Wed, 31 May 2023 18:39:59 -0500
Subject: [PATCH 12/13] Adding .md to TOC entries
---
.../virus-and-threat-protection/toc.yml | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/windows/security/operating-system-security/virus-and-threat-protection/toc.yml b/windows/security/operating-system-security/virus-and-threat-protection/toc.yml
index 9f7c2d6f2f..36969190cd 100644
--- a/windows/security/operating-system-security/virus-and-threat-protection/toc.yml
+++ b/windows/security/operating-system-security/virus-and-threat-protection/toc.yml
@@ -1,18 +1,18 @@
items:
- name: Microsoft Defender Antivirus 🔗
- href: /microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows
+ href: /microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows.md
- name: Configuring LSA Protection
href: /windows-server/security/credentials-protection-and-management/configuring-additional-lsa-protection?toc=/windows/security/toc.json&bc=/windows/security/breadcrumb/toc.json
- name: Attack surface reduction (ASR) 🔗
- href: /microsoft-365/security/defender-endpoint/attack-surface-reduction
+ href: /microsoft-365/security/defender-endpoint/attack-surface-reduction.md
- name: Tamper protection for MDE 🔗
- href: /microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection
+ href: /microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection.md
- name: Microsoft Vulnerable Driver Blocklist 🔗
href: ../../threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
- name: Controlled folder access 🔗
- href: /microsoft-365/security/defender-endpoint/controlled-folders
+ href: /microsoft-365/security/defender-endpoint/controlled-folders.md
- name: Exploit protection 🔗
- href: /microsoft-365/security/defender-endpoint/exploit-protection
+ href: /microsoft-365/security/defender-endpoint/exploit-protection.md
- name: Microsoft Defender SmartScreen
items:
- name: Overview
@@ -22,4 +22,4 @@ items:
- name: Enhanced Phishing Protection
href: microsoft-defender-smartscreen/enhanced-phishing-protection.md
- name: Microsoft Defender for Endpoint 🔗
- href: /microsoft-365/security/defender-endpoint
+ href: /microsoft-365/security/defender-endpoint.md
From d3c0671866621f8ee103c2bfa7cdfbad8ae147fd Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Thu, 1 Jun 2023 10:38:19 -0400
Subject: [PATCH 13/13] Remove .md again and fix empty link
---
.../virus-and-threat-protection/toc.yml | 12 ++++++------
.../overview-of-threat-mitigations-in-windows-10.md | 2 +-
2 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/windows/security/operating-system-security/virus-and-threat-protection/toc.yml b/windows/security/operating-system-security/virus-and-threat-protection/toc.yml
index 36969190cd..9f7c2d6f2f 100644
--- a/windows/security/operating-system-security/virus-and-threat-protection/toc.yml
+++ b/windows/security/operating-system-security/virus-and-threat-protection/toc.yml
@@ -1,18 +1,18 @@
items:
- name: Microsoft Defender Antivirus 🔗
- href: /microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows.md
+ href: /microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows
- name: Configuring LSA Protection
href: /windows-server/security/credentials-protection-and-management/configuring-additional-lsa-protection?toc=/windows/security/toc.json&bc=/windows/security/breadcrumb/toc.json
- name: Attack surface reduction (ASR) 🔗
- href: /microsoft-365/security/defender-endpoint/attack-surface-reduction.md
+ href: /microsoft-365/security/defender-endpoint/attack-surface-reduction
- name: Tamper protection for MDE 🔗
- href: /microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection.md
+ href: /microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection
- name: Microsoft Vulnerable Driver Blocklist 🔗
href: ../../threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
- name: Controlled folder access 🔗
- href: /microsoft-365/security/defender-endpoint/controlled-folders.md
+ href: /microsoft-365/security/defender-endpoint/controlled-folders
- name: Exploit protection 🔗
- href: /microsoft-365/security/defender-endpoint/exploit-protection.md
+ href: /microsoft-365/security/defender-endpoint/exploit-protection
- name: Microsoft Defender SmartScreen
items:
- name: Overview
@@ -22,4 +22,4 @@ items:
- name: Enhanced Phishing Protection
href: microsoft-defender-smartscreen/enhanced-phishing-protection.md
- name: Microsoft Defender for Endpoint 🔗
- href: /microsoft-365/security/defender-endpoint.md
+ href: /microsoft-365/security/defender-endpoint
diff --git a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
index 5c41c76d73..29afee340a 100644
--- a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
+++ b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md
@@ -84,7 +84,7 @@ Windows Defender SmartScreen notifies users if they click on reported phishing a
For Windows 10, Microsoft improved SmartScreen (now called Windows Defender SmartScreen) protection capability by integrating its app reputation abilities into the operating system itself, which allows Windows Defender SmartScreen to check the reputation of files downloaded from the Internet and warn users when they're about to run a high-risk downloaded file. The first time a user runs an app that originates from the Internet, Windows Defender SmartScreen checks the reputation of the application by using digital signatures and other factors against a service that Microsoft maintains. If the app lacks a reputation or is known to be malicious, Windows Defender SmartScreen warns the user or blocks execution entirely, depending on how the administrator has configured Microsoft Intune or Group Policy settings.
-For more information, see [Microsoft Defender SmartScreen overview]().
+For more information, see [Microsoft Defender SmartScreen overview](/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/).
### Microsoft Defender Antivirus