diff --git a/browsers/internet-explorer/internet-explorer.yml b/browsers/internet-explorer/internet-explorer.yml index 6aa0242523..68b6be4505 100644 --- a/browsers/internet-explorer/internet-explorer.yml +++ b/browsers/internet-explorer/internet-explorer.yml @@ -31,7 +31,7 @@ landingContent: - text: Use Enterprise Mode to improve compatibility url: /microsoft-edge/deploy/emie-to-improve-compatibility - text: Lifecycle FAQ - Internet Explorer - url: https://support.microsoft.com/help/17454/lifecycle-faq-internet-explorer + url: /lifecycle/faq/internet-explorer-microsoft-edge - linkListType: download links: - text: Download IE11 with Windows 10 @@ -123,7 +123,7 @@ landingContent: - text: Group Policy preferences for IE11 url: ./ie11-deploy-guide/group-policy-preferences-and-ie11.md - text: Configure Group Policy preferences - url: https://support.microsoft.com/help/2898604/how-to-configure-group-policy-preference-settings-for-internet-explorer-11-in-windows-8.1-or-windows-server-2012-r2 + url: /troubleshoot/browsers/how-to-configure-group-policy-preference-settings - text: Blocked out-of-date ActiveX controls url: ./ie11-deploy-guide/blocked-out-of-date-activex-controls.md - text: Out-of-date ActiveX control blocking diff --git a/windows/configuration/ue-v/uev-release-notes-1607.md b/windows/configuration/ue-v/uev-release-notes-1607.md index 3a7b61d729..e648b9ed6b 100644 --- a/windows/configuration/ue-v/uev-release-notes-1607.md +++ b/windows/configuration/ue-v/uev-release-notes-1607.md @@ -28,12 +28,12 @@ With the release of Windows 10, version 1607, the Company Settings Center was re Administrators can still define which user-customized application settings can synchronize (roam) with Group Policy or Windows PowerShell. -**Note** With the removal of the Company Settings Center, the following group policies are no longer applicable: - -- Contact IT Link Text -- Contact IT URL -- Tray Icon - +> [!NOTE] +> With the removal of the Company Settings Center, the following group policies are no longer applicable: +> +> - Contact IT Link Text +> - Contact IT URL +> - Tray Icon ### Upgrading from UE-V 1.0 to the in-box version of UE-V is blocked @@ -99,31 +99,11 @@ Operating system settings for Narrator and currency characters specific to the l WORKAROUND: None -## Hotfixes and Knowledge Base articles for UE-V - -This section contains hotfixes and KB articles for UE-V. - -| KB Article | Title | Link | -|------------|---------|--------| -| 3018608 | UE-V - TemplateConsole.exe crashes when UE-V WMI classes are missing | [support.microsoft.com/kb/3018608](https://support.microsoft.com/kb/3018608) | -| 2903501 | UE-V: User Experience Virtualization (UE-V) compatibility with user profiles | [support.microsoft.com/kb/2903501](https://support.microsoft.com/kb/2903501) | -| 2770042 | UE-V Registry Settings | [support.microsoft.com/kb/2770042](/troubleshoot/windows-client/ue-v/ue-v-registry-settings) | -| 2847017 | Internet Explorer settings replicated by UE-V | [support.microsoft.com/kb/2847017](https://support.microsoft.com/kb/2847017) | -| 2769631 | How to repair a corrupted UE-V install | [support.microsoft.com/kb/2769631](https://support.microsoft.com/kb/2769631) | -| 2850989 | Migrating MAPI profiles with Microsoft UE-V is not supported | [support.microsoft.com/kb/2850989](https://support.microsoft.com/kb/2850989) | -| 2769586 | UE-V roams empty folders and registry keys | [support.microsoft.com/kb/2769586](https://support.microsoft.com/kb/2769586) | -| 2782997 | How To Enable Debug Logging in Microsoft User Experience Virtualization (UE-V) | [support.microsoft.com/kb/2782997](/troubleshoot/windows-client/ue-v/enable-debug-logging) | -| 2769570 | UE-V does not update the theme on RDS or VDI sessions | [support.microsoft.com/kb/2769570](https://support.microsoft.com/kb/2769570) | -| 2850582 | How To Use Microsoft User Experience Virtualization With App-V Applications | [support.microsoft.com/kb/2850582](https://support.microsoft.com/kb/2850582) | -| 3041879 | Current file versions for Microsoft User Experience Virtualization | [support.microsoft.com/kb/3041879](https://support.microsoft.com/kb/3041879) | -| 2843592 | Information on User Experience Virtualization and High Availability | [support.microsoft.com/kb/2843592](https://support.microsoft.com/kb/2843592) | - - - - - **Additional resources for this feature** +- [UE-V Registry Settings](/troubleshoot/windows-client/ue-v/ue-v-registry-settings) + +- [How To Enable Debug Logging in Microsoft User Experience Virtualization (UE-V)](/troubleshoot/windows-client/ue-v/enable-debug-logging) - [User Experience Virtualization](uev-for-windows.md) diff --git a/windows/deployment/update/olympia/olympia-enrollment-guidelines.md b/windows/deployment/update/olympia/olympia-enrollment-guidelines.md index 1c557d6128..91fc25dcd6 100644 --- a/windows/deployment/update/olympia/olympia-enrollment-guidelines.md +++ b/windows/deployment/update/olympia/olympia-enrollment-guidelines.md @@ -53,7 +53,7 @@ Choose one of the following two enrollment options: This is the Bring Your Own Device (BYOD) method--your device will receive Olympia policies and features, but a new account will not be created. See [Set up Azure Active Directory registered Windows 10 devices](/azure/active-directory/device-management-azuread-registered-devices-windows10-setup) for additional information. -1. Go to **Start > Settings > Accounts > Access work or school**. To see this setting, you need to have administrator rights to your device (see [local administrator](https://support.microsoft.com/instantanswers/5de907f1-f8ba-4fd9-a89d-efd23fee918c/create-a-local-user-or-administrator-account-in-windows-10)). +1. Go to **Start > Settings > Accounts > Access work or school**. To see this setting, you need to have administrator rights to your device (see [local administrator](https://support.microsoft.com/windows/create-a-local-user-or-administrator-account-in-windows-20de74e0-ac7f-3502-a866-32915af2a34d)). ![Settings -> Accounts.](images/1-1.png) @@ -92,7 +92,7 @@ This is the Bring Your Own Device (BYOD) method--your device will receive Olympi > [!NOTE] > Make sure that you save your Pro license key before upgrading to the Enterprise edition. If the device gets disconnected from Olympia, you can use the Pro key to reactivate the license manually in the unlikely event that the license fails to downgrade back to Pro automatically. To reactivate manually, see [Upgrade by manually entering a product key](../../upgrade/windows-10-edition-upgrades.md#upgrade-by-manually-entering-a-product-key). -1. Go to **Start > Settings > Accounts > Access work or school**. To see this setting, you need to have administrator rights to your device (see [local administrator](https://support.microsoft.com/instantanswers/5de907f1-f8ba-4fd9-a89d-efd23fee918c/create-a-local-user-or-administrator-account-in-windows-10)). +1. Go to **Start > Settings > Accounts > Access work or school**. To see this setting, you need to have administrator rights to your device (see [local administrator](https://support.microsoft.com/windows/create-a-local-user-or-administrator-account-in-windows-20de74e0-ac7f-3502-a866-32915af2a34d)). ![Settings -> Accounts.](images/1-1.png) @@ -100,7 +100,7 @@ This is the Bring Your Own Device (BYOD) method--your device will receive Olympi 3. Click **Connect**, then click **Join this device to Azure Active Directory**. - ![Joining device to Azure AD.]](images/2-3.png) + ![Joining device to Azure AD.](images/2-3.png) 4. Enter your **Olympia corporate account** (e.g., username@olympia.windows.com). Click **Next**. diff --git a/windows/security/threat-protection/auditing/event-4908.md b/windows/security/threat-protection/auditing/event-4908.md index e59ae0559b..5173543a28 100644 --- a/windows/security/threat-protection/auditing/event-4908.md +++ b/windows/security/threat-protection/auditing/event-4908.md @@ -16,10 +16,9 @@ ms.technology: windows-sec # 4908(S): Special Groups Logon table modified. +:::image type="content" source="images/event-4908.png" alt-text="Event 4908 illustration"::: -Event 4908 illustration - -***Subcategory:*** [Audit Policy Change](audit-audit-policy-change.md) +***Subcategory:*** [Audit Policy Change](audit-audit-policy-change.md) ***Event Description:*** @@ -29,18 +28,16 @@ This event also generates during system startup. This event is always logged regardless of the "Audit Policy Change" sub-category setting. -More information about Special Groups auditing can be found here: +For more information about Special Groups auditing, see [4908(S): Special Groups Logon table modified](/windows/security/threat-protection/auditing/event-4908). - - - - -> **Note**  For recommendations, see [Security Monitoring Recommendations](#security-monitoring-recommendations) for this event. +> [!NOTE] +> For recommendations, see [Security Monitoring Recommendations](#security-monitoring-recommendations) for this event.
***Event XML:*** -``` + +```xml - - @@ -75,11 +72,12 @@ More information about Special Groups auditing can be found here: **Special Groups** \[Type = UnicodeString\]**:** contains current list of SIDs (groups or accounts) which are members of Special Groups. Event Viewer automatically tries to resolve SIDs and show the account name. If the SID cannot be resolved, you will see the source data in the event. -> **Note**  A **security identifier (SID)** is a unique value of variable length used to identify a trustee (security principal). Each account has a unique SID that is issued by an authority, such as an Active Directory domain controller, and stored in a security database. Each time a user logs on, the system retrieves the SID for that user from the database and places it in the access token for that user. The system uses the SID in the access token to identify the user in all subsequent interactions with Windows security. When a SID has been used as the unique identifier for a user or group, it cannot ever be used again to identify another user or group. For more information about SIDs, see [Security identifiers](/windows/access-protection/access-control/security-identifiers). +> [!NOTE] +> A **security identifier (SID)** is a unique value of variable length used to identify a trustee (security principal). Each account has a unique SID that is issued by an authority, such as an Active Directory domain controller, and stored in a security database. Each time a user logs on, the system retrieves the SID for that user from the database and places it in the access token for that user. The system uses the SID in the access token to identify the user in all subsequent interactions with Windows security. When a SID has been used as the unique identifier for a user or group, it cannot ever be used again to identify another user or group. For more information about SIDs, see [Security identifiers](/windows/access-protection/access-control/security-identifiers). “HKEY\_LOCAL\_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\Audit\\SpecialGroups” registry value contains current list of SIDs which are included in Special Groups: -Registry Editor Audit key illustration +:::image type="content" source="images/registry-editor-audit.png" alt-text="Registry Editor Audit key illustration"::: ## Security Monitoring Recommendations diff --git a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md index d75785dec2..123a9eef64 100644 --- a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md +++ b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md @@ -168,7 +168,7 @@ One of the most common techniques used to gain access to a system is to find a v Address Space Layout Randomization (ASLR) makes that type of attack much more difficult because it randomizes how and where important data is stored in memory. With ASLR, it is more difficult for malware to find the specific location it needs to attack. Figure 3 illustrates how ASLR works by showing how the locations of different critical Windows components can change in memory between restarts. -![ASLR at work.](images/security-fig4-aslr.png) +:::image type="content" alt-text="ASLR at work." source="images/security-fig4-aslr.png" lightbox="images/security-fig4-aslr.png"::: **Figure 3.  ASLR at work** @@ -300,7 +300,7 @@ Some of the protections available in Windows 10 are provided through functions t ## Understanding Windows 10 in relation to the Enhanced Mitigation Experience Toolkit -You might already be familiar with the [Enhanced Mitigation Experience Toolkit (EMET)](https://support.microsoft.com/kb/2458544), which has since 2009 offered various exploit mitigations, and an interface for configuring those mitigations. You can use this section to understand how EMET mitigations relate to those mitigations in Windows 10. Many of EMET's mitigations have been built into Windows 10, some with extra improvements. However, some EMET mitigations carry high-performance cost, or appear to be relatively ineffective against modern threats, and therefore have not been brought into Windows 10. +You might already be familiar with the [Enhanced Mitigation Experience Toolkit (EMET)](https://support.microsoft.com/topic/emet-mitigations-guidelines-b529d543-2a81-7b5a-d529-84b30e1ecee0), which has since 2009 offered various exploit mitigations, and an interface for configuring those mitigations. You can use this section to understand how EMET mitigations relate to those mitigations in Windows 10. Many of EMET's mitigations have been built into Windows 10, some with extra improvements. However, some EMET mitigations carry high-performance cost, or appear to be relatively ineffective against modern threats, and therefore have not been brought into Windows 10. Because many of EMET's mitigations and security mechanisms already exist in Windows 10 and have been improved, particularly the ones assessed to have high effectiveness at mitigating known bypasses, version 5.5*x* has been announced as the final major version release for EMET (see [Enhanced Mitigation Experience Toolkit](https://web.archive.org/web/20170928073955/https://technet.microsoft.com/en-US/security/jj653751)).