From 5f957811dea460ce13d9381b1c8e045e75552381 Mon Sep 17 00:00:00 2001 From: Meghana Athavale Date: Fri, 3 Dec 2021 16:27:03 +0530 Subject: [PATCH 1/8] 5560668-part8-remaining files updated with URLs --- browsers/internet-explorer/internet-explorer.yml | 4 ++-- windows/configuration/ue-v/uev-release-notes-1607.md | 2 +- .../update/olympia/olympia-enrollment-guidelines.md | 4 ++-- windows/deployment/upgrade/quick-fixes.md | 2 +- windows/security/threat-protection/auditing/event-4908.md | 2 +- .../overview-of-threat-mitigations-in-windows-10.md | 2 +- 6 files changed, 8 insertions(+), 8 deletions(-) diff --git a/browsers/internet-explorer/internet-explorer.yml b/browsers/internet-explorer/internet-explorer.yml index 6aa0242523..68b6be4505 100644 --- a/browsers/internet-explorer/internet-explorer.yml +++ b/browsers/internet-explorer/internet-explorer.yml @@ -31,7 +31,7 @@ landingContent: - text: Use Enterprise Mode to improve compatibility url: /microsoft-edge/deploy/emie-to-improve-compatibility - text: Lifecycle FAQ - Internet Explorer - url: https://support.microsoft.com/help/17454/lifecycle-faq-internet-explorer + url: /lifecycle/faq/internet-explorer-microsoft-edge - linkListType: download links: - text: Download IE11 with Windows 10 @@ -123,7 +123,7 @@ landingContent: - text: Group Policy preferences for IE11 url: ./ie11-deploy-guide/group-policy-preferences-and-ie11.md - text: Configure Group Policy preferences - url: https://support.microsoft.com/help/2898604/how-to-configure-group-policy-preference-settings-for-internet-explorer-11-in-windows-8.1-or-windows-server-2012-r2 + url: /troubleshoot/browsers/how-to-configure-group-policy-preference-settings - text: Blocked out-of-date ActiveX controls url: ./ie11-deploy-guide/blocked-out-of-date-activex-controls.md - text: Out-of-date ActiveX control blocking diff --git a/windows/configuration/ue-v/uev-release-notes-1607.md b/windows/configuration/ue-v/uev-release-notes-1607.md index 91fb17d0de..2e2e1408c0 100644 --- a/windows/configuration/ue-v/uev-release-notes-1607.md +++ b/windows/configuration/ue-v/uev-release-notes-1607.md @@ -112,7 +112,7 @@ This section contains hotfixes and KB articles for UE-V. | 2769631 | How to repair a corrupted UE-V install | [support.microsoft.com/kb/2769631](https://support.microsoft.com/kb/2769631) | | 2850989 | Migrating MAPI profiles with Microsoft UE-V is not supported | [support.microsoft.com/kb/2850989](https://support.microsoft.com/kb/2850989) | | 2769586 | UE-V roams empty folders and registry keys | [support.microsoft.com/kb/2769586](https://support.microsoft.com/kb/2769586) | -| 2782997 | How To Enable Debug Logging in Microsoft User Experience Virtualization (UE-V) | [support.microsoft.com/kb/2782997](https://support.microsoft.com/kb/2782997) | +| 2782997 | How To Enable Debug Logging in Microsoft User Experience Virtualization (UE-V) | [support.microsoft.com/kb/2782997](/troubleshoot/windows-client/ue-v/enable-debug-logging) | | 2769570 | UE-V does not update the theme on RDS or VDI sessions | [support.microsoft.com/kb/2769570](https://support.microsoft.com/kb/2769570) | | 2850582 | How To Use Microsoft User Experience Virtualization With App-V Applications | [support.microsoft.com/kb/2850582](https://support.microsoft.com/kb/2850582) | | 3041879 | Current file versions for Microsoft User Experience Virtualization | [support.microsoft.com/kb/3041879](https://support.microsoft.com/kb/3041879) | diff --git a/windows/deployment/update/olympia/olympia-enrollment-guidelines.md b/windows/deployment/update/olympia/olympia-enrollment-guidelines.md index 1c557d6128..eb22188154 100644 --- a/windows/deployment/update/olympia/olympia-enrollment-guidelines.md +++ b/windows/deployment/update/olympia/olympia-enrollment-guidelines.md @@ -53,7 +53,7 @@ Choose one of the following two enrollment options: This is the Bring Your Own Device (BYOD) method--your device will receive Olympia policies and features, but a new account will not be created. See [Set up Azure Active Directory registered Windows 10 devices](/azure/active-directory/device-management-azuread-registered-devices-windows10-setup) for additional information. -1. Go to **Start > Settings > Accounts > Access work or school**. To see this setting, you need to have administrator rights to your device (see [local administrator](https://support.microsoft.com/instantanswers/5de907f1-f8ba-4fd9-a89d-efd23fee918c/create-a-local-user-or-administrator-account-in-windows-10)). +1. Go to **Start > Settings > Accounts > Access work or school**. To see this setting, you need to have administrator rights to your device (see [local administrator](https://support.microsoft.com/windows/create-a-local-user-or-administrator-account-in-windows-20de74e0-ac7f-3502-a866-32915af2a34d)). ![Settings -> Accounts.](images/1-1.png) @@ -92,7 +92,7 @@ This is the Bring Your Own Device (BYOD) method--your device will receive Olympi > [!NOTE] > Make sure that you save your Pro license key before upgrading to the Enterprise edition. If the device gets disconnected from Olympia, you can use the Pro key to reactivate the license manually in the unlikely event that the license fails to downgrade back to Pro automatically. To reactivate manually, see [Upgrade by manually entering a product key](../../upgrade/windows-10-edition-upgrades.md#upgrade-by-manually-entering-a-product-key). -1. Go to **Start > Settings > Accounts > Access work or school**. To see this setting, you need to have administrator rights to your device (see [local administrator](https://support.microsoft.com/instantanswers/5de907f1-f8ba-4fd9-a89d-efd23fee918c/create-a-local-user-or-administrator-account-in-windows-10)). +1. Go to **Start > Settings > Accounts > Access work or school**. To see this setting, you need to have administrator rights to your device (see [local administrator](https://support.microsoft.com/windows/create-a-local-user-or-administrator-account-in-windows-20de74e0-ac7f-3502-a866-32915af2a34d)). ![Settings -> Accounts.](images/1-1.png) diff --git a/windows/deployment/upgrade/quick-fixes.md b/windows/deployment/upgrade/quick-fixes.md index d9c4e34fd7..ed61e6c2c4 100644 --- a/windows/deployment/upgrade/quick-fixes.md +++ b/windows/deployment/upgrade/quick-fixes.md @@ -240,4 +240,4 @@ If you downloaded the SetupDiag.exe program to your computer, then copied it to
[Windows 10 Enterprise system requirements](https://technet.microsoft.com/windows/dn798752.aspx)
[Windows 10 Specifications](https://www.microsoft.com/windows/Windows-10-specifications)
[Windows 10 IT pro forums](https://social.technet.microsoft.com/Forums/en-US/home?category=Windows10ITPro) -
[Fix Windows Update errors by using the DISM or System Update Readiness tool](https://support.microsoft.com/kb/947821) \ No newline at end of file +
[Fix Windows Update errors by using the DISM or System Update Readiness tool](/troubleshoot/windows-server/deployment/fix-windows-update-errors) \ No newline at end of file diff --git a/windows/security/threat-protection/auditing/event-4908.md b/windows/security/threat-protection/auditing/event-4908.md index e59ae0559b..6abe5282a4 100644 --- a/windows/security/threat-protection/auditing/event-4908.md +++ b/windows/security/threat-protection/auditing/event-4908.md @@ -33,7 +33,7 @@ More information about Special Groups auditing can be found here: - + > **Note**  For recommendations, see [Security Monitoring Recommendations](#security-monitoring-recommendations) for this event. diff --git a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md index fdd4c1c7d4..6bb026c848 100644 --- a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md +++ b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md @@ -300,7 +300,7 @@ Some of the protections available in Windows 10 are provided through functions t ## Understanding Windows 10 in relation to the Enhanced Mitigation Experience Toolkit -You might already be familiar with the [Enhanced Mitigation Experience Toolkit (EMET)](https://support.microsoft.com/kb/2458544), which has since 2009 offered various exploit mitigations, and an interface for configuring those mitigations. You can use this section to understand how EMET mitigations relate to those mitigations in Windows 10. Many of EMET's mitigations have been built into Windows 10, some with extra improvements. However, some EMET mitigations carry high-performance cost, or appear to be relatively ineffective against modern threats, and therefore have not been brought into Windows 10. +You might already be familiar with the [Enhanced Mitigation Experience Toolkit (EMET)](https://support.microsoft.com/topic/emet-mitigations-guidelines-b529d543-2a81-7b5a-d529-84b30e1ecee0), which has since 2009 offered various exploit mitigations, and an interface for configuring those mitigations. You can use this section to understand how EMET mitigations relate to those mitigations in Windows 10. Many of EMET's mitigations have been built into Windows 10, some with extra improvements. However, some EMET mitigations carry high-performance cost, or appear to be relatively ineffective against modern threats, and therefore have not been brought into Windows 10. Because many of EMET's mitigations and security mechanisms already exist in Windows 10 and have been improved, particularly the ones assessed to have high effectiveness at mitigating known bypasses, version 5.5*x* has been announced as the final major version release for EMET (see [Enhanced Mitigation Experience Toolkit](https://web.archive.org/web/20170928073955/https://technet.microsoft.com/en-US/security/jj653751)). From 63ed1a032d732c6012a7b40017f27b74fbdf5bf5 Mon Sep 17 00:00:00 2001 From: Meghana Athavale Date: Fri, 3 Dec 2021 16:42:04 +0530 Subject: [PATCH 2/8] fixed suggestion --- windows/security/threat-protection/auditing/event-4908.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/auditing/event-4908.md b/windows/security/threat-protection/auditing/event-4908.md index 6abe5282a4..22e010e5b9 100644 --- a/windows/security/threat-protection/auditing/event-4908.md +++ b/windows/security/threat-protection/auditing/event-4908.md @@ -33,7 +33,7 @@ More information about Special Groups auditing can be found here: - + > **Note**  For recommendations, see [Security Monitoring Recommendations](#security-monitoring-recommendations) for this event. From c5a01f4f8cb0011962f6eb573f884d6644c7fd38 Mon Sep 17 00:00:00 2001 From: Mandi Ohlinger Date: Tue, 14 Dec 2021 16:48:55 -0500 Subject: [PATCH 3/8] Removed broken KB links: Couldn't find replacements --- .../ue-v/uev-release-notes-1607.md | 38 +++++-------------- 1 file changed, 9 insertions(+), 29 deletions(-) diff --git a/windows/configuration/ue-v/uev-release-notes-1607.md b/windows/configuration/ue-v/uev-release-notes-1607.md index 2e2e1408c0..875c435895 100644 --- a/windows/configuration/ue-v/uev-release-notes-1607.md +++ b/windows/configuration/ue-v/uev-release-notes-1607.md @@ -28,12 +28,12 @@ With the release of Windows 10, version 1607, the Company Settings Center was re Administrators can still define which user-customized application settings can synchronize (roam) with Group Policy or Windows PowerShell. -**Note** With the removal of the Company Settings Center, the following group policies are no longer applicable: - -- Contact IT Link Text -- Contact IT URL -- Tray Icon - +> [!NOTE] +> With the removal of the Company Settings Center, the following group policies are no longer applicable: +> +> - Contact IT Link Text +> - Contact IT URL +> - Tray Icon ### Upgrading from UE-V 1.0 to the in-box version of UE-V is blocked @@ -99,31 +99,11 @@ Operating system settings for Narrator and currency characters specific to the l WORKAROUND: None -## Hotfixes and Knowledge Base articles for UE-V - -This section contains hotfixes and KB articles for UE-V. - -| KB Article | Title | Link | -|------------|---------|--------| -| 3018608 | UE-V - TemplateConsole.exe crashes when UE-V WMI classes are missing | [support.microsoft.com/kb/3018608](https://support.microsoft.com/kb/3018608) | -| 2903501 | UE-V: User Experience Virtualization (UE-V) compatibility with user profiles | [support.microsoft.com/kb/2903501](https://support.microsoft.com/kb/2903501) | -| 2770042 | UE-V Registry Settings | [support.microsoft.com/kb/2770042](https://support.microsoft.com/kb/2770042) | -| 2847017 | Internet Explorer settings replicated by UE-V | [support.microsoft.com/kb/2847017](https://support.microsoft.com/kb/2847017) | -| 2769631 | How to repair a corrupted UE-V install | [support.microsoft.com/kb/2769631](https://support.microsoft.com/kb/2769631) | -| 2850989 | Migrating MAPI profiles with Microsoft UE-V is not supported | [support.microsoft.com/kb/2850989](https://support.microsoft.com/kb/2850989) | -| 2769586 | UE-V roams empty folders and registry keys | [support.microsoft.com/kb/2769586](https://support.microsoft.com/kb/2769586) | -| 2782997 | How To Enable Debug Logging in Microsoft User Experience Virtualization (UE-V) | [support.microsoft.com/kb/2782997](/troubleshoot/windows-client/ue-v/enable-debug-logging) | -| 2769570 | UE-V does not update the theme on RDS or VDI sessions | [support.microsoft.com/kb/2769570](https://support.microsoft.com/kb/2769570) | -| 2850582 | How To Use Microsoft User Experience Virtualization With App-V Applications | [support.microsoft.com/kb/2850582](https://support.microsoft.com/kb/2850582) | -| 3041879 | Current file versions for Microsoft User Experience Virtualization | [support.microsoft.com/kb/3041879](https://support.microsoft.com/kb/3041879) | -| 2843592 | Information on User Experience Virtualization and High Availability | [support.microsoft.com/kb/2843592](https://support.microsoft.com/kb/2843592) | - - - - - **Additional resources for this feature** +- [UE-V Registry Settings](troubleshoot/windows-client/ue-v/ue-v-registry-settings) + +- [How To Enable Debug Logging in Microsoft User Experience Virtualization (UE-V)(/troubleshoot/windows-client/ue-v/enable-debug-logging) - [User Experience Virtualization](uev-for-windows.md) From d37032badc344f162202d02f5252b80311f270d4 Mon Sep 17 00:00:00 2001 From: Mandi Ohlinger Date: Tue, 14 Dec 2021 16:53:01 -0500 Subject: [PATCH 4/8] Links --- .../threat-protection/auditing/event-4908.md | 22 +++++++++---------- 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/windows/security/threat-protection/auditing/event-4908.md b/windows/security/threat-protection/auditing/event-4908.md index 22e010e5b9..5173543a28 100644 --- a/windows/security/threat-protection/auditing/event-4908.md +++ b/windows/security/threat-protection/auditing/event-4908.md @@ -16,10 +16,9 @@ ms.technology: windows-sec # 4908(S): Special Groups Logon table modified. +:::image type="content" source="images/event-4908.png" alt-text="Event 4908 illustration"::: -Event 4908 illustration - -***Subcategory:*** [Audit Policy Change](audit-audit-policy-change.md) +***Subcategory:*** [Audit Policy Change](audit-audit-policy-change.md) ***Event Description:*** @@ -29,18 +28,16 @@ This event also generates during system startup. This event is always logged regardless of the "Audit Policy Change" sub-category setting. -More information about Special Groups auditing can be found here: +For more information about Special Groups auditing, see [4908(S): Special Groups Logon table modified](/windows/security/threat-protection/auditing/event-4908). - - - - -> **Note**  For recommendations, see [Security Monitoring Recommendations](#security-monitoring-recommendations) for this event. +> [!NOTE] +> For recommendations, see [Security Monitoring Recommendations](#security-monitoring-recommendations) for this event.
***Event XML:*** -``` + +```xml - - @@ -75,11 +72,12 @@ More information about Special Groups auditing can be found here: **Special Groups** \[Type = UnicodeString\]**:** contains current list of SIDs (groups or accounts) which are members of Special Groups. Event Viewer automatically tries to resolve SIDs and show the account name. If the SID cannot be resolved, you will see the source data in the event. -> **Note**  A **security identifier (SID)** is a unique value of variable length used to identify a trustee (security principal). Each account has a unique SID that is issued by an authority, such as an Active Directory domain controller, and stored in a security database. Each time a user logs on, the system retrieves the SID for that user from the database and places it in the access token for that user. The system uses the SID in the access token to identify the user in all subsequent interactions with Windows security. When a SID has been used as the unique identifier for a user or group, it cannot ever be used again to identify another user or group. For more information about SIDs, see [Security identifiers](/windows/access-protection/access-control/security-identifiers). +> [!NOTE] +> A **security identifier (SID)** is a unique value of variable length used to identify a trustee (security principal). Each account has a unique SID that is issued by an authority, such as an Active Directory domain controller, and stored in a security database. Each time a user logs on, the system retrieves the SID for that user from the database and places it in the access token for that user. The system uses the SID in the access token to identify the user in all subsequent interactions with Windows security. When a SID has been used as the unique identifier for a user or group, it cannot ever be used again to identify another user or group. For more information about SIDs, see [Security identifiers](/windows/access-protection/access-control/security-identifiers). “HKEY\_LOCAL\_MACHINE\\SYSTEM\\ControlSet001\\Control\\Lsa\\Audit\\SpecialGroups” registry value contains current list of SIDs which are included in Special Groups: -Registry Editor Audit key illustration +:::image type="content" source="images/registry-editor-audit.png" alt-text="Registry Editor Audit key illustration"::: ## Security Monitoring Recommendations From 2c72890160114ccf970bf887caac4d19602ee2f2 Mon Sep 17 00:00:00 2001 From: Mandi Ohlinger Date: Tue, 14 Dec 2021 17:04:49 -0500 Subject: [PATCH 5/8] Fixed validation warnings --- windows/configuration/ue-v/uev-release-notes-1607.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/configuration/ue-v/uev-release-notes-1607.md b/windows/configuration/ue-v/uev-release-notes-1607.md index 875c435895..ad7afab8b0 100644 --- a/windows/configuration/ue-v/uev-release-notes-1607.md +++ b/windows/configuration/ue-v/uev-release-notes-1607.md @@ -101,7 +101,7 @@ WORKAROUND: None **Additional resources for this feature** -- [UE-V Registry Settings](troubleshoot/windows-client/ue-v/ue-v-registry-settings) +- [UE-V Registry Settings](/troubleshoot/windows-client/ue-v/ue-v-registry-settings) - [How To Enable Debug Logging in Microsoft User Experience Virtualization (UE-V)(/troubleshoot/windows-client/ue-v/enable-debug-logging) From 9a22f72cb7f65d35a2ac673e2402fb4309f0ee0e Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 14 Dec 2021 18:57:43 -0800 Subject: [PATCH 6/8] Fix broken link in new content --- windows/configuration/ue-v/uev-release-notes-1607.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/configuration/ue-v/uev-release-notes-1607.md b/windows/configuration/ue-v/uev-release-notes-1607.md index ad7afab8b0..e648b9ed6b 100644 --- a/windows/configuration/ue-v/uev-release-notes-1607.md +++ b/windows/configuration/ue-v/uev-release-notes-1607.md @@ -103,7 +103,7 @@ WORKAROUND: None - [UE-V Registry Settings](/troubleshoot/windows-client/ue-v/ue-v-registry-settings) -- [How To Enable Debug Logging in Microsoft User Experience Virtualization (UE-V)(/troubleshoot/windows-client/ue-v/enable-debug-logging) +- [How To Enable Debug Logging in Microsoft User Experience Virtualization (UE-V)](/troubleshoot/windows-client/ue-v/enable-debug-logging) - [User Experience Virtualization](uev-for-windows.md) From 2d43e91baf31f1508ae7f92321762b0b82d8b480 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 14 Dec 2021 19:01:23 -0800 Subject: [PATCH 7/8] Fix broken link from PR 2687 This commit fixes a broken link that was added in PR https://github.com/MicrosoftDocs/windows-docs-pr/pull/2687 --- .../deployment/update/olympia/olympia-enrollment-guidelines.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/update/olympia/olympia-enrollment-guidelines.md b/windows/deployment/update/olympia/olympia-enrollment-guidelines.md index eb22188154..91fc25dcd6 100644 --- a/windows/deployment/update/olympia/olympia-enrollment-guidelines.md +++ b/windows/deployment/update/olympia/olympia-enrollment-guidelines.md @@ -100,7 +100,7 @@ This is the Bring Your Own Device (BYOD) method--your device will receive Olympi 3. Click **Connect**, then click **Join this device to Azure Active Directory**. - ![Joining device to Azure AD.]](images/2-3.png) + ![Joining device to Azure AD.](images/2-3.png) 4. Enter your **Olympia corporate account** (e.g., username@olympia.windows.com). Click **Next**. From e7c2ca7e7718e15d5bd0e629f7b5e3a4cfc3f393 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 14 Dec 2021 19:04:50 -0800 Subject: [PATCH 8/8] Add lightbox to aid readability --- .../overview-of-threat-mitigations-in-windows-10.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md index 1771f72297..123a9eef64 100644 --- a/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md +++ b/windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md @@ -168,7 +168,7 @@ One of the most common techniques used to gain access to a system is to find a v Address Space Layout Randomization (ASLR) makes that type of attack much more difficult because it randomizes how and where important data is stored in memory. With ASLR, it is more difficult for malware to find the specific location it needs to attack. Figure 3 illustrates how ASLR works by showing how the locations of different critical Windows components can change in memory between restarts. -![ASLR at work.](images/security-fig4-aslr.png) +:::image type="content" alt-text="ASLR at work." source="images/security-fig4-aslr.png" lightbox="images/security-fig4-aslr.png"::: **Figure 3.  ASLR at work**