Merge branch 'master' into ConfigRebrand-Two

2025-05-14 06:17:22 +00:00 · 2020-01-29 15:39:14 -08:00 · 2020-01-29 15:39:14 -08:00 · c06b9c7cbb
commit c06b9c7cbb
parent ee2afb197a 1fb7a92225
220 changed files with 4697 additions and 1015 deletions
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@ -58,7 +58,7 @@
 {
 "source_path": "devices/surface/manage-surface-pro-3-firmware-updates.md",
 "redirect_url": "https://docs.microsoft.com/surface/manage-surface-driver-and-firmware-updates",
-"redirect_document_id": true
+"redirect_document_id": false
 },
 {
 "source_path": "devices/surface/update.md",
@ -981,6 +981,11 @@
 "redirect_document_id": false
 },
 {
 "source_path": "windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-alertevents-table.md",
 "redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table",
 "redirect_document_id": true
 },
 {
 "source_path": "windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-filecreationevents-table.md",
 "redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefileevents-table",
 "redirect_document_id": true
@ -15572,6 +15577,11 @@
 "redirect_document_id": false
 },
 {
 "source_path": "devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md",
 "redirect_url": "/surface/manage-surface-driver-and-firmware-updates",
 "redirect_document_id": true
 },
 {
 "source_path": "windows/deployment/planning/windows-10-1809-removed-features.md",
 "redirect_url": "https://docs.microsoft.com/windows/deployment/planning/windows-10-removed-features",
 "redirect_document_id": false
--- a/browsers/edge/microsoft-edge-kiosk-mode-deploy.md
+++ b/browsers/edge/microsoft-edge-kiosk-mode-deploy.md
@ -1,6 +1,6 @@
 ---
-title: Deploy Microsoft Edge kiosk mode
+title: Deploy Microsoft Edge Legacy kiosk mode
-description: Microsoft Edge kiosk mode works with assigned access to allow IT admins to create a tailored browsing experience designed for kiosk devices. To use Microsoft Edge kiosk mode, you must configure Microsoft Edge as an application in assigned access.
+description: Microsoft Edge Legacy kiosk mode works with assigned access to allow IT admins to create a tailored browsing experience designed for kiosk devices. To use Microsoft Edge Legacy kiosk mode, you must configure Microsoft Edge Legacy as an application in assigned access.
 ms.assetid: 
 ms.reviewer: 
 audience: itpro
@ -11,20 +11,24 @@ ms.prod: edge
 ms.sitesec: library
 ms.topic: article
 ms.localizationpriority: medium
-ms.date: 10/29/2018
+ms.date: 01/17/2020
 ---
-# Deploy Microsoft Edge kiosk mode
+# Deploy Microsoft Edge Legacy kiosk mode
->Applies to: Microsoft Edge on Windows 10, version 1809  
+>Applies to: Microsoft Edge Legacy (version 45 and earlier) on Windows 10, version 1809 or later 
 >Professional, Enterprise, and Education
 > [!NOTE]
-> You've reached the documentation for Microsoft Edge version 45 and earlier. To see the documentation for Microsoft Edge version 77 or later, go to the [Microsoft Edge documentation landing page](https://docs.microsoft.com/DeployEdge/).
+> You've reached the documentation for Microsoft Edge Legacy (version 45 and earlier.) To see the documentation for Microsoft Edge version 77 or later, go to the [Microsoft Edge documentation landing page](https://docs.microsoft.com/DeployEdge/). For information about kiosk mode in the new version of Microsoft Edge, see [Microsoft Edge kiosk mode](https://docs.microsoft.com/DeployEdge/microsoft-edge-kiosk-mode).
-In the Windows 10 October 2018 Update, we added the capability to use Microsoft Edge as a kiosk using assigned access. With assigned access, you create a tailored browsing experience locking down a Windows 10 device to only run as a single-app or multi-app kiosk.  Assigned access restricts a local standard user account so that it only has access to one or more Windows app, such as Microsoft Edge in kiosk mode.
+In the Windows 10 October 2018 Update, we added the capability to use Microsoft Edge Legacy as a kiosk using assigned access. With assigned access, you create a tailored browsing experience locking down a Windows 10 device to only run as a single-app or multi-app kiosk.  Assigned access restricts a local standard user account so that it only has access to one or more Windows app, such as Microsoft Edge Legacy in kiosk mode.
-In this topic, you learn how to configure the behavior of Microsoft Edge when it's running in kiosk mode with assigned access.  You also learn how to set up your kiosk device using either Windows Setting or Microsoft Intune or other MDM service. 
+In this topic, you'll learn: 
 - How to configure the behavior of Microsoft Edge Legacy when it's running in kiosk mode with assigned access.
 - What's required to run Microsoft Edge Legacy kiosk mode on your kiosk devices.  
 - You'll also learn how to set up your kiosk device using either Windows Setting or Microsoft Intune or an other MDM service. 
 At the end of this topic, you can find a list of [supported policies](#supported-policies-for-kiosk-mode) for kiosk mode and a [feature comparison](#feature-comparison-of-kiosk-mode-and-kiosk-browser-app) of the kiosk mode policy and kiosk browser app.  You also find instructions on how to provide us feedback or get support. 
@ -33,7 +37,7 @@ At the end of this topic, you can find a list of [supported policies](#supported
 >**Policy** = Configure kiosk mode (ConfigureKioskMode)
-Microsoft Edge kiosk mode supports four configurations types that depend on how Microsoft Edge is set up with assigned access, either as a single-app or multi-app kiosk. These configuration types help you determine what is best suited for your kiosk device or scenario.  
+Microsoft Edge Legacy kiosk mode supports four configurations types that depend on how Microsoft Edge Legacy is set up with assigned access, either as a single-app or multi-app kiosk. These configuration types help you determine what is best suited for your kiosk device or scenario.  
 - Learn about [creating a kiosk experience](https://docs.microsoft.com/windows-hardware/customize/enterprise/create-a-kiosk-image)
@ -44,15 +48,17 @@ Microsoft Edge kiosk mode supports four configurations types that depend on how
 - Learn about configuring a more secure kiosk experience: [Other settings to lock down](https://docs.microsoft.com/windows/configuration/setup-kiosk-digital-signage#other-settings-to-lock-down).
-### Important things to remember before getting started
+### Important things to note before getting started
-  The public browsing kiosk types run Microsoft Edge InPrivate mode to protect user data with a browsing experience designed for public kiosks. 
+- There are [required steps to follow](#setup- required-for-microsoft-edge-legacy-kiosk-mode) in order to use the following Microsoft Edge Legacy kiosk mode types either alongside the new version of Microsoft Edge or prevent the new version of Microsoft Edge from being installed on your kiosk device. 
-  Microsoft Edge kiosk mode has a built-in timer to help keep data safe in public browsing sessions. When the idle time (no user activity) meets the time limit, a confirmation message prompts the user to continue, and if no user activity Microsoft Edge resets the session to the default URL. By default, the idle timer is 5 minutes, but you can choose a value of your own.
+-  The public browsing kiosk types run Microsoft Edge Legacy InPrivate mode to protect user data with a browsing experience designed for public kiosks. 
 -  Microsoft Edge Legacy kiosk mode has a built-in timer to help keep data safe in public browsing sessions. When the idle time (no user activity) meets the time limit, a confirmation message prompts the user to continue, and if no user activity Microsoft Edge Legacy resets the session to the default URL. By default, the idle timer is 5 minutes, but you can choose a value of your own.
 -  Optionally, you can define a single URL for the Home button, Start page, and New Tab page. See [Supported policies for kiosk mode](#supported-policies-for-kiosk-mode) to learn more.
-  No matter which configuration type you choose, you must set up Microsoft Edge in assigned access; otherwise, Microsoft Edge ignores the settings in this policy (Configure kiosk mode/ConfigureKioskMode).<p>Learn more about assigned access:
+-  No matter which configuration type you choose, you must set up Microsoft Edge Legacy in assigned access; otherwise, Microsoft Edge Legacy ignores the settings in this policy (Configure kiosk mode/ConfigureKioskMode).<p>Learn more about assigned access:
   - [Configure kiosk and shared devices running Windows desktop editions](https://aka.ms/E489vw).
@ -65,46 +71,58 @@ Microsoft Edge kiosk mode supports four configurations types that depend on how
 [!INCLUDE [configure-kiosk-mode-supported-values-include](includes/configure-kiosk-mode-supported-values-include.md)]
-## Set up Microsoft Edge kiosk mode
+## Set up Microsoft Edge Legacy kiosk mode
-Now that you're familiar with the different kiosk mode configurations and have the one you want to use in mind, you can use one of the following methods to set up Microsoft Edge kiosk mode:
+Now that you're familiar with the different kiosk mode configurations and have the one you want to use in mind, you can use one of the following methods to set up Microsoft Edge Legacy kiosk mode:
 -   **Windows Settings.** Use only to set up a couple of single-app devices because you perform these steps physically on each device.  For a multi-app kiosk device, use Microsoft Intune or other MDM service. 
-   **Microsoft Intune or other MDM service.** Use to set up several single-app or multi-app kiosk devices. Microsoft Intune and other MDM service providers offer more options for customizing the Microsoft Edge kiosk mode experience using any of the [Supported policies for kiosk mode](#supported-policies-for-kiosk-mode).  
+-   **Microsoft Intune or other MDM service.** Use to set up several single-app or multi-app kiosk devices. Microsoft Intune and other MDM service providers offer more options for customizing the Microsoft Edge Legacy kiosk mode experience using any of the [Supported policies for kiosk mode](#supported-policies-for-kiosk-mode).  
 ### Prerequisites
- Microsoft Edge on Windows 10, version 1809 (Professional, Enterprise, and Education).
+- Microsoft Edge Legacy on Windows 10, version 1809 (Professional, Enterprise, and Education).
 - See [Setup required for Microsoft Edge Legacy kiosk mode](#setup-required-for-microsoft-edge-legacy-kiosk-mode).
 - URL to load when the kiosk launches. The URL that you provide sets the Home button, Start page, and New Tab page.
- _**For Microsoft Intune or other MDM service**_, you must have the AppUserModelID (AUMID) to set up Microsoft Edge:
+- _**For Microsoft Intune or other MDM service**_, you must have the AppUserModelID (AUMID) to set up Microsoft Edge Legacy:
  ```
  Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge
  ```
 ### Setup required for Microsoft Edge Legacy kiosk mode
 When the new version of Microsoft Edge Stable channel is installed, Microsoft Edge Legacy is hidden and all attempts to launch Microsoft Edge Legacy are redirected to the new version of Microsoft Edge. 
 To continue using Microsoft Edge Legacy kiosk mode on your kiosk devices take one of the following actions:
 - If you plan to install Microsoft Edge Stable channel, want to allow it to be installed, or it is already installed on your kiosk device set the Microsoft Edge [Allow Microsoft Edge Side by Side browser experience](https://docs.microsoft.com/DeployEdge/microsoft-edge-update-policies#allowsxs) policy to **Enabled**.
 - To prevent Microsoft Edge Stable channel from being installed on your kiosk devices deploy the Microsoft Edge [Allow installation default](https://docs.microsoft.com/DeployEdge/microsoft-edge-update-policies#installdefault) policy for Stable channel or consider using the [Blocker toolkit](https://docs.microsoft.com/DeployEdge/microsoft-edge-blocker-toolkit) to disable automatic delivery of Microsoft Edge.
 > [!NOTE]
 > For more information about accessing Microsoft Edge Legacy after installing Microsoft Edge, see [How to access the old version of Microsoft Edge](https://docs.microsoft.com/DeployEdge/microsoft-edge-sysupdate-access-old-edge).  
 ### Use Windows Settings
 Windows Settings is the simplest and the only way to set up one or a couple of single-app devices.  
 1.  On the kiosk device, open Windows Settings, and in the search field type **kiosk** and then select **Set up a kiosk (assigned access)**.
 2.  On the **Set up a kiosk** page, click **Get started**.
 3.  Type a name to create a new kiosk account, or choose an existing account from the populated list and click **Next**.
-4.  On the **Choose a kiosk app** page, select **Microsoft Edge** and then click **Next**.
+4.  On the **Choose a kiosk app** page, select **Microsoft Edge Legacy** and then click **Next**.
-5.  Select how Microsoft Edge displays when running in kiosk mode:
+5.  Select how Microsoft Edge Legacy displays when running in kiosk mode:
-    -   **As a digital sign or interactive display** - Displays a specific site in full-screen mode, running Microsoft Edge InPrivate protecting user data.   
+    -   **As a digital sign or interactive display** - Displays a specific site in full-screen mode, running Microsoft Edge Legacy InPrivate protecting user data.   
-    -   **As a public browser** - Runs a limited multi-tab version of Microsoft Edge, protecting user data.   
+    -   **As a public browser** - Runs a limited multi-tab version of Microsoft Edge Legacy, protecting user data.   
 6.  Select **Next**.
@ -124,42 +142,42 @@ Windows Settings is the simplest and the only way to set up one or a couple of s
 - User your new kiosk device. <p>
   OR<p>
- Make changes to your kiosk device. In Windows Settings, on the **Set up a kiosk** page, make your changes to **Choose a kiosk mode** and **Set up Microsoft Edge**.
+- Make changes to your kiosk device. In Windows Settings, on the **Set up a kiosk** page, make your changes to **Choose a kiosk mode** and **Set up Microsoft Edge Legacy**.
 ---  
 ### Use Microsoft Intune or other MDM service
-With this method, you can use Microsoft Intune or other MDM services to configure Microsoft Edge kiosk mode in assigned access and how it behaves on a kiosk device. To learn about a few app fundamentals and requirements before adding them to Intune, see [Add apps to Microsoft Intune](https://docs.microsoft.com/intune/apps-add).
+With this method, you can use Microsoft Intune or other MDM services to configure Microsoft Edge Legacy kiosk mode in assigned access and how it behaves on a kiosk device. To learn about a few app fundamentals and requirements before adding them to Intune, see [Add apps to Microsoft Intune](https://docs.microsoft.com/intune/apps-add).
 >[!IMPORTANT]
 >If you are using a local account as a kiosk account in Microsoft Intune, make sure to sign into this account and then sign out before configuring the kiosk device.
 1. In Microsoft Intune or other MDM service, configure [AssignedAccess](https://docs.microsoft.com/windows/client-management/mdm/assignedaccess-csp) to prevent users from accessing the file system, running executables, or other apps.
-2. Configure the following MDM settings to setup Microsoft Edge kiosk mode on the kiosk device and then restart the device.
+2. Configure the following MDM settings to setup Microsoft Edge Legacy kiosk mode on the kiosk device and then restart the device.
   |   |   |
   |---|---|
-   | **[ConfigureKioskMode](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-configurekioskmode)**<p>![](images/icon-thin-line-computer.png) | Configure the display mode for Microsoft Edge as a kiosk app.<p><p>**URI full path:** ./Vendor/MSFT/Policy/Config/Browser/ConfigureKioskMode<p>**Data type:**  Integer<p>**Allowed values:**<ul><li>**Single-app kiosk experience**<ul><li>**0** - Digital signage and interactive display</li><li>**1** - InPrivate Public browsing</li></ul></li><li>**Multi-app kiosk experience**<ul><li>**0** - Normal Microsoft Edge running in assigned access</li><li>**1** - InPrivate public browsing with other apps</li></ul></li></ul> |
+   | **[ConfigureKioskMode](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-configurekioskmode)**<p>![](images/icon-thin-line-computer.png) | Configure the display mode for Microsoft Edge Legacy as a kiosk app.<p><p>**URI full path:** ./Vendor/MSFT/Policy/Config/Browser/ConfigureKioskMode<p>**Data type:**  Integer<p>**Allowed values:**<ul><li>**Single-app kiosk experience**<ul><li>**0** - Digital signage and interactive display</li><li>**1** - InPrivate Public browsing</li></ul></li><li>**Multi-app kiosk experience**<ul><li>**0** - Normal Microsoft Edge Legacy running in assigned access</li><li>**1** - InPrivate public browsing with other apps</li></ul></li></ul> |
-   | **[ConfigureKioskResetAfterIdleTimeout](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-configurekioskresetafteridletimeout)**<p>![](images/icon-thin-line-computer.png) | Change the time in minutes from the last user activity before Microsoft Edge kiosk mode resets the user's session.<p><p>**URI full path:** ./Vendor/MSFT/Policy/Config/Browser/ConfigureKioskResetAfterIdleTimeout<p>**Data type:** Integer<p>**Allowed values:**<ul><li>**0** - No idle timer</li><li>**1-1440 (5 minutes is the default)** - Set reset on idle timer</li></ul>  |
+   | **[ConfigureKioskResetAfterIdleTimeout](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-configurekioskresetafteridletimeout)**<p>![](images/icon-thin-line-computer.png) | Change the time in minutes from the last user activity before Microsoft Edge Legacy kiosk mode resets the user's session.<p><p>**URI full path:** ./Vendor/MSFT/Policy/Config/Browser/ConfigureKioskResetAfterIdleTimeout<p>**Data type:** Integer<p>**Allowed values:**<ul><li>**0** - No idle timer</li><li>**1-1440 (5 minutes is the default)** - Set reset on idle timer</li></ul>  |
-   | **[HomePages](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-homepages)**<p>![](images/icon-thin-line-computer.png)  | Set one or more start pages, URLs, to load when Microsoft Edge launches.<p><p>**URI full path:** ./Vendor/MSFT/Policy/Config/Browser/HomePages<p>**Data type:** String<p>**Allowed values:**<p>Enter one or more URLs, for example,<br>&nbsp;&nbsp;&nbsp;\<https://www.msn.com\>\<https:/www.bing.com\>  |
+   | **[HomePages](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-homepages)**<p>![](images/icon-thin-line-computer.png)  | Set one or more start pages, URLs, to load when Microsoft Edge Legacy launches.<p><p>**URI full path:** ./Vendor/MSFT/Policy/Config/Browser/HomePages<p>**Data type:** String<p>**Allowed values:**<p>Enter one or more URLs, for example,<br>&nbsp;&nbsp;&nbsp;\<https://www.msn.com\>\<https:/www.bing.com\>  |
   | **[ConfigureHomeButton](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-configurehomebutton)**<p>![](images/icon-thin-line-computer.png)  | Configure how the Home Button behaves.<p><p>**URI full path:** ./Vendor/MSFT/Policy/Config/Browser/ConfigureHomeButton<p>**Data type:** Integer<p> **Allowed values:**<ul><li>**0 (default)** - Not configured. Show home button, and load the default Start page.</li><li>**1** - Enabled. Show home button and load New Tab page</li><li>**2** - Enabled. Show home button & set a specific page.</li><li>**3** - Enabled. Hide the home button.</li></ul>   |
   | **[SetHomeButtonURL](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-sethomebuttonurl)**<p>![](images/icon-thin-line-computer.png)   | If you set ConfigureHomeButton to 2, configure the home button URL.<p><p>**URI full path:** ./Vendor/MSFT/Policy/Config/Browser/SetHomeButtonURL <p>**Data type:** String<p>**Allowed values:** Enter a URL, for example, https://www.bing.com   |
   | **[SetNewTabPageURL](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-setnewtabpageurl)**<p>![](images/icon-thin-line-computer.png)   | Set a custom URL for the New Tab page.<p><p>**URI full path:** ./Vendor/MSFT/Policy/Config/Browser/SetNewTabPageURL <p>**Data type:** String<p>**Allowed values:** Enter a URL, for example, https://www.msn.com    |
-**_Congratulations!_** <p>You’ve just finished setting up a kiosk or digital signage with policies for Microsoft Edge kiosk mode using Microsoft Intune or other MDM service.
+**_Congratulations!_** <p>You’ve just finished setting up a kiosk or digital signage with policies for Microsoft Edge Legacy kiosk mode using Microsoft Intune or other MDM service.
-**_What's next?_** <p>Now it's time to use your new kiosk device. Sign into the device with the kiosk account selected to run Microsoft Edge kiosk mode.
+**_What's next?_** <p>Now it's time to use your new kiosk device. Sign into the device with the kiosk account selected to run Microsoft Edge Legacy kiosk mode.
 ---
 ## Supported policies for kiosk mode
-Use any of the Microsoft Edge policies listed below to enhance the kiosk experience depending on the Microsoft Edge kiosk mode type you configure. To learn more about these policies, see [Policy CSP - Browser](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser). 
+Use any of the Microsoft Edge Legacy policies listed below to enhance the kiosk experience depending on the Microsoft Edge Legacy kiosk mode type you configure. To learn more about these policies, see [Policy CSP - Browser](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser). 
 Make sure to check with your provider for instructions.
@ -236,10 +254,11 @@ Make sure to check with your provider for instructions.
 ---  
 ## Feature comparison of kiosk mode and kiosk browser app
-In the following table, we show you the features available in both Microsoft Edge kiosk mode and Kiosk Browser app available in Microsoft Store. Both kiosk mode and kiosk browser app work in assigned access.
+
 In the following table, we show you the features available in both Microsoft Edge Legacy kiosk mode and Kiosk Browser app available in Microsoft Store. Both kiosk mode and kiosk browser app work in assigned access.
-|                        **Feature**                        |                                                                  **Microsoft Edge kiosk mode**                                                                  |                                                             **Microsoft Kiosk browser app**                                                             |
+|                        **Feature**                        |                                                                  **Microsoft Edge Legacy kiosk mode**                                                                  |                                                             **Microsoft Kiosk browser app**                                                             |
 |-----------------------------------------------------------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------:|:-------------------------------------------------------------------------------------------------------------------------------------------------------:|
 |                       Print support                       |                                                                 ![Supported](images/148767.png)                                                                 |                                                           ![Not supported](images/148766.png)                                                           |
 |                     Multi-tab support                     |                                                                 ![Supported](images/148767.png)                                                                 |                                                           ![Not supported](images/148766.png)                                                           |
@ -261,9 +280,6 @@ To prevent access to unwanted websites on your kiosk device, use Windows Defende
 ## Provide feedback or get support
-To provide feedback on Microsoft Edge kiosk mode in Feedback Hub, select **Microsoft Edge** as the  **Category**, and **All other issues** as the subcategory. 
+To provide feedback on Microsoft Edge Legacy kiosk mode in Feedback Hub, select **Microsoft Edge** as the  **Category**, and **All other issues** as the subcategory. 
 **_For multi-app kiosk only._** If you have set up the Feedback Hub in assigned access, you can you submit the feedback from the device running Microsoft Edge in kiosk mode in which you can include diagnostic logs. In the Feedback Hub, select **Microsoft Edge** as the **Category**, and **All other issues** as the subcategory.
--- a/browsers/internet-explorer/TOC.md
+++ b/browsers/internet-explorer/TOC.md
@ -186,3 +186,6 @@
 ### [IExpress Wizard command-line options](ie11-ieak/iexpress-command-line-options.md)
 ### [Internet Explorer Setup command-line options and return codes](ie11-ieak/ie-setup-command-line-options-and-return-codes.md)
 ## KB Troubleshoot
 ### [Clear the Internet Explorer cache from a command line](kb-support/clear-ie-cache-from-command-line.md)
 ### [Internet Explorer and Microsoft Edge FAQ for IT Pros](kb-support/ie-edge-faqs.md)
--- a/browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md
+++ b/browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md
@ -0,0 +1,137 @@
 ---
 title: Clear the Internet Explorer cache from a command line
 description: Introduces command-line commands and a sample batch file for clearing the IE cache.
 audience: ITPro
 manager: msmets
 author: ramakoni1
 ms.author: ramakoni
 ms.reviewer: ramakoni, DEV_Triage
 ms.prod: internet-explorer
 ms.technology:
 ms.topic: kb-support
 ms.custom: CI=111020
 ms.localizationpriority: Normal
 # localization_priority: medium
 # ms.translationtype: MT
 ms.date: 01/23/2020
 ---
 # How to clear Internet Explorer cache by using the command line
 This article outlines the procedure to clear the Internet Explorer cache by using the command line.
 ## Command line commands to clear browser cache
 1. Delete history from the Low folder  
   `del /s /q C:\Users\\%username%\AppData\Local\Microsoft\Windows\History\low\* /ah`
 2. Delete history  
   `RunDll32.exe InetCpl.cpl, ClearMyTracksByProcess 1`
 3. Delete cookies  
   `RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 2`
 4. Delete temporary internet files  
   `RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 8`
 5. Delete form data  
   `RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 16`
 6. Delete stored passwords  
   `RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 32`
 7. Delete all  
   `RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 255`
 8. Delete files and settings stored by add-ons  
   `InetCpl.cpl,ClearMyTracksByProcess 4351`
 If you upgraded from a previous version of Internet Explorer, you have to use the following commands to delete the files from older versions:  
 `RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 9`
 Command to reset Internet Explorer settings:  
 `Rundll32.exe inetcpl.cpl ResetIEtoDefaults`
 ## Sample batch file to clear Internet Explorer cache files
 A sample batch file is available that you can use to clear Internet Explorer cache files and other items. You can download the file from [https://msdnshared.blob.core.windows.net/media/2017/09/ClearIE_Cache.zip](https://msdnshared.blob.core.windows.net/media/2017/09/ClearIE_Cache.zip).
 The batch file offers the following options:
 - Delete Non-trusted web History (low-level hidden cleanup)
 - Delete History
 - Delete Cookies
 - Delete Temporary Internet Files
 - Delete Form Data
 - Delete Stored Passwords
 - Delete All
 - Delete All "Also delete files and settings stored by add-ons"
 - Delete IE10 and IE9 Temporary Internet Files
 - Resets IE Settings
 - EXIT
 **Contents of the batch file**
 ```console
@echo off
 ::  AxelR Test Batch
 ::  tested on Windows 8 + IE10, Windows7 + IE9
 :home
 cls
 COLOR 00
 echo Delete IE History
 echo Please select the task you wish to run.
 echo Pick one:
 echo.
 echo  1. Delete Non-trusted web History(low level hidden clean up)
 echo  2. Delete History
 echo  3. Delete Cookies
 echo  4. Delete Temporary Internet Files
 echo  5. Delete Form Data
 echo  6. Delete Stored Passwords
 echo  7. Delete All
 echo  8. Delete All "Also delete files and settings stored by add-ons"
 echo  9. Delete IE10 and 9 Temporary Internet Files
 echo  10. Reset IE Settings
 echo  77. EXIT
 :choice
 Echo Hit a number [1-10] and press enter.
 set /P CH=[1-10]
 if "%CH%"=="1" set x=del /s /q C:\Users\%username%\AppData\Local\Microsoft\Windows\History\low\* /ah
 if "%CH%"=="2" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 1
 if "%CH%"=="3" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 2
 if "%CH%"=="4" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 8
 if "%CH%"=="5" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 16
 if "%CH%"=="6" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 32
 if "%CH%"=="7" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 255
 if "%CH%"=="8" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 4351
 if "%CH%"=="9" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 9
 if "%CH%"=="10" set x=rundll32.exe inetcpl.cpl ResetIEtoDefaults
 if "%CH%"=="77" goto quit
 %x%
 goto Home
 ::Temporary Internet Files > Delete files - To delete copies of web pages, images, and media
 ::that  are saved for faster viewing.
 ::Cookies > Delete cookies - To delete cookies, which are files that are stored on your computer by
 ::websites to save preferences such as login information.
 ::History > Delete history - To delete the history of the websites you have visited.
 ::Form data > Delete forms - To delete all the saved information that you have typed into
 ::forms.
 ::Passwords > Delete passwords - To delete all the passwords that are automatically filled in
 ::when you log on to a website that you've previously visited.
 ::Delete all - To delete all of these listed items in one operation.
 ::enter below in search/run to see Low  history dir if exists
 ::C:\Users\%username%\AppData\Local\Microsoft\Windows\History\low
 ::Delete all low (untrusted history) very hidden
 ::this will clean any unlocked  files under the dir and not delete the dir structure
 ::del /s /q low\* /ah ::del /s /q C:\Users\%username%\AppData\Local\Microsoft\Windows\History\low\* /ah
 goto Home
 :quit
 ```
--- a/browsers/internet-explorer/kb-support/ie-edge-faqs.md
+++ b/browsers/internet-explorer/kb-support/ie-edge-faqs.md
@ -0,0 +1,222 @@
 ---
 title: IE and Microsoft Edge FAQ for IT Pros
 description: Describes frequently asked questions about Internet Explorer and Microsoft Edge for IT professionals.
 audience: ITPro
 manager: msmets
 author: ramakoni1
 ms.author: ramakoni
 ms.reviewer: ramakoni, DEV_Triage
 ms.prod: internet-explorer
 ms.technology:
 ms.topic: kb-support
 ms.custom: CI=111020
 ms.localizationpriority: Normal
 # localization_priority: medium
 # ms.translationtype: MT
 ms.date: 01/23/2020
 ---
 # Internet Explorer and Microsoft Edge frequently asked questions (FAQ) for IT Pros
 ## Cookie-related questions
 ### What is a cookie?
 An HTTP cookie (the web cookie or browser cookie) is a small piece of data that a server sends to the user's web browser. The web browser may store the cookie and return it to the server together with the next request. For example, a cookie might be used to indicate whether two requests come from the same browser in order to allow the user to remain logged-in. The cookie records stateful information for the stateless HTTP protocol.
 ### How does Internet Explorer handle cookies?
 For more information about how Internet Explorer handles cookies, see the following articles:
 - [Beware Cookie Sharing in Cross-Zone Scenarios](https://blogs.msdn.microsoft.com/ieinternals/2011/03/10/beware-cookie-sharing-in-cross-zone-scenarios/)
 - [A Quick Look at P3P](https://blogs.msdn.microsoft.com/ieinternals/2013/09/17/a-quick-look-at-p3p/)
 - [Internet Explorer Cookie Internals FAQ](https://blogs.msdn.microsoft.com/ieinternals/2009/08/20/internet-explorer-cookie-internals-faq/)
 - [Privacy Beyond Blocking Cookies](https://blogs.msdn.microsoft.com/ie/2008/08/25/privacy-beyond-blocking-cookies-bringing-awareness-to-third-party-content/)
 - [Description of Cookies](https://support.microsoft.com/help/260971/description-of-cookies)
 ### Where does Internet Explorer store cookies?
 To see where Internet Explorer stores its cookies, follow these steps:
 1. Start File Explorer.
 2. Select **Views** \> **Change folder and search options**.
 3. In the **Folder Options** dialog box, select **View**.
 4. In **Advanced settings**, select **Do not show hidden files, folders, or drivers**.
 5. Clear **Hide protected operation system files (Recommended)**.
 6. Select **Apply**.
 7. Select **OK**.
 The following are the folder locations where the cookies are stored:
 **In Windows 10**  
 C:\Users\username\AppData\Local\Microsoft\Windows\INetCache
 **In Windows 8 and Windows 8.1**  
 C:\Users\username\AppData\Local\Microsoft\Windows\INetCookies
 **In Windows 7**  
 C:\Users\username\AppData\Roaming\Microsoft\Windows\Cookies  
 C:\Users\username\AppData\Roaming\Microsoft\Windows\Cookies\Low
 ### What is the per-domain cookie limit?
 Since the June 2018 cumulative updates for Internet Explorer and Microsoft Edge, the per-domain cookie limit is increased from 50 to 180 for both browsers. The cookies vary by path. So, if the same cookie is set for the same domain but for different paths, it's essentially a new cookie.
 There's still a 5 Kilobytes (KB) limit on the size of the cookie header that is sent out. This limit can cause some cookies to be lost after they exceed that value.
 The JavaScript limitation was updated to 10 KB from 4 KB.
 For more information, see [Internet Explorer Cookie Internals (FAQ)](https://blogs.msdn.microsoft.com/ieinternals/2009/08/20/internet-explorer-cookie-internals-faq/).
 #### Additional information about cookie limits
 **What does the Cookie RFC allow?**  
 RFC 2109 defines how cookies should be implemented, and it defines minimum values that browsers support. According to the RFC, browsers would ideally have no limits on the size and number of cookies that a browser can handle. To meet the specifications, the user agent should support the following:
 - At least 300 cookies total
 - At least 20 cookies per unique host or domain name
 For practicality, individual browser makers set a limit on the total number of cookies that any one domain or unique host can set. They also limit the total number of cookies that can be stored on a computer.
 ### Cookie size limit per domain
 Some browsers also limit the amount of space that any one domain can use for cookies. This means that if your browser sets a limit of 4,096 bytes per domain for cookies, 4,096 bytes is the maximum available space in that domain even though you can set up to 180 cookies.
 ## Proxy Auto Configuration (PAC)-related questions
 ### Is an example Proxy Auto Configuration (PAC) file available?
 Here is a simple PAC file:
 ```vb
 function FindProxyForURL(url, host)
 {
 return "PROXY proxyserver:portnumber";
 }
 ```
 > [!NOTE]
 > The previous PAC always returns the **proxyserver:portnumber** proxy.
 For more information about how to write a PAC file and about the different functions in a PAC file, see [the FindProxyForURL website](https://findproxyforurl.com/).
 **Third-party information disclaimer**  
 The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.
 ### How to improve performance by using PAC scripts
 - [Browser is slow to respond when you use an automatic configuration script](https://support.microsoft.com/help/315810/browser-is-slow-to-respond-when-you-use-an-automatic-configuration-scr)
 - [Optimizing performance with automatic Proxyconfiguration scripts (PAC)](https://blogs.msdn.microsoft.com/askie/2014/02/07/optimizing-performance-with-automatic-proxyconfiguration-scripts-pac/)
 ## Other questions
 ### How to set home and start pages in Microsoft Edge and allow user editing
 For more information, see the following blog article:
 [How do I set the home page in Microsoft Edge?](https://blogs.msdn.microsoft.com/askie/2017/10/04/how-do-i-set-the-home-page-in-edge/)
 ### How to add sites to the Enterprise Mode (EMIE) site list
 For more information about how to add sites to an EMIE list, see [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.2)](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool).
 ### What is Content Security Policy (CSP)?
 By using [Content Security Policy](https://docs.microsoft.com/microsoft-edge/dev-guide/security/content-security-policy), you create an allow list of sources of trusted content in the HTTP headers. You also pre-approve certain servers for content that is loaded into a webpage, and instruct the browser to execute or render only resources from those sources. You can use this technique to prevent malicious content from being injected into sites.
 Content Security Policy is supported in all versions of Microsoft Edge. It lets web developers lock down the resources that can be used by their web application. This helps prevent [cross-site scripting](https://en.wikipedia.org/wiki/Cross-site_scripting) attacks that remain a common vulnerability on the web. However, the first version of Content Security Policy was difficult to implement on websites that used inline script elements that either pointed to script sources or contained script directly.
 CSP2 makes these scenarios easier to manage by adding support for nonces and hashes for script and style resources. A nonce is a cryptographically strong random value that is generated on each page load that appears in both the CSP policy and in the script tags on the page. Using nonces can help minimize the need to maintain a list of allowed source URL values while also allowing trusted scripts that are declared in script elements to run.
 For more information, see the following articles:
 - [Introducing support for Content Security Policy Level 2](https://blogs.windows.com/msedgedev/2017/01/10/edge-csp-2/)
 - [Content Security Policy](https://en.wikipedia.org/wiki/Content_Security_Policy)
 ### Where to find Internet Explorer security zones registry entries
 Most of the Internet Zone entries can be found in [Internet Explorer security zones registry entries for advanced users](https://support.microsoft.com/help/182569/internet-explorer-security-zones-registry-entries-for-advanced-users).
 This article was written for Internet Explorer 6 but is still applicable to Internet Explorer 11.
 The default Zone Keys are stored in the following locations:
 - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones
 - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones
 ### Why don't HTML5 videos play in Internet Explorer 11?
 To play HTML5 videos in the Internet Zone, use the default settings or make sure that the registry key value of **2701** under **Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3** is set to **0**.
 - 0 (the default value): Allow
 - 3: Disallow
 This key is read by the **URLACTION\_ALLOW\_AUDIO\_VIDEO 0x00002701** URL action flag that determines whether media elements (audio and video) are allowed in pages in a URL security zone.
 For more information, see [Unable to play HTML5 Videos in IE](https://blogs.msdn.microsoft.com/askie/2014/12/31/unable-to-play-html5-videos-in-ie/).
 For Windows 10 N and Windows KN editions, you must also download the feature pack that is discussed in [Media feature pack for Windows 10 N and Windows 10 KN editions](https://support.microsoft.com/help/3010081/media-feature-pack-for-windows-10-n-and-windows-10-kn-editions).
 For more information about how to check Windows versions, see [Which version of Windows operating system am I running?](https://support.microsoft.com/help/13443/windows-which-version-am-i-running)
 ### What is the Enterprise Mode Site List Portal?
 This is a new feature to add sites to your enterprise mode site list XML. For more information, see [Enterprise Mode Site List Portal](https://github.com/MicrosoftEdge/enterprise-mode-site-list-portal).
 ### What is Enterprise Mode Feature?
 For more information about this topic, see [Enterprise Mode and the Enterprise Mode Site List](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/what-is-enterprise-mode).
 ### Where can I obtain a list of HTTP Status codes?
 For information about this list, see [HTTP Status Codes](https://docs.microsoft.com/windows/win32/winhttp/http-status-codes).
 ### What is end of support for Internet Explorer 11?
 Internet Explorer 11 is the last major version of Internet Explorer. Internet Explorer 11 will continue receiving security updates and technical support for the lifecycle of the version of Windows on which it is installed.
 For more information, see [Lifecycle FAQ — Internet Explorer and Edge](https://support.microsoft.com/help/17454/lifecycle-faq-internet-explorer).
 ### How to configure TLS (SSL) for Internet Explorer
 For more information about how to configure TLS/SSL for Internet Explorer, see [Group Policy Setting to configure TLS/SSL](https://gpsearch.azurewebsites.net/#380).
 ### What is Site to Zone?
 Site to Zone usually refers to one of the following:
 **Site to Zone Assignment List**  
 This is a Group Policy policy setting that can be used to add sites to the various security zones.
 The Site to Zone Assignment List policy setting associates sites to zones by using the following values for the Internet security zones:
 - Intranet zone
 - Trusted Sites zone
 - Internet zone
 - Restricted Sites zone
 If you set this policy setting to **Enabled**, you can enter a list of sites and their related zone numbers. By associating a site to a zone, you can make sure that the security settings for the specified zone are applied to the site.
 **Site to Zone Mapping**  
 Site to Zone Mapping is stored as the name of the key. The protocol is a registry value that has a number that assigns it to the corresponding zone. Internet Explorer will read from the following registry subkeys for the sites that are deployed through the Site to Zone assignment list:
 - HKEY\_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
 - HKEY\_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMapKey
 **Site to Zone Assignment List policy**  
 This policy setting is available for both Computer Configuration and User Configuration:
 - Computer Configuration > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page
 - User Configuration > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page
 **References**  
 [How to configure Internet Explorer security zone sites using group polices](https://blogs.msdn.microsoft.com/askie/2012/06/05/how-to-configure-internet-explorer-security-zone-sites-using-group-polices/)
 ### What are the limits for MaxConnectionsPerServer, MaxConnectionsPer1_0Server for the current versions of Internet Explorer?
 For more information about these settings and limits, see [Connectivity Enhancements in Windows Internet Explorer 8](https://docs.microsoft.com/previous-versions/cc304129(v=vs.85)).
 ### What is the MaxConnectionsPerProxy setting, and what are the maximum allowed values for this setting?
 The **MaxConnectionsPerProxy** setting controls the number of connections that a single-user client can maintain to a given host by using a proxy server.
 For more information, see [Understanding Connection Limits and New Proxy Connection Limits in WinInet and Internet Explorer](https://blogs.msdn.microsoft.com/jpsanders/2009/06/29/understanding-connection-limits-and-new-proxy-connection-limits-in-wininet-and-internet-explorer/).
--- a/devices/surface/TOC.md
+++ b/devices/surface/TOC.md
@ -28,7 +28,7 @@
 ### [Windows Autopilot and Surface devices](windows-autopilot-and-surface-devices.md)
 ### [Deploying, managing, and servicing Surface Pro X](surface-pro-arm-app-management.md)
 ### [Surface Pro X app compatibility](surface-pro-arm-app-performance.md)
-### [Deploy the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md)
+### [Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md)
 ### [Surface Deployment Accelerator](microsoft-surface-deployment-accelerator.md)
 ### [Step by step: Surface Deployment Accelerator](step-by-step-surface-deployment-accelerator.md)
 ### [Deploy Windows 10 to Surface devices with MDT](deploy-windows-10-to-surface-devices-with-mdt.md)
@ -40,13 +40,14 @@
 ## Manage
 ### [Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md)
 ### [Optimize Wi-Fi connectivity for Surface devices](surface-wireless-connect.md)
 ### [Best practice power settings for Surface devices](maintain-optimal-power-settings-on-Surface-devices.md)
 ### [Surface Dock Firmware Update](surface-dock-firmware-update.md)
 ### [Battery Limit setting](battery-limit.md)
 ### [Surface Brightness Control](microsoft-surface-brightness-control.md)
 ### [Surface Asset Tag](assettag.md)
-### [Manage Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md)
+
 ## Secure
 ### [Intune management of Surface UEFI settings](surface-manage-dfci-guide.md)
--- a/devices/surface/change-history-for-surface.md
+++ b/devices/surface/change-history-for-surface.md
@ -18,6 +18,12 @@ ms.date: 10/21/2019
 This topic lists new and updated topics in the Surface documentation library.
 ## January 2020
 | **New or changed topic** | **Description** |
 | ------------------------ | --------------- |
 | [Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md)| Updated with the latest information and links to related articles.|
 ## October 2019
 | **New or changed topic** | **Description** |
@ -37,7 +43,7 @@ This topic lists new and updated topics in the Surface documentation library.
 | **New or changed topic** | **Description** |
 | ------------------------ | --------------- |
 | [Optimizing wireless connectivity for Surface devices](surface-wireless-connect.md)             | New document highlights key wireless connectivity considerations for Surface devices in mobile scenarios. |
-| [Deploy the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md)              | Updated to reflect minor changes in the file naming convention for Surface MSI files. |
+| [Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md)            | Updated to reflect minor changes in the file naming convention for Surface MSI files. |
 ## July 2019
@ -76,14 +82,14 @@ New or changed topic | Description
 --- | ---
 [Surface Brightness Control](microsoft-surface-brightness-control.md) | New
 [Maintain optimal power settings on Surface devices](maintain-optimal-power-settings-on-Surface-devices.md) | New
-|[Download the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md) | Added Surface Studio 2  |
+|[Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md) | Added Surface Studio 2  |
 ## November 2018
 New or changed topic | Description
 --- | ---
-|[Download the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md) | Added Surface Pro 6  |
+|[Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md) | Added Surface Pro 6  |
 [Surface Diagnostic Toolkit for Business](surface-diagnostic-toolkit-business.md) | New
 [Use Surface Diagnostic Toolkit for Business in desktop mode](surface-diagnostic-toolkit-desktop-mode.md) | New
 [Run Surface Diagnostic Toolkit for Business using commands](surface-diagnostic-toolkit-command-line.md) | New
@ -93,7 +99,7 @@ New or changed topic | Description
 New or changed topic | Description
 --- | ---
 [Battery Limit setting](battery-limit.md) | New
-|[Download the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md) | Added Surface GO  |
+|[Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md) | Added Surface GO  |
 ## May 2018
@ -121,7 +127,7 @@ New or changed topic | Description
 |New or changed topic | Description |
 | --- | --- |
-|[Download the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md) | Added Surface Book 2, Surface Laptop, Surface Pro, and Surface Pro with LTE Advanced information  |
+|[Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md) | Added Surface Book 2, Surface Laptop, Surface Pro, and Surface Pro with LTE Advanced information  |
 ## October 2017
@ -160,7 +166,7 @@ New or changed topic | Description
 |New or changed topic | Description |
 | --- | --- |
-|[Download the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md)  | Added driver info for Surface Studio; updated info for Surface Book and Surface Pro 4 (Windows 10 .zip cumulative update), Surface Pro 3 (Windows8.1-KB2969817-x64.msu), and Surface 3 (UEFI Asset Tag management tool)|
+|[Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md) | Added driver info for Surface Studio; updated info for Surface Book and Surface Pro 4 (Windows 10 .zip cumulative update), Surface Pro 3 (Windows8.1-KB2969817-x64.msu), and Surface 3 (UEFI Asset Tag management tool)|
 ## November 2016
--- a/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md
+++ b/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md
@ -1,105 +0,0 @@
 ---
 title: Deploy the latest firmware and drivers for Surface devices (Surface)
 description: This article provides a list of the available downloads for Surface devices and links to download the drivers and firmware for your device.
 ms.assetid: 7662BF68-8BF7-43F7-81F5-3580A770294A
 ms.reviewer: dansimp
 manager: kaushika
 keywords: update Surface, newest, latest, download, firmware, driver, tablet, hardware, device
 ms.localizationpriority: medium
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.pagetype: surface, devices
 ms.sitesec: library
 author: dansimp
 ms.audience: itpro
 ms.date: 11/25/2019
 ms.author: dansimp
 ms.topic: article
 ---
 # Deploy the latest firmware and drivers for Surface devices
 > **Home users:** This article is only intended for technical support agents and IT professionals, and applies only to Surface devices. If you're looking for help to install Surface updates or firmware on a home device, please see [Update Surface firmware and Windows 10](https://support.microsoft.com/help/4023505).
 Under typical conditions, Windows Update automatically keeps Windows Surface devices up-to-date by downloading and installing the latest device drivers and firmware. However, you may sometimes have to download and install updates manually. For example, you may have to manually manage updates when you deploy a new version of Windows.
 ## Downloading MSI files
 [Download drivers and firmware for Surface](https://support.microsoft.com/help/4023482/surface-download-drivers-and-firmware-for-surface) provides links to download installation files for the following:
 - Administrative tools
 - Drivers for accessories
 - For some devices, updates for Windows
 ## Deploying MSI files
 Specific versions of Windows 10 have separate MSI files. Each MSI file contains all required cumulative driver and firmware updates for Surface devices.
 The MSI file names contain useful information, including the minimum supported Windows build number that is required to install the drivers and firmware. For example, to install the drivers that are contained in SurfaceBook_Win10_17763_19.080.2031.0.msi on a Surface Book, the device must be running Windows 10 Fall Creators Update, version 1709 or later.
 For more information about build numbers for each Windows version, see [Windows 10 release information](https://docs.microsoft.com/windows/windows-10/release-information).
 ### Surface MSI naming convention
 Beginning in August, 2019, MSI files have used the following naming convention:
 > *Product*\_*Windows release*\_*Windows build number*\_*Version number*\_*Revision of version number (typically zero)*.
 **Example**
 Consider the following MSI file:
 > SurfacePro6_Win10_18362_19.073.44195_0.msi
 This file name provides the following information:
 - **Product:** SurfacePro6
 - **Windows release:** Win10
 - **Build:** 18362
 - **Version:** 19.073.44195 &ndash; This shows the date and time that the file was created, as follows:
  - **Year:** 19 (2019)
  - **Month and week:** 073 (third week of July)
  - **Minute of the month:** 44195
 - **Revision of version:** 0 (first release of this version)
 ### Legacy Surface MSI naming convention
 Legacy MSI files (files that were built before August, 2019) followed the same overall naming formula, but used a different method to derive the version number.  
 **Example**
 Consider the following MSI file:
 > SurfacePro6_Win10_16299_1900307_0.msi
 This file name provides the following information:
 - **Product:** SurfacePro6
 - **Windows release:** Win10
 - **Build:** 16299
 - **Version:** 1900307 &ndash; This shows the date that the file was created and its position in the release sequence, as follows:
  - **Year:** 19 (2019)
  - **Number of release:** 003 (third release of the year)
  - **Product version number:** 07 (Surface Pro 6 is officially the seventh version of Surface Pro)
 - **Revision of version:** 0 (first release of this version)
 Use the **version** number to determine the latest files that contain the most recent security updates. For example, consider the following list:
 - SurfacePro6_Win10_16299_1900307_0.msi
 - SurfacePro6_Win10_17134_1808507_3.msi
 - SurfacePro6_Win10_17763_1808707_3.msi
 In this list, the newest file is the first file (SurfacePro6_Win10_16299_1900307_0.msi). Its **Version** field has the newest date (2019). The other files are from 2018.
 ## Supported devices
 For downloadable MSI files for devices that run Surface Pro 2 and later versions, see [Download drivers and firmware for Surface](https://support.microsoft.com/help/4023482/surface-download-drivers-and-firmware-for-surface). This article contains information about MSI files for the newest Surface devices such as Surface Pro 7, Surface Pro X, and Surface Laptop 3, as they are released.  
 > [!NOTE]  
 > There are no downloadable firmware or driver updates available for Surface devices that run Windows RT, including Surface RT and Surface 2. To update these devices, use Windows Update.
 For more information about how to deploy Surface drivers and firmware, see the following articles:
 - [Manage Surface driver and firmware updates](https://docs.microsoft.com/surface/manage-surface-pro-3-firmware-updates)
 - [Surface for Business help](https://www.microsoft.com/surface/support/business)
--- a/devices/surface/enable-surface-keyboard-for-windows-pe-deployment.md
+++ b/devices/surface/enable-surface-keyboard-for-windows-pe-deployment.md
@ -1,5 +1,5 @@
 ---
-title: How to enable the Surface Laptop keyboard during MDT deployment (Surface)
+title: How to enable the Surface Laptop keyboard during MDT deployment 
 description: When you use MDT to deploy Windows 10 to Surface laptops, you need to import keyboard drivers to use in the Windows PE environment.
 keywords: windows 10 surface, automate, customize, mdt
 ms.prod: w10
@ -9,7 +9,7 @@ ms.sitesec: library
 author: Teresa-Motiv
 ms.author: v-tea
 ms.topic: article
-ms.date: 10/31/2019
+ms.date: 01/17/2020
 ms.reviewer: scottmca
 ms.localizationpriority: medium
 ms.audience: itpro
@ -22,14 +22,14 @@ appliesto:
 # How to enable the Surface Laptop keyboard during MDT deployment
 This article addresses a deployment approach that uses Microsoft Deployment Toolkit (MDT). You can also apply this information to other deployment methodologies. On most types of Surface devices, the keyboard should work during Lite Touch Installation (LTI). However, Surface Laptop requires some additional drivers to enable the keyboard. For Surface Laptop (1st Gen) and Surface Laptop 2 devices, you must prepare the folder structure and selection profiles that allow you to specify keyboard drivers for use during the Windows Preinstallation Environment (Windows PE) phase of LTI. For more information about this folder structure, see [Deploy a Windows 10 image using MDT: Step 5: Prepare the drivers repository](https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt?redirectedfrom=MSDN#step-5-prepare-the-drivers-repository).
 > [!NOTE]
-> This article addresses a deployment approach that uses Microsoft Deployment Toolkit (MDT). You can also apply this information to other deployment methodologies.
+> It is currently not supported to add Surface Laptop 2 and Surface Laptop 3 keyboard drivers in the same Windows PE boot instance due to a driver conflict; use separate instances instead.
 > [!IMPORTANT]
 > If you are deploying a Windows 10 image to a Surface Laptop that has Windows 10 in S mode preinstalled, see KB [4032347, Problems when deploying Windows to Surface devices with preinstalled Windows 10 in S mode](https://support.microsoft.com/help/4032347/surface-preinstall-windows10-s-mode-issues).
 On most types of Surface devices, the keyboard should work during Lite Touch Installation (LTI). However, Surface Laptop requires some additional drivers to enable the keyboard. For Surface Laptop (1st Gen) and Surface Laptop 2 devices, you must prepare the folder structure and selection profiles that allow you to specify keyboard drivers for use during the Windows Preinstallation Environment (Windows PE) phase of LTI. For more information about this folder structure, see [Deploy a Windows 10 image using MDT: Step 5: Prepare the drivers repository](https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt?redirectedfrom=MSDN#step-5-prepare-the-drivers-repository).
 To add the keyboard drivers to the selection profile, follow these steps:
 1. Download the latest Surface Laptop MSI file from the appropriate locations:
--- a/devices/surface/get-started.md
+++ b/devices/surface/get-started.md
@ -46,9 +46,10 @@ Harness the power of Surface, Windows, and Office connected together through the
                    </div>
                    <div class="cardText">
                        <h3>Deploy</h3>
                         <p><a href="manage-surface-driver-and-firmware-updates.md">Manage and deploy Surface driver and firmware updates</a></p>
                        <p><a href="windows-autopilot-and-surface-devices.md">Autopilot and Surface devices</a></p>
                        <p><a href="surface-pro-arm-app-management.md">Deploying, managing, and servicing Surface Pro X</a></p>
-                        <p><a href="deploy-the-latest-firmware-and-drivers-for-surface-devices.md">Deploy the latest firmware and drivers</a></p>
+                      
                    </div>
                </div>
            </div>
--- a/devices/surface/images/fig1-downloads-msi.png
+++ b/devices/surface/images/fig1-downloads-msi.png
--- a/devices/surface/maintain-optimal-power-settings-on-Surface-devices.md
+++ b/devices/surface/maintain-optimal-power-settings-on-Surface-devices.md
@ -28,12 +28,12 @@ low power idle state (S0ix).
 To ensure Surface devices across your organization fully benefit from Surface power optimization features:
-  Install the latest  drivers and firmware from Windows Update or the Surface Driver and Firmware MSI. This creates the balanced power plan (aka power profile) by default and configures optimal power settings.  For more information, refer to [Deploying the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md).
+-  Install the latest  drivers and firmware from Windows Update or the Surface Driver and Firmware MSI. This creates the balanced power plan (aka power profile) by default and configures optimal power settings.  For more information, refer to [Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md).
 - Avoid creating custom power profiles or adjusting advanced power settings not visible in the default UI  (**System** > **Power & sleep**).
 - If you must manage the power profile of devices across your network (such as in highly managed organizations), use the powercfg command tool to export the power plan from the factory image of the Surface device and then import it into the provisioning package for your Surface devices. 
->[!NOTE]
+    >[!NOTE]
->You can only export a power plan across the same type of Surface device.  For example, you cannot export a power plan from Surface Laptop and import it on Surface Pro.  For more information, refer to [Configure power settings](https://docs.microsoft.com/windows-hardware/customize/power-settings/configure-power-settings).
+    >You can only export a power plan across the same type of Surface device.  For example, you cannot export a power plan from Surface Laptop and import it on Surface Pro.  For more information, refer to [Configure power settings](https://docs.microsoft.com/windows-hardware/customize/power-settings/configure-power-settings).
 - Exclude Surface devices from any existing power management policy settings. 
@ -166,7 +166,7 @@ To learn more, see:
 | Check app usage | Your apps | Close apps.|
 | Check your power cord for any damage.| Your power cord | Replace power cord if worn or damaged.|
-# Learn more 
+## Learn more 
 - [Modern
    standby](https://docs.microsoft.com/windows-hardware/design/device-experiences/modern-standby-wake-sources)
@ -178,4 +178,4 @@ To learn more, see:
 - [Battery
    saver](https://docs.microsoft.com/windows-hardware/design/component-guidelines/battery-saver)
- [Deploying the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md)
+- [Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md)
--- a/devices/surface/manage-surface-driver-and-firmware-updates.md
+++ b/devices/surface/manage-surface-driver-and-firmware-updates.md
@ -17,45 +17,40 @@ ms.audience: itpro
 ms.date: 10/21/2019
 ---
-# Manage Surface driver and firmware updates
+# Manage and deploy Surface driver and firmware updates
-This article describes the available options that you can use to manage firmware and driver updates for Surface devices including Surface Pro 3 and later. 
+How you manage Surface driver and firmware updates varies depending on your environment and organizational requirements. On Surface devices, firmware is exposed to the operating system as a driver and is visible in Device Manager, enabling device firmware and drivers to be automatically updated using Windows Update or Windows Update for Business. Although this simplified approach may be feasible for startups and small or medium-sized businesses, larger organizations typically need IT admins to distributing updates internally. This may involve comprehensive planning, application compatibility testing, piloting and validating updates, before final approval and distribution across the network.
 To see a list of the available downloads for Surface devices and links to download the drivers and firmware for your device, see [Deploy the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md).
 On Surface devices, the firmware is exposed to the operating system as a driver and is visible in Device Manager. This design allows a Surface device firmware to be automatically updated along with all drivers through Windows Update. This mechanism provides a seamless, automatic experience for receiving the latest firmware and driver updates. Although automatic updating is easy for end users, updating firmware and drivers automatically may not always be appropriate for organizations and businesses. In cases where you strictly manage updates or when you deploy a new operating system to a Surface device, automatic updates from Windows Update may not be appropriate.
 ## <a href="" id="methods-for-------firmware-deployment"></a>Methods for deploying firmware
 Windows Update automatically provides firmware for computers that receive updates directly from Microsoft. However, in environments where  Windows Server Update Services (WSUS) manages updates, Windows Update cannot update the firmware. For managed environments, there are a number of options you can use to deploy firmware updates.
 ### Windows Update
 The simplest solution to ensure that firmware on Surface devices in your organization is kept up to date is to allow Surface devices to receive updates directly from Microsoft. You can implement this solution easily by excluding Surface devices from Group Policy that directs computers to receive updates from WSUS.
 Although this solution ensures that firmware will be updated as new releases are made available to Windows Update, it does present potential drawbacks. Each Surface device that receives updates from Windows Update downloads each update independently from Microsoft instead of accessing a central location. These operations increase demand on Internet connectivity and bandwidth. Additionally, such updates are not subjected to testing or review by administrators.
 For details about Group Policy for client configuration of WSUS or Windows Update, see [Step 4: Configure Group Policy Settings for Automatic Updates](https://docs.microsoft.com/windows-server/administration/windows-server-update-services/deploy/4-configure-group-policy-settings-for-automatic-updates).
 ### Windows Installer Package
 Surface driver and firmware updates are packaged as Windows Installer (MSI) files. To deploy these Windows Installer packages, you can use application deployment utilities such as the Microsoft Deployment Toolkit (MDT) or System Center Configuration Manager. Such solutions provide the means for administrators to test and review updates before deploying them, and to centralize deployment. For each device, it is important to select the correct MSI file for the device and its operating system. For more information see [Deploy the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md).
 For instructions on how to deploy updates by using Endpoint Configuration Manager (formerly System Center Configuration Manager), refer to [Deploy applications with Configuration Manager](https://docs.microsoft.com/sccm/apps/deploy-use/deploy-applications). For instructions on how to deploy updates by using MDT, see [Deploy a Windows 10 image using MDT](https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt).
 > [!NOTE]
-> You can deploy applications separately from an operating system deployment through MDT by using a Post OS Installation task sequence.
+> This article is intended for technical support agents and IT professionals and applies to Surface devices only. If you're looking for help to install Surface updates or firmware on a home device, see [Update Surface firmware and Windows 10](https://support.microsoft.com/help/4023505).
 While enterprise-grade software distribution solutions continue to evolve, the business rationale for centrally managing  updates remains the same: Maintain the security of Surface devices and keep them updated with the latest operating system and feature improvements. This is essential for maintaining the stability of your production environment and enabling users to stay productive. This article provides an overview of recommended tools and processes for larger organizations to accomplish these goals.
-### Microsoft System Center Configuration Manager
+## Central update management in commercial environments
-Starting in Microsoft System Center Configuration Manager version 1710, you can synchronize and deploy Microsoft Surface firmware and driver updates by using the Configuration Manager client. The process resembles that for deploying regular updates. For additional information, see KB 4098906, [How to manage Surface driver updates in Configuration Manager](https://support.microsoft.com/help/4098906/manage-surface-driver-updates-in-configuration-manager).
+Microsoft has streamlined tools for managing devices – including driver and firmware updates -- into a single unified experience called [Microsoft Endpoint Manager admin center](https://devicemanagement.microsoft.com/) accessed from devicemanagement.microsoft.com.
-## Considerations when deploying updates and operating systems together
+### Manage updates with Endpoint Configuration Manager and Intune
-The process of deploying firmware updates during an operating system deployment is straightforward. You can import the firmware and driver pack into either System Center Configuration Manager or MDT, and use them to deploy a fully updated environment to a target Surface device, complete with firmware. For a complete step-by-step guide to using MDT to deploy Windows to a Surface device, see [Deploy Windows 10 to Surface devices with Microsoft Deployment Toolkit](deploy-windows-10-to-surface-devices-with-mdt.md).
+Endpoint Configuration Manager (formerly System Center Configuration Manager) allows you to synchronize and deploy Surface firmware and driver updates with the Configuration Manager client. Integration with Microsoft Intune lets you see all your managed, co-managed and partner-managed devices in one place. This is the recommended solution for large organizations to manage Surface updates.
 For detailed steps, see the following resources:
-> [!IMPORTANT]
+- [How to manage Surface driver updates in Configuration Manager.](https://support.microsoft.com/en-sg/help/4098906/manage-surface-driver-updates-in-configuration-manager)
-> Select the correct MSI file for each specific device and its operating system. For more information, see [Deploy the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md).
+- [Deploy applications with Configuration Manager](https://docs.microsoft.com/sccm/apps/deploy-use/deploy-applications).
 - [Endpoint Configuration Manager documentation](https://docs.microsoft.com/configmgr/)
 ### Manage updates with Microsoft Deployment Toolkit
 Included in Endpoint Configuration Manager, the Microsoft Deployment Toolkit (MDT) contains optional deployment tools that you may wish to use depending on your environment. MDT includes the Windows Assessment and Deployment Kit (Windows ADK), Windows System Image Manager (Windows SIM), Deployment Image Servicing and Management (DISM), and User State Migration Tool (USMT). You can download the latest version of MDT from the [Microsoft Deployment Toolkit download page](https://www.microsoft.com/download/details.aspx?id=54259).
 For detailed steps, see the following resources:
 - [Microsoft Deployment Toolkit documentation](https://docs.microsoft.com/configmgr/mdt/)
 - [Deploy Windows 10 with the Microsoft Deployment Toolkit](https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit)
 - [Deploy Windows 10 to Surface devices with Microsoft Deployment Toolkit](https://docs.microsoft.com/surface/deploy-windows-10-to-surface-devices-with-mdt)  
 **WindowsPE and Surface firmware and drivers**
@ -63,3 +58,93 @@ System Center Configuration Manager and MDT both use the Windows Preinstallation
 ## Supported devices
 Downloadable MSI files are available for Surface devices from Surface Pro 2 and later. Information about MSI files for the newest Surface devices such as Surface Pro 7, Surface Pro X, and Surface Laptop 3 will be available from this page upon release. 
 ## Managing firmware with DFCI
 With Device Firmware Configuration Interface (DFCI) profiles built into Intune (now available in [public preview](https://docs.microsoft.com/intune/configuration/device-firmware-configuration-interface-windows)), Surface UEFI management extends the modern management stack down to the UEFI hardware level. DFCI supports zero-touch provisioning, eliminates BIOS passwords, provides control of security settings including boot options and built-in peripherals, and lays the groundwork for advanced security scenarios in the future. For more information, see:
 - [Intune management of Surface UEFI settings](https://docs.microsoft.com/surface/surface-manage-dfci-guide)
 - [Ignite 2019: Announcing remote management of Surface UEFI settings from Intune](https://techcommunity.microsoft.com/t5/Surface-IT-Pro-Blog/Ignite-2019-Announcing-remote-management-of-Surface-UEFI/ba-p/978333).
 ## Best practices for update deployment processes
 To maintain a stable environment and keep users productive, it’s strongly recommended to maintain parity with the most recent version of Windows 10.  For best practice recommendations, see [Build deployment rings for Windows 10 updates](https://docs.microsoft.com/windows/deployment/update/waas-deployment-rings-windows-10-updates).
 ## Downloadable Surface update packages
 Specific versions of Windows 10 have separate .msi files, each containing all required cumulative driver and firmware updates for Surface devices. Update packages may include some or all of the following components:
 - Wi-Fi and LTE
 - Video
 - Solid state drive
 - System aggregator module (SAM)
 - Battery
 - Keyboard controller
 - Embedded controller (EC)
 - Management engine (ME)
 - Unified extensible firmware interface (UEFI)
 ### Downloading .msi files
 1. Browse to [Download drivers and firmware for Surface](https://support.microsoft.com/help/4023482/surface-download-drivers-and-firmware) on the Microsoft Download Center.
 2. Select the .msi file name that matches the Surface model and version of Windows. The .msi file name includes the minimum supported Windows build number required to install the drivers and firmware. For example, as shown in the following figure, to update a Surface Book 2 with build 18362 of Windows 10, choose **SurfaceBook2_Win10_18362_19.101.13994.msi.** For a Surface Book 2 with build 16299 of Windows 10, choose **SurfaceBook2_Win10_16299_1803509_3. msi**.
 ![Figure 1. Downloading Surface updates](images/fig1-downloads-msi.png)
 *Figure 1. Downloading Surface updates*
 ### Surface .msi naming convention
 Since August 2019, .msi files have used the following naming convention:
 - *Product*_*Windows release*_*Windows build number*_*Version number*_*Revision of version number (typically zero)*.
 **Example**
 - SurfacePro6_Win10_18362_19.073.44195_0.msi
 This file name provides the following information:
 - **Product:** SurfacePro6
 - **Windows release:** Win10
 - **Build:** 18362
 - **Version:** 19.073.44195 – This shows the date and time that the file was created, as follows:
    - **Year:** 19 (2019)
    - **Month and week:** 073 (third week of July)
    - **Minute of the month:** 44195
 - **Revision of version:** 0 (first release of this version)
 ### Legacy Surface .msi naming convention
 Legacy .msi files (files built before August 2019) followed the same overall naming formula but used a different method to derive the version number.
 ****
 **Example**
 - SurfacePro6_Win10_16299_1900307_0.msi
 This file name provides the following information:
 - **Product:** SurfacePro6
 - **Windows release:** Win10
 - **Build:** 16299
 - **Version:** 1900307 – This shows the date that the file was created and its position in the release sequence, as follows:
    - **Year:** 19 (2019)
    - **Number of release:** 003 (third release of the year)
    - **Product version number:** 07 (Surface Pro 6 is officially the seventh version of Surface Pro)
 - **Revision of version:** 0 (first release of this version)
 ## Learn more
 - [Download drivers and firmware for Surface](https://support.microsoft.com/help/4023482/surface-download-drivers-and-firmware)
 - [How to manage Surface driver updates in Configuration Manager.](https://support.microsoft.com/en-sg/help/4098906/manage-surface-driver-updates-in-configuration-manager)
 - [Deploy applications with Configuration Manager](https://docs.microsoft.com/sccm/apps/deploy-use/deploy-applications).
 - [Endpoint Configuration Manager documentation](https://docs.microsoft.com/configmgr/)
 - [Microsoft Deployment Toolkit documentation](https://docs.microsoft.com/configmgr/mdt/)
 - [Deploy Windows 10 with the Microsoft Deployment Toolkit](https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit)
 - [Deploy Windows 10 to Surface devices with Microsoft Deployment Toolkit](https://docs.microsoft.com/surface/deploy-windows-10-to-surface-devices-with-mdt)  
 - [Intune management of Surface UEFI settings](https://docs.microsoft.com/surface/surface-manage-dfci-guide)
 - [Ignite 2019: Announcing remote management of Surface UEFI settings from Intune](https://techcommunity.microsoft.com/t5/Surface-IT-Pro-Blog/Ignite-2019-Announcing-remote-management-of-Surface-UEFI/ba-p/978333).
 - [Build deployment rings for Windows 10 updates](https://docs.microsoft.com/windows/deployment/update/waas-deployment-rings-windows-10-updates)
--- a/devices/surface/microsoft-surface-deployment-accelerator.md
+++ b/devices/surface/microsoft-surface-deployment-accelerator.md
@ -80,7 +80,7 @@ For environments where the SDA server will not be able to connect to the Interne
 *Figure 2. Specify a local source for Surface driver and app files*
-You can find a full list of available driver downloads at [Download the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md)
+You can find a full list of available driver downloads at [Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md)
 >[!NOTE]
 >Downloaded files do not need to be extracted. The downloaded files can be left as .zip files as long as they are stored in one folder.
--- a/devices/surface/surface-pro-arm-app-management.md
+++ b/devices/surface/surface-pro-arm-app-management.md
@ -8,7 +8,7 @@ ms.sitesec: library
 author: dansimp
 ms.author: dansimp
 ms.topic: article
-ms.date: 11/20/2019
+ms.date: 1/22/2020
 ms.reviewer: jessko
 manager: dansimp
 ms.audience: itpro
@ -73,7 +73,7 @@ Surface Pro X was designed to use Windows Update to simplify the process of keep
 - Use Windows Update or Windows Update for Business for maintaining the latest drivers and firmware. For more information, see [Deploy Updates using Windows Update for Business](https://docs.microsoft.com/windows/deployment/update/waas-manage-updates-wufb).
 - If your procedures require using a Windows Installer .msi file, contact [Surface for Business support](https://support.microsoft.com/help/4037645). 
- For more information about deploying and managing updates on Surface devices, see [Deploy the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md).
+- For more information about deploying and managing updates on Surface devices, see [Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md).
 - Note that Windows Server Update Services (WSUS) does not support the ability to deliver drivers and firmware to Surface Pro X.
 ## Running apps on Surface Pro X
@ -124,7 +124,7 @@ The following tables show the availability of selected key features on Surface P
 | Deployment                              | Surface Pro 7 | Surface Pro X | Notes                                                                                                                           |
 | --------------------------------------- | ------------- | ------------- | ------------------------------------------------------------------------------------------------------------------------------- |
 | Windows Autopilot                       | Yes           | Yes           |                                                                                                                                 |
-| Support for Network Boot (PXE)          | Yes           | Yes           |                                                                                                                                 |
+| Support for Network Boot (PXE)          | Yes           | No           |                                                                                                                                 |
 | Windows Configuration Designer          | Yes           | No            | Not recommended for Surface Pro X.                                                                                              |
 | WinPE                                   | Yes           | Yes           | Not recommended for Surface Pro X. Microsoft does not provide the necessary .ISO and drivers to support WinPE with Surface Pro X. |
 | Endpoint Configuration Manager: Operating System Deployment (OSD) | Yes           | No            | Not supported on Surface Pro X.                                                                                              |
--- a/windows/client-management/mdm/applicationcontrol-csp.md
+++ b/windows/client-management/mdm/applicationcontrol-csp.md
@ -1,11 +1,13 @@
 ---
 title: ApplicationControl CSP
 description: The ApplicationControl CSP allows you to manage multiple Windows Defender Application Control (WDAC) policies from a MDM server.
 keywords: whitelisting, security, malware
 ms.author: dansimp
 ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: ManikaDhiman
 ms.reviewer: jsuther1974
 ms.date: 05/21/2019
 ---
@ -61,7 +63,8 @@ This node specifies whether a policy is actually loaded by the enforcement engin
 Scope is dynamic. Supported operation is Get.
-Value type is bool. Supported values are as follows:  
+Value type is bool. Supported values are as follows:
 - True — Indicates that the policy is actually loaded by the enforcement engine and is in effect on a system.
 - False — Indicates that the policy is not loaded by the enforcement engine and is not in effect on a system. This is the default.
@ -70,7 +73,8 @@ This node specifies whether a policy is deployed on the system and is present on
 Scope is dynamic. Supported operation is Get.
-Value type is bool. Supported values are as follows:  
+Value type is bool. Supported values are as follows:
 - True — Indicates that the policy is deployed on the system and is present on the physical machine.
 - False — Indicates that the policy is not deployed on the system and is not present on the physical machine. This is the default.
@ -79,7 +83,8 @@ This node specifies whether the policy is authorized to be loaded by the enforce
 Scope is dynamic. Supported operation is Get.
-Value type is bool. Supported values are as follows:  
+Value type is bool. Supported values are as follows:
 - True — Indicates that the policy is authorized to be loaded by the enforcement engine on the system.
 - False — Indicates that the policy is not authorized to be loaded by the enforcement engine on the system. This is the default.
@ -112,24 +117,43 @@ Scope is dynamic. Supported operation is Get.
 Value type is char.
-## Usage guidance  
+## Microsoft Endpoint Manager (MEM) Intune Usage Guidance  
-To use ApplicationControl CSP, you must:
+For customers using Intune standalone or hybrid management with Configuration Manager (MEMCM) to deploy custom policies via the ApplicationControl CSP, refer to [Deploy Windows Defender Application Control policies by using Microsoft Intune](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune)
 - Know a generated policy’s GUID, which can be found in the policy xml as `<PolicyTypeID>`.
 - Convert the policies to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
-If you are using hybrid MDM management with System Center Configuration Manager or using Intune, ensure that you are using Base64 as the Data type when using Custom OMA-URI functionality to apply the Code Integrity policy via uploading the binary file.
+## Non-Intune Usage Guidance
 In order to leverage the ApplicationControl CSP without using Intune, you must:
 1. Know a generated policy’s GUID, which can be found in the policy xml as <PolicyID> or <PolicyTypeID> for pre-1903 systems.
 2. Convert the policies to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
 3. Create a policy node (a Base64-encoded blob of the binary policy representation) using the certutil -encode command line tool.
 Below is a sample certutil invocation:
 ```cmd
 certutil  -encode WinSiPolicy.p7b WinSiPolicy.cer
 ```
 An alternative to using certutil would be to use the following PowerShell invocation:
 ```powershell
 [Convert]::toBase64String($(Get-Content -Encoding Byte -ReadCount 0 -Path <bin file>))
 ```
 ### Deploy Policies
 ### Deploy policies
 To deploy a new base policy using the CSP, perform an ADD on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** using the Base64-encoded policy node as {Data}. Refer to the the Format section in the Example 1 below.
 To deploy base policy and supplemental policies:
- Perform an ADD on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** using the Base64-encoded policy node as {Data} with the GUID and policy data for the base policy.
+
- Repeat for each base or supplemental policy (with its own GUID and data).
+1. Perform an ADD on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** using the Base64-encoded policy node as {Data} with the GUID and policy data for the base policy.
 2. Repeat for each base or supplemental policy (with its own GUID and data).
 The following example shows the deployment of two base policies and a supplemental policy (which already specifies the base policy it supplements and does not need that reflected in the ADD).
-**Example 1: Add first base policy**
+#### Example 1: Add first base policy
 ```xml
 <Add>
    <CmdID>1</CmdID>
@ -144,7 +168,9 @@ The following example shows the deployment of two base policies and a supplement
    </Item>
 </Add>
 ```
-**Example 2: Add second base policy**
+
 #### Example 2: Add second base policy
 ```xml
 <Add>
    <CmdID>1</CmdID>
@ -159,7 +185,9 @@ The following example shows the deployment of two base policies and a supplement
    </Item>
 </Add>
 ```
-**Example 3: Add supplemental policy**
+
 #### Example 3: Add supplemental policy
 ```xml
 <Add>
    <CmdID>1</CmdID>
@ -174,6 +202,7 @@ The following example shows the deployment of two base policies and a supplement
    </Item>
 </Add>
 ```
 ### Get policies
 Perform a GET using a deployed policy’s GUID to interrogate/inspect the policy itself or information about it.
@ -190,7 +219,8 @@ The following table displays the result of Get operation on different nodes:
 |./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/PolicyInfo/Status|Was the deployment successful|
 |./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/PolicyInfo/FriendlyName|Friendly name per the policy|
-The following is an example of Get command:  
+The following is an example of Get command:
 ```xml
 <Get>
    <CmdID>1</CmdID>
@ -203,17 +233,28 @@ The following is an example of Get command:
 ```
 ### Delete policies
 #### Rebootless Deletion
 Upon deletion, policies deployed via the ApplicationControl CSP are removed from the system but stay in effect until the next reboot. In order to functionally do a rebootless delete, first replace the existing policy with an Allow All policy (found at C:\Windows\schemas\CodeIntegrity\ExamplePolicies\AllowAll.xml) and then delete the updated policy. This will immediately prevent anything from being blocked and fully deactive the policy on the next reboot.
 #### Unsigned Policies
 To delete an unsigned policy, perform a DELETE on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy**.
-> [!Note]
+#### Signed Policies
->  Only signed things should be able to update signed policies. Hence, performing a DELETE on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** is not sufficient to delete a signed policy.
+
-    
+> [!NOTE]
 > A signed policy by default can only be replaced by another signed policy. Hence, performing a DELETE on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** is not sufficient to delete a signed policy.
 To delete a signed policy:
 1. Replace it with a signed update allowing unsigned policy.
-2. Deploy another update with unsigned policy.
+2. Deploy another update with unsigned Allow All policy.
 3. Perform delete.
-    
+
 The following is an example of Delete command:
 ```xml
   <Delete>
     <CmdID>1</CmdID>
--- a/windows/deployment/deploy-enterprise-licenses.md
+++ b/windows/deployment/deploy-enterprise-licenses.md
@ -25,6 +25,10 @@ This topic describes how to deploy Windows 10 Enterprise E3 or E5 licenses with
 >* Windows 10 Enterprise E3 in CSP requires Windows 10 Pro, version 1607 or later.
 >* Automatic, non-KMS activation requires Windows 10, version 1803 or later, on a device with a firmware-embedded activation key.
 >[!IMPORTANT]
 >An issue has been identified where devices can lose activation status or be blocked from upgrading to Windows Enterprise if the device is not able to connect to Windows Update. A workaround is to ensure that devices do not have the REG_DWORD present HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\DoNotConnectToWindowsUpdateInternetLocations and set to 1.  If this REG_DWORD is present, it must be set to 0.<br> 
 >Also ensure that the Group Policy setting: Computer Configuration > Administrative Templates > Windows Components > Windows Update > "Do not connect to any Windows Update Internet locations" is set to "Disabled".
 ## Firmware-embedded activation key
 To determine if the computer has a firmware-embedded activation key, type the following command at an elevated Windows PowerShell prompt
--- a/windows/deployment/deploy-windows-mdt/set-up-mdt-for-bitlocker.md
+++ b/windows/deployment/deploy-windows-mdt/set-up-mdt-for-bitlocker.md
@ -111,11 +111,7 @@ If you want to automate enabling the TPM chip as part of the deployment process,
 ### Add tools from Dell
-The Dell tools are available via the Dell Client Configuration Toolkit (CCTK). The executable file from Dell is named *cctk.exe*. Here is a sample command to enable TPM and set a BIOS password using the cctk.exe tool:
+[Dell Comnmand | Configure](https://www.dell.com/support/article/us/en/04/sln311302/dell-command-configure) provides a Command Line Interface and a Graphical User Interface.
 ```dos
 cctk.exe --tpm=on --valsetuppwd=Password1234
 ```
 ### Add tools from HP
--- a/windows/deployment/index.yml
+++ b/windows/deployment/index.yml
@ -10,8 +10,7 @@ metadata:
  ms.localizationpriority: high
  author: greg-lindsay
  ms.author: greglin
-  manager: elizapo
+  manager: laurawi
  ms.date: 02/09/2018
  ms.topic: article
  ms.devlang: na
@ -35,11 +34,11 @@ sections:
      image:
        src: https://docs.microsoft.com/media/common/i_upgrade.svg
      title: Windows as a service
-    - href: update/windows-analytics-overview
+    - href: windows-autopilot/windows-autopilot
-      html: <p>Windows Analytics provides deep insights into your Windows 10 environment.</p>
+      html: <p>Windows Autopilot greatly simplifies deployment of Windows devices</p>
      image:
-        src: https://docs.microsoft.com/media/common/i_investigate.svg
+        src: https://docs.microsoft.com/media/common/i_delivery.svg
-      title: Windows Analytics
+      title: Windows Autopilot
 - title:
 - items:
  - type: markdown
--- a/windows/deployment/upgrade/resolution-procedures.md
+++ b/windows/deployment/upgrade/resolution-procedures.md
@ -194,7 +194,7 @@ Disconnect all peripheral devices that are connected to the system, except for t
 <tr><td style='padding:0in 4pt 0in 4pt;border:dotted #FFFFFF 0.0pt;'>
 Check supplemental rollback logs for a setupmem.dmp file, or event logs for any unexpected reboots or errors.
 <br>Review the rollback log and determine the stop code.
-<br>The rollback log is located in the <strong>C:$Windows.~BT\Sources\Panther</strong> folder.  An example analysis is shown below. This example is not representative of all cases:
+<br>The rollback log is located in the <strong>$Windows.~BT\Sources\Rollback</strong> folder.  An example analysis is shown below. This example is not representative of all cases:
 <pre>
 Info SP     Crash 0x0000007E detected
 Info SP       Module name           :
--- a/windows/deployment/upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md
+++ b/windows/deployment/upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md
@ -21,7 +21,10 @@ ms.topic: article
 -   Windows 10
-The simplest path to upgrade PCs currently running Windows 7, Windows 8, or Windows 8.1 to Windows 10 is through an in-place upgrade. You can use a System Center Configuration Manager task sequence to completely automate the process.
+The simplest path to upgrade PCs currently running Windows 7, Windows 8, or Windows 8.1 to Windows 10 is through an in-place upgrade. You can use a Configuration Manager task sequence to completely automate the process.
 >[!IMPORTANT]
 >Beginning with Windows 10 and Windows Server 2016, Windows Defender is already installed. A management client for Windows Defender is also installed automatically if the Configuration Manager client is installed. However, previous Windows operating systems installed the System Center Endpoint Protection (SCEP) client with the Configuration Manager client. The SCEP client can block in-place upgrade to Windows 10 due to incompatibility, and must removed from a device before performing an in-place upgrade to Windows 10.
 ## Proof-of-concept environment
--- a/windows/deployment/windows-autopilot/add-devices.md
+++ b/windows/deployment/windows-autopilot/add-devices.md
@ -21,7 +21,7 @@ ms.topic: article
 **Applies to**
-   Windows 10
+- Windows 10
 Before deploying a device using Windows Autopilot, the device must be registered with the Windows Autopilot deployment service. Ideally, this would be performed by the OEM, reseller, or distributor from which the devices were purchased, but this can also be done by the organization by collecting the hardware identity and uploading it manually.
@ -41,7 +41,7 @@ Windows Autopilot does not require delegated administrator permissions when esta
 ## Automatic registration of existing devices
-If an existing device is already running Windows 10 version 1703 or later and enrolled in an MDM service such an Intune, that MDM service can ask the device for the hardware ID (also known as a hardware hash).  Once it has that, it can automatically register the device with Windows Autopilot.
+If an existing device is already running a supported version of Windows 10 semi-annual channel and enrolled in an MDM service such an Intune, that MDM service can ask the device for the hardware ID (also known as a hardware hash).  Once it has that, it can automatically register the device with Windows Autopilot.
 For instructions on how to do this with Microsoft Intune, see [Create an Autopilot deployment profile](https://docs.microsoft.com/intune/enrollment-autopilot#create-an-autopilot-deployment-profile) documentation describing the "Convert all targeted devices to Autopilot" setting. 
@ -53,7 +53,7 @@ To perform manual registration of a device, you must first capture its hardware
 ## Device identification
-To define a device to the Windows Autopilot deployment service, a unique hardware ID for the device needs to be captured and uploaded to the service. While this step is ideally done by the hardware vendor (OEM, reseller, or distributor), automatically associating the device with an organization, it is also possible to do this through a harvesting process that collects the device from within a running Windows 10 version 1703 or later installation.
+To define a device to the Windows Autopilot deployment service, a unique hardware ID for the device needs to be captured and uploaded to the service. While this step is ideally done by the hardware vendor (OEM, reseller, or distributor), automatically associating the device with an organization, it is also possible to do this through a harvesting process that collects the device from within a running Windows 10 installation.
 The hardware ID, also commonly referred to as a hardware hash, contains several details about the device, including its manufacturer, model, device serial number, hard drive serial number, and many other attributes that can be used to uniquely identify that device.
@ -61,14 +61,14 @@ Note that the hardware hash also contains details about when it was generated, s
 ### Collecting the hardware ID from existing devices using System Center Configuration Manager
-Starting with System Center Configuration Manager current branch version 1802, the hardware hashes for existing Windows 10 version 1703 and higher devices are automatically collected by Configuration Manager. See the [What’s new in version 1802](https://docs.microsoft.com/sccm/core/plan-design/changes/whats-new-in-version-1802#report-on-windows-autopilot-device-information) documentation for more details.  The hash information can be extracted from Configuration Manager into a CSV file.
+Starting with System Center Configuration Manager current branch version 1802, the hardware hashes for existing Windows 10 devices are automatically collected by Configuration Manager. See the [What’s new in version 1802](https://docs.microsoft.com/sccm/core/plan-design/changes/whats-new-in-version-1802#report-on-windows-autopilot-device-information) documentation for more details.  The hash information can be extracted from Configuration Manager into a CSV file.
 > [!Note]
 > Before uploading the CSV file on Intune, please make sure that the first row contains the device serial number, Windows product ID, hardware hash, group tag, and assigned user. If there is header information on the top of CSV file, please delete that header information. See details at [Enroll Windows devices in Intune](https://docs.microsoft.com/intune/enrollment/enrollment-autopilot).
 ### Collecting the hardware ID from existing devices using PowerShell
-The hardware ID, or hardware hash, for an existing device is available through Windows Management Instrumentation (WMI), as long as that device is running Windows 10 version 1703 or later. To help gather this information, as well as the serial number of the device (useful to see at a glance the machine to which it belongs), a PowerShell script called [Get-WindowsAutoPilotInfo.ps1 has been published to the PowerShell Gallery website](https://www.powershellgallery.com/packages/Get-WindowsAutoPilotInfo).
+The hardware ID, or hardware hash, for an existing device is available through Windows Management Instrumentation (WMI), as long as that device is running a supported version of Windows 10 semi-annual channel. To help gather this information, as well as the serial number of the device (useful to see at a glance the machine to which it belongs), a PowerShell script called [Get-WindowsAutoPilotInfo.ps1 has been published to the PowerShell Gallery website](https://www.powershellgallery.com/packages/Get-WindowsAutoPilotInfo).
 To use this script, you can download it from the PowerShell Gallery and run it on each computer, or you can install it directly from the PowerShell Gallery. To install it directly and capture the hardware hash from the local computer, use the following commands from an elevated Windows PowerShell prompt:
@ -103,7 +103,7 @@ Once the hardware IDs have been captured from existing devices, they can be uplo
 -   [Microsoft 365 Business & Office 365 Admin](https://support.office.com/article/Create-and-edit-AutoPilot-profiles-5cf7139e-cfa1-4765-8aad-001af1c74faa).  This is typically used by small and medium businesses (SMBs) who manage their devices using Microsoft 365 Business.
 -   [Microsoft Store for Business](https://docs.microsoft.com/microsoft-store/add-profile-to-devices#manage-autopilot-deployment-profiles).  You might already be using MSfB to manage your apps and settings.
-A summary of each platform's capabilities is provided below.
+A summary of each platform's capabilities is provided below.<br>
 <br>
 <table>
 <tr>
@ -123,34 +123,43 @@ A summary of each platform's capabilities is provided below.
 <tr>
 <td><a href="https://docs.microsoft.com/partner-center/autopilot">Partner Center</a></td>
 <td>YES - 1000 at a time max</td>
-<td>YES</td>
+<td>YES<b><sup>34</sup></b></td>
 <td>Tuple or PKID or 4K HH</td>
 </tr>
 <tr>
 <td><a href="https://docs.microsoft.com/intune/enrollment-autopilot">Intune</a></td>
-<td>YES - 500 at a time max<b>*</b></td>
+<td>YES - 500 at a time max<b><sup>1</sup></b></td> 
-<td>YES<b>*</b></td>
+<td>YES<b><sup>12</sup></b></td> 
 <td>4K HH</td>
 </tr>
 <tr>
-<td><a href="https://docs.microsoft.com/microsoft-store/add-profile-to-devices#manage-autopilot-deployment-profiles">Microsoft Store for Business</a></td>
+<td><a href="https://docs.microsoft.com/microsoft-store/add-profile-to-devices#manage-autopilot-deployment-profiles">Microsoft Store for Business</a><b><sup>4</sup></b></td>
 <td>YES - 1000 at a time max</td>
-<td>YES</td>
+<td>YES<b><sup>4</sup></b></td>
 <td>4K HH</td>
 </tr>
 <tr>
-<td><a href="https://docs.microsoft.com/microsoft-365/business/create-and-edit-autopilot-profiles">Microsoft Business 365</a></td>
+<td><a href="https://docs.microsoft.com/microsoft-365/business/create-and-edit-autopilot-profiles">Microsoft 365 Business</a></td>
 <td>YES - 1000 at a time max</td>
-<td>YES</td>
+<td>YES<b><sup>3</sup></b></td>
 <td>4K HH</td>
 </tr>
 </table>
-><b>*</b>Microsoft recommended platform to use
+><b><sup>1</sup></b>Microsoft recommended platform to use<br>
 ><b><sup>2</sup></b>Intune license required<br>
 ><b><sup>3</sup></b>Feature capabilities are limited<br>
 ><b><sup>4</sup></b>To be retired<br>
 Also see the following topics for more information about device IDs:
 - [Device identification](#device-identification)
 - [Windows Autopilot device guidelines](https://docs.microsoft.com/windows/deployment/windows-autopilot/autopilot-device-guidelines)
 - [Add devices to a customer account](https://docs.microsoft.com/partner-center/autopilot)
 ## Summary
@ -162,4 +171,4 @@ When deploying new devices using Windows Autopilot, the following steps are requ
 ## Other configuration settings
- [Bitlocker encryption settings](bitlocker.md): You can configure the BitLocker encryption settings to be applied before automatic encryption is started.
+- [Bitlocker encryption settings](bitlocker.md): You can configure the BitLocker encryption settings to be applied before automatic encryption is started.
--- a/windows/deployment/windows-autopilot/autopilot-device-guidelines.md
+++ b/windows/deployment/windows-autopilot/autopilot-device-guidelines.md
@ -36,7 +36,8 @@ The following additional best practices ensure that devices can easily be provis
 ## Software best practice guidelines for Windows Autopilot
- The Windows Autopilot device should be preinstalled with only a Windows 10 base image plus drivers and Office 365 Pro Plus Retail (C2R).
+- The Windows Autopilot device should be preinstalled with only a Windows 10 base image plus drivers.
 - You can preinstall your licensed version of Office, such as [Office 365 ProPlus](https://docs.microsoft.com/deployoffice/about-office-365-proplus-in-the-enterprise).
 - Unless explicitly requested by the customer, no other preinstalled software should be included.
  - Per OEM Policy, Windows 10 features, including built-in apps, should not be disabled or removed.
--- a/windows/deployment/windows-autopilot/autopilot-faq.md
+++ b/windows/deployment/windows-autopilot/autopilot-faq.md
@ -45,10 +45,10 @@ A [glossary](#glossary) of abbreviations used in this article is provided at the
 | Question | Answer |
 | --- | --- |
 | What changes need to be made in the factory OS image for customer configuration settings?     |No changes are required on the factory floor to enable Windows Autopilot deployment.  |
-| What version of the OA3 tool meets Windows Autopilot deployment requirements?     | Windows Autopilot can work with any version of the OA3 tool. We recommend using Windows 10, version 1703 and above to generate the 4K hardware hash.    |
+| What version of the OA3 tool meets Windows Autopilot deployment requirements?     | Windows Autopilot can work with any version of the OA3 tool. We recommend using a supported version of Windows 10 semi-annual channel to generate the 4K hardware hash.    |
-|  At the time of placing an order, do customers need to be state whether they want it with or without Windows Autopilot options?   | Yes, if they want Windows Autopilot, they will want Windows 10, version 1703 or later versions. Also, they will want to receive the CSV file or have the file upload (that is, registration) completed on their behalf.    |
+|  At the time of placing an order, do customers need to be state whether they want it with or without Windows Autopilot options?   | Yes, if they want Windows Autopilot, they will want a supported version of Windows 10 semi-annual channel. Also, they will want to receive the CSV file or have the file upload (that is, registration) completed on their behalf.    |
 |  Does the OEM need to manage or collect any custom imaging files from customers and perform any image uploads to Microsoft?   | No change, OEMs just send the CBRs as usual to Microsoft. No images are sent to Microsoft to enable Windows Autopilot.  Windows Autopilot only customizes OOBE and allows policy configurations (disables admin account, for example).  |
-|  Are there any customer impacts to upgrading from Windows 8 to Windows 10?    | The devices must have Windows 10, version 1703 or later to enroll in Windows Autopilot deployment. Otherwise, there are no impacts.    |
+|  Are there any customer impacts to upgrading from Windows 8 to Windows 10?    | The devices must be running a supported version of Windows 10 semi-annual channel to enroll in Windows Autopilot deployment. Otherwise, there are no impacts.    |
 | Will there be any change to the existing CBR with 4K hardware hash?    | No.  |
 | What new information needs to be sent from the OEM to Microsoft?    | Nothing, unless the OEM opts to register the device on the customer’s behalf, in which case they would upload the device ID using a CSV file into Microsoft Partner Center, or use the OEM Direct API.  |
 | Is there a contract or amendment for an OEM to participate in Windows Autopilot Deployment?    | No.  |
@ -67,9 +67,9 @@ A [glossary](#glossary) of abbreviations used in this article is provided at the
 | Question | Answer |
 | --- | --- |
-| Must every hardware hash submitted by the OEM contain the SMBIOS UUID (universally unique identifier), MAC (media access control) address, and unique disk serial number (if using Windows 10, version 1703 and above OEM Activation 3.0 tool)?    | Yes. Since Windows Autopilot is based on the ability to uniquely identify devices applying for cloud configuration, it is critical to submit hardware hashes that meet the outlined requirement.   |
+| Must every hardware hash submitted by the OEM contain the SMBIOS UUID (universally unique identifier), MAC (media access control) address, and unique disk serial number (if using Windows 10 OEM Activation 3.0 tool)?    | Yes. Since Windows Autopilot is based on the ability to uniquely identify devices applying for cloud configuration, it is critical to submit hardware hashes that meet the outlined requirement.   |
 | What is the reason for needing the SMBIOS UUID, MAC Address, and Disk Serial Number in the hardware hash details?    | For creating the hardware hash, these are the fields that are needed to identify a device, as parts of the device are added or removed. Since we don’t have a unique identifier for Windows devices, this is the best logic to identify a device.    |
-| What is difference between OA3 hardware hash, 4K hardware hash, and Windows Autopilot hardware hash?    | None.  They’re different names for the same thing.  The Windows 10, 1703 version of the OA3 tool output is called the OA3 Hash, which is 4K in size, which is usable for the Windows Autopilot deployment scenario. Note: When using a non-1703 version OA3Tool, you get a different sized Hash, which may not be used for Windows Autopilot deployment.  |
+| What is difference between OA3 hardware hash, 4K hardware hash, and Windows Autopilot hardware hash?    | None.  They’re different names for the same thing.  The OA3 tool output is called the OA3 Hash, which is 4K in size, which is usable for the Windows Autopilot deployment scenario. Note: When using an older, unsupported Windows version OA3Tool, you get a different sized Hash, which may not be used for Windows Autopilot deployment.  |
 |  What is the thought around parts replacement and repair for the NIC (network interface controller) and Disk? Will the hardware hash become invalid?   |  Yes.  If you replace parts, you need to gather the new hardware hash, though it depends on what is replaced, and the characteristics of the parts. For example, if you replace the TPM or motherboard, it’s a new device and you must have new hardware hash. If you replace one network card, it’s probably not a new device, and the device will function with the old hardware hash.  However, as a best practice, you should assume the old hardware hash is invalid and get a new hardware hash after any hardware changes. This is recommended anytime you replace parts. |
 ## Motherboard replacement
@ -131,10 +131,8 @@ A [glossary](#glossary) of abbreviations used in this article is provided at the
 |Question|Answer
 |------------------|-----------------|
-|If I wipe the machine and restart, will I still receive Windows Autopilot?|Yes, if the device is still registered for Windows Autopilot and is running Windows 10, version 1703 7B and above releases, it will receive the Windows Autopilot experience.|
+|If I wipe the machine and restart, will I still receive Windows Autopilot?|Yes, if the device is still registered for Windows Autopilot and is running a supported version of Windows 10 semi-annual channel, it will receive the Windows Autopilot experience.|
-|Can I harvest the device fingerprint on existing machines?|Yes, if the device is running Windows 10, version 1703 and above, you can harvest device fingerprints for registration. There are no plans to backport the functionality to previous releases and no way to harvest them on pre-Windows 10, version 1703 devices that have not been updated to Windows 10, version 1703.|
+|Can I harvest the device fingerprint on existing machines?|Yes, if the device is running a supported version of Windows 10 semi-annual channel, you can harvest device fingerprints for registration. There are no plans to backport the functionality to legacy releases and no way to harvest them on devices running unsupported versions of Windows.|
 |What is Windows 10, version 1703 7B and why does it matter?| Windows 10, version 1703 7B is a Windows 10, version 1703 image bundled with cumulative updates. To receive Autopilot, clients must run Windows 10, version 1703 7B or later. These cumulative updates contain a critical fix for Autopilot. Consider the following:<br><br><I>Windows Autopilot will not apply its profiles to the machine unless Azure AD credentials match the expected Azure AD tenant. For the Windows 10, version 1703 release, it was assumed that would be determined by the domain name, so the domain name used to register (for example contoso.com) should match the domain name used to sign in (for example user@contoso.com). But what happens if your tenant has multiple domains (for example us.contoso.com, or fr.contoso.com)? Since these domain names do not match, the device will not be configured for Autopilot. However, both domains are part of the same Azure AD tenant, and as such it was determined the matching scheme was not useful. This was improved upon by making use of the tenant ID. By using the tenant ID, you can determine that if the user signs into a domain with a tenant matching the one they registered with, you can safely consider this to be a match. The fix for this problem already exists in Windows 10, version 1709 and was backported into the Windows 10, version 1703 7B release.</I>  <br><br>**Key takeaways**:  When using pre-Windows 10, version 1703 7B clients the user’s domain must match the domain they registered with. This functionality is found in Windows 10 version 1709 clients using build >= 16215, and Windows 10, version 1703 clients >= 7B. |
 |What is the impact of not updating to 7B?|See the detailed scenario described directly above.|
 |Is Windows Autopilot supported on other SKUs, for example, Surface Hub, HoloLens, Windows Mobile.|No, Windows Autopilot isn’t supported on other SKUs.|
 |Does Windows Autopilot work after MBR or image reinstallation?|Yes.|
 | Can machines that have reimaged a few times go through Autopilot? What does the error message "This user is not authorized to enroll" mean? Error code 801c0003. |There are limits to the number of devices a particular Azure AD user can enroll in Azure AD, as well as the number of devices that are supported per user in Intune.  (These are configurable but not infinite.)  You’ll run into this frequently if you reuse the devices, or even if you roll back to previous virtual machine snapshots.|
--- a/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md
+++ b/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md
@ -39,7 +39,7 @@ The following video provides an overview of the process:
 ## Prerequisites
 These are the things you'll need to complete this lab:
-<table><tr><td>Windows 10 installation media</td><td>Windows 10 Professional or Enterprise (ISO file), version 1703 or later is required. If you do not already have an ISO to use, a link is provided to download an <a href="https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise" data-raw-source="[evaluation version of Windows 10 Enterprise](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise)">evaluation version of Windows 10 Enterprise</a>.</td></tr>
+<table><tr><td>Windows 10 installation media</td><td>Windows 10 Professional or Enterprise (ISO file) for a supported version of Windows 10, semi-annual channel. If you do not already have an ISO to use, a link is provided to download an <a href="https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise" data-raw-source="[evaluation version of Windows 10 Enterprise](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise)">evaluation version of Windows 10 Enterprise</a>.</td></tr>
 <tr><td>Internet access</td><td>If you are behind a firewall, see the detailed <a href="windows-autopilot-requirements-network.md" data-raw-source="[networking requirements](windows-autopilot-requirements-network.md)">networking requirements</a>. Otherwise, just ensure that you have a connection to the Internet.</td></tr>
 <tr><td>Hyper-V or a physical device running Windows 10</td><td>The guide assumes that you will use a Hyper-V VM, and provides instructions to install and configure Hyper-V if needed. To use a physical device, skip the steps to install and configure Hyper-V.</td></tr>
 <tr><td>A Premium Intune account</td><td>This guide will describe how to obtain a free 30-day trial premium account that can be used to complete the lab.</td></tr></table>
--- a/windows/deployment/windows-autopilot/troubleshooting.md
+++ b/windows/deployment/windows-autopilot/troubleshooting.md
@ -80,9 +80,9 @@ On Windows 10 version 1709 and above, information about the Autopilot profile se
 | TenantMatched | This will be set to 1 if the tenant ID of the user matches the tenant ID that the device was registered with.  If this is 0, the user would be shown an error and forced to start over. |
 | CloudAssignedOobeConfig | This is a bitmap that shows which Autopilot settings were configured.  Values include: SkipCortanaOptIn = 1, OobeUserNotLocalAdmin = 2, SkipExpressSettings = 4, SkipOemRegistration = 8, SkipEula = 16 |
-### Windows 10 version 1703 and above
+### Windows 10 semi-annual channel supported versions
-On Windows 10 version 1703 and above, ETW tracing can be used to capture detailed information from Autopilot and related components.  The resulting ETW trace files can then be viewed using the Windows Performance Analyzer or similar tools.  See [the advanced troubleshooting blog](https://blogs.technet.microsoft.com/mniehaus/2017/12/13/troubleshooting-windows-autopilot-level-300400/) for more information.
+On devices running a [supported version](https://docs.microsoft.com/windows/release-information/) of Windows 10 semi-annual channel, ETW tracing can be used to capture detailed information from Autopilot and related components.  The resulting ETW trace files can then be viewed using the Windows Performance Analyzer or similar tools.  See [the advanced troubleshooting blog](https://blogs.technet.microsoft.com/mniehaus/2017/12/13/troubleshooting-windows-autopilot-level-300400/) for more information.
 ## Troubleshooting Azure AD Join issues
@ -106,7 +106,7 @@ When a profile is downloaded depends on the version of Windows 10 that is runnin
 | Windows 10 version | Profile download behavior |
 | --- | --- |
-| 1703 and 1709 | The profile is downloaded after the OOBE network connection page. This page is not displayed when using a wired connection. In this case, the profile is downloaded just prior to the EULA screen. |
+| 1709 | The profile is downloaded after the OOBE network connection page. This page is not displayed when using a wired connection. In this case, the profile is downloaded just prior to the EULA screen. |
 | 1803 | The profile is downloaded as soon as possible.  If wired, it is downloaded at the start of OOBE. If wireless, it is downloaded after the network connection page. |
 | 1809 | The profile is downloaded as soon as possible (same as 1803), and again after each reboot. |
--- a/windows/deployment/windows-autopilot/user-driven.md
+++ b/windows/deployment/windows-autopilot/user-driven.md
@ -28,7 +28,7 @@ Windows Autopilot user-driven mode is designed to enable new Windows 10 devices
 After completing those simple steps, the remainder of the process is completely automated, with the device being joined to the organization, enrolled in Intune (or another MDM service), and fully configured as defined by the organization.  Any additional prompts during the Out-of-Box Experience (OOBE) can be suppressed; see [Configuring Autopilot Profiles](profiles.md) for options that are available.
-Today, Windows Autopilot user-driven mode supports joining devices to Azure Active Directory.  Support for Hybrid Azure Active Directory Join (with devices joined to an on-premises Active Directory domain) will be available in a future Windows 10 release.  See [Introduction to device management in Azure Active Directory](https://docs.microsoft.com/azure/active-directory/device-management-introduction) for more information about the differences between these two join options.
+Today, Windows Autopilot user-driven mode supports Azure Active Directory and Hybrid Azure Active Directory joined devices.  See [What is a device identity](https://docs.microsoft.com/azure/active-directory/devices/overview) for more information about these two join options.
 ## Available user-driven modes
--- a/windows/deployment/windows-autopilot/windows-autopilot-requirements.md
+++ b/windows/deployment/windows-autopilot/windows-autopilot-requirements.md
@ -27,7 +27,7 @@ Windows Autopilot depends on specific capabilities available in Windows 10, Azur
 ## Software requirements
- Windows 10 version 1703 (semi-annual channel) or higher is required. 
+- A [supported version](https://docs.microsoft.com/windows/release-information/) of Windows 10 semi-annual channel is required. Windows 10 Enterprise 2019 long-term servicing channel (LTSC) is also supported.
 - The following editions are supported:
  - Windows 10 Pro
  - Windows 10 Pro Education
@ -36,6 +36,9 @@ Windows Autopilot depends on specific capabilities available in Windows 10, Azur
  - Windows 10 Education
  - Windows 10 Enterprise 2019 LTSC
 >[!NOTE]
 >Procedures for deploying Windows Autopilot might refer to specific products and versions. The inclusion of these products in this content doesn't imply an extension of support for a version that is beyond its support lifecycle. Windows Autopilot does not support products that are beyond their support lifecycle. For more information, see [Microsoft Lifecycle Policy](https://go.microsoft.com/fwlink/p/?LinkId=208270).
 ## Networking requirements
 Windows Autopilot depends on a variety of internet-based services. Access to these services must be provided for Autopilot to function properly. In the simplest case, enabling proper functionality can be achieved by ensuring the following:
--- a/windows/deployment/windows-autopilot/windows-autopilot.md
+++ b/windows/deployment/windows-autopilot/windows-autopilot.md
@ -58,7 +58,7 @@ From the IT pro's perspective, the only interaction required from the end user i
 ## Requirements
-Windows 10 version 1703 or higher is required to use Windows Autopilot. See [Windows Autopilot requirements](windows-autopilot-requirements.md) for detailed information on software, configuration, network, and licensing requirements.
+A [supported version](https://docs.microsoft.com/windows/release-information/) of Windows 10 semi-annual channel is required to use Windows Autopilot. Windows 10 Enterprise LTSC 2019 is also supported. See [Windows Autopilot requirements](windows-autopilot-requirements.md) for detailed information on software, configuration, network, and licensing requirements.
 ## Related topics
--- a/windows/privacy/diagnostic-data-viewer-overview.md
+++ b/windows/privacy/diagnostic-data-viewer-overview.md
@ -149,3 +149,22 @@ The **Review problem reports** tool opens, showing you your Windows Error Report
 ![View problem reports tool with report statuses](images/control-panel-problem-reports-screen.png)
 ## Known Issues with Diagnostic Data Viewer
 ### Microsoft Edge diagnostic data appearing as a blob of text
 **Applicable to:** The new Microsoft Edge (v. 79.x.x.x or higher)
 **Issue:** In some cases, diagnostic data collected and sent from the New Microsoft Edge fails to be translated by the decoder, which makes that data appear as blobs of text in the Diagnostic Data Viewer. We are working on a fix for this issue.
 **Workaround:**
 - Restart your computer and open Diagnostic Data Viewer.
 *OR*
 - Restart the *DiagTrack* service, through the Services tab in task manager, and open Diagnostic Data Viewer.
 **Background:** Some of the diagnostic data collected from the new Microsoft Edge is sent using a protobuf format to reduce network bandwidth and to improve data transfer efficiency. Diagnostic Data Viewer has decoding capability to translate this protobuf format into readable text. Due to a bug, sometimes the decoder fails to translate these protobuf messages and hence some of the Microsoft Edge diagnostic data will appear as blob of text.
 Microsoft Edge sends a set of required data about your device, its settings and capabilities when the the “Basic” setting is set in Windows 10 (operating system) settings. This data is used to determine whether Microsoft Edge is up to date, secure and performing properly.  Microsoft Edge usage data, and data about the sites you visit, is collected as part of Windows 10 Diagnostic Data when the "Full" setting is set in Windows 10 (operating system) settings. This data is used to keep Windows secure and up-to-date, troubleshoot problems, and make product improvements. The diagnostic data collected by Microsoft Edge can be viewed using Windows Diagnostic Data viewer.
--- a/windows/release-information/resolved-issues-windows-10-1607.yml
+++ b/windows/release-information/resolved-issues-windows-10-1607.yml
@ -32,6 +32,7 @@ sections:
  - type: markdown
    text: "
      <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
      <tr><td><div id='61msg'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><br>Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.<br><br><a href = '#61msgdesc'>See details ></a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
      <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>OS Build 14393.3206<br><br>September 23, 2019<br><a href ='https://support.microsoft.com/help/4522010' target='_blank'>KB4522010</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519998' target='_blank'>KB4519998</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
      <tr><td><div id='336msg'></div><b>IME may become unresponsive or have High CPU usage</b><br>Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.<br><br><a href = '#336msgdesc'>See details ></a></td><td>OS Build 14393.3204<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516044' target='_blank'>KB4516044</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>September 17, 2019 <br>04:47 PM PT</td></tr>
      <tr><td><div id='301msg'></div><b>Apps and scripts using the NetQueryDisplayInformation API may fail with error</b><br>Applications and scripts that call NetQueryDisplayInformation may fail to return results after the first page of data.<br><br><a href = '#301msgdesc'>See details ></a></td><td>OS Build 14393.3053<br><br>June 18, 2019<br><a href ='https://support.microsoft.com/help/4503294' target='_blank'>KB4503294</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4516044' target='_blank'>KB4516044</a></td><td>September 10, 2019 <br>10:00 AM PT</td></tr>
@ -40,8 +41,6 @@ sections:
      <tr><td><div id='315msg'></div><b>Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error</b><br>Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.<br><br><a href = '#315msgdesc'>See details ></a></td><td>OS Build 14393.3144<br><br>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512517' target='_blank'>KB4512517</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512495' target='_blank'>KB4512495</a></td><td>August 17, 2019 <br>02:00 PM PT</td></tr>
      <tr><td><div id='256msg'></div><b>Internet Explorer 11 and apps using the WebBrowser control may fail to render</b><br>JavaScript may fail to render as expected in IE11 and in apps using JavaScript or the WebBrowser control.<br><br><a href = '#256msgdesc'>See details ></a></td><td>OS Build 14393.3085<br><br>July 09, 2019<br><a href ='https://support.microsoft.com/help/4507460' target='_blank'>KB4507460</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512517' target='_blank'>KB4512517</a></td><td>August 13, 2019 <br>10:00 AM PT</td></tr>
      <tr><td><div id='306msg'></div><b>MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices</b><br>You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.<br><br><a href = '#306msgdesc'>See details ></a></td><td>OS Build 14393.3025<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503267' target='_blank'>KB4503267</a></td><td>Resolved External<br></td><td>August 09, 2019 <br>07:03 PM PT</td></tr>
      <tr><td><div id='53msg'></div><b>SCVMM cannot enumerate and manage logical switches deployed on the host</b><br>System Center Virtual Machine Manager cannot enumerate and manage logical switches deployed on managed hosts.<br><br><a href = '#53msgdesc'>See details ></a></td><td>OS Build 14393.2639<br><br>November 27, 2018<br><a href ='https://support.microsoft.com/help/4467684' target='_blank'>KB4467684</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4507459' target='_blank'>KB4507459</a></td><td>July 16, 2019 <br>10:00 AM PT</td></tr>
      <tr><td><div id='240msg'></div><b>Some applications may fail to run as expected on clients of AD FS 2016</b><br>Some applications may fail to run as expected on clients of Active Directory Federation Services 2016 (AD FS 2016)<br><br><a href = '#240msgdesc'>See details ></a></td><td>OS Build 14393.2941<br><br>April 25, 2019<br><a href ='https://support.microsoft.com/help/4493473' target='_blank'>KB4493473</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4507459' target='_blank'>KB4507459</a></td><td>July 16, 2019 <br>10:00 AM PT</td></tr>
      </table>
      "
@ -85,20 +84,11 @@ sections:
      </table>
      "
 - title: June 2019
 - items:
  - type: markdown
    text: "
      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='240msgdesc'></div><b>Some applications may fail to run as expected on clients of AD FS 2016</b><div>Some applications may fail to run as expected on clients of Active Directory Federation Services 2016 (AD FS 2016) after installation of <a href='https://support.microsoft.com/help/4493473' target='_blank'>KB4493473</a> on the server. Applications that may exhibit&nbsp;this behavior use an <strong>IFRAME </strong>during non-interactive authentication requests and receive <strong>X-Frame Options </strong>set to<strong> </strong>DENY.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in&nbsp;<a href='https://support.microsoft.com/help/4507459' target='_blank'>KB4507459</a>.</div><br><a href ='#240msg'>Back to top</a></td><td>OS Build 14393.2941<br><br>April 25, 2019<br><a href ='https://support.microsoft.com/help/4493473' target='_blank'>KB4493473</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4507459' target='_blank'>KB4507459</a></td><td>Resolved:<br>July 16, 2019 <br>10:00 AM PT<br><br>Opened:<br>June 04, 2019 <br>05:55 PM PT</td></tr>
      </table>
      "
 - title: November 2018
 - items:
  - type: markdown
    text: "
      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='53msgdesc'></div><b>SCVMM cannot enumerate and manage logical switches deployed on the host</b><div>For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host after installing <a href=\"https://support.microsoft.com/help/4467684\" target=\"_blank\">KB4467684</a>.</div><div><br></div><div>Additionally, if you do not follow the best practices, a stop error may occur in vfpext.sys on the hosts.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in <a href='https://support.microsoft.com/help/4507459' target='_blank'>KB4507459</a>.</div><br><a href ='#53msg'>Back to top</a></td><td>OS Build 14393.2639<br><br>November 27, 2018<br><a href ='https://support.microsoft.com/help/4467684' target='_blank'>KB4467684</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4507459' target='_blank'>KB4507459</a></td><td>Resolved:<br>July 16, 2019 <br>10:00 AM PT<br><br>Opened:<br>November 27, 2018 <br>10:00 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='61msgdesc'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><div>After installing <a href=\"https://support.microsoft.com/help/4467691\" rel=\"noopener noreferrer\" target=\"_blank\">KB4467691</a>, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround:</strong> Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.</div><div><br></div><div>If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.</div><div><br></div><div><strong>Resolution:</strong> Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.</div><br><a href ='#61msg'>Back to top</a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>Last updated:<br>January 23, 2020 <br>02:08 PM PT<br><br>Opened:<br>November 13, 2018 <br>10:00 AM PT</td></tr>
      </table>
      "
--- a/windows/release-information/resolved-issues-windows-10-1709.yml
+++ b/windows/release-information/resolved-issues-windows-10-1709.yml
@ -32,6 +32,7 @@ sections:
  - type: markdown
    text: "
      <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 16299.1387<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516066' target='_blank'>KB4516066</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534318' target='_blank'>KB4534318</a></td><td>January 23, 2020 <br>02:00 PM PT</td></tr>
      <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>OS Build 16299.1392<br><br>September 23, 2019<br><a href ='https://support.microsoft.com/help/4522012' target='_blank'>KB4522012</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520004' target='_blank'>KB4520004</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
      <tr><td><div id='336msg'></div><b>IME may become unresponsive or have High CPU usage</b><br>Some Input Method Editor (IME) including ChsIME.EXE and ChtIME.EXE, may become unresponsive or may have high CPU usage.<br><br><a href = '#336msgdesc'>See details ></a></td><td>OS Build 16299.1387<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516066' target='_blank'>KB4516066</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>September 19, 2019 <br>04:08 PM PT</td></tr>
      <tr><td><div id='255msg'></div><b>Domain connected devices that use MIT Kerberos realms will not start up</b><br>Devices may not start after updating when connected to a domain that is configured to use MIT Kerberos realms.<br><br><a href = '#255msgdesc'>See details ></a></td><td>OS Build 16299.1296<br><br>July 16, 2019<br><a href ='https://support.microsoft.com/help/4507465' target='_blank'>KB4507465</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512516' target='_blank'>KB4512516</a></td><td>August 13, 2019 <br>10:00 AM PT</td></tr>
@ -48,6 +49,15 @@ sections:
        <div>
        </div> 
      "
 - title: October 2019
 - items:
  - type: markdown
    text: "
      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in <a href='https://support.microsoft.com/help/4534318' target='_blank'>KB4534318</a>.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 16299.1387<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516066' target='_blank'>KB4516066</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534318' target='_blank'>KB4534318</a></td><td>Resolved:<br>January 23, 2020 <br>02:00 PM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
      </table>
      "
 - title: September 2019
 - items:
  - type: markdown
--- a/windows/release-information/resolved-issues-windows-10-1803.yml
+++ b/windows/release-information/resolved-issues-windows-10-1803.yml
@ -32,6 +32,7 @@ sections:
  - type: markdown
    text: "
      <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 17134.1006<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516058' target='_blank'>KB4516058</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534308' target='_blank'>KB4534308</a></td><td>January 23, 2020 <br>02:00 PM PT</td></tr>
      <tr><td><div id='330msg'></div><b>Windows Mixed Reality Portal users may intermittently receive a 15-5 error code</b><br>You may receive a 15-5 error code in Windows Mixed Reality Portal and your headset may not wake up from sleep.<br><br><a href = '#330msgdesc'>See details ></a></td><td>OS Build 17134.950<br><br>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512501' target='_blank'>KB4512501</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519978' target='_blank'>KB4519978</a></td><td>October 15, 2019 <br>10:00 AM PT</td></tr>
      <tr><td><div id='244msg'></div><b>Startup to a black screen after installing updates</b><br>Your device may startup to a black screen during the first logon after installing updates.<br><br><a href = '#244msgdesc'>See details ></a></td><td>OS Build 17134.829<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503286' target='_blank'>KB4503286</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519978' target='_blank'>KB4519978</a></td><td>October 15, 2019 <br>10:00 AM PT</td></tr>
      <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>OS Build 17134.1009<br><br>September 23, 2019<br><a href ='https://support.microsoft.com/help/4522014' target='_blank'>KB4522014</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520008' target='_blank'>KB4520008</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
@ -51,6 +52,15 @@ sections:
        <div>
        </div> 
      "
 - title: October 2019
 - items:
  - type: markdown
    text: "
      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in <a href='https://support.microsoft.com/help/4534308' target='_blank'>KB4534308</a>.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 17134.1006<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516058' target='_blank'>KB4516058</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534308' target='_blank'>KB4534308</a></td><td>Resolved:<br>January 23, 2020 <br>02:00 PM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
      </table>
      "
 - title: September 2019
 - items:
  - type: markdown
--- a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml
+++ b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml
@ -32,6 +32,7 @@ sections:
  - type: markdown
    text: "
      <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 17763.737<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4512578' target='_blank'>KB4512578</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534321' target='_blank'>KB4534321</a></td><td>January 23, 2020 <br>02:00 PM PT</td></tr>
      <tr><td><div id='360msg'></div><b>Microsoft Defender Advanced Threat Protection might stop running</b><br>The Microsoft Defender ATP service might stop running and might fail to send reporting data.<br><br><a href = '#360msgdesc'>See details ></a></td><td>OS Build 17763.832<br><br>October 15, 2019<br><a href ='https://support.microsoft.com/help/4520062' target='_blank'>KB4520062</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4523205' target='_blank'>KB4523205</a></td><td>November 12, 2019 <br>10:00 AM PT</td></tr>
      <tr><td><div id='330msg'></div><b>Windows Mixed Reality Portal users may intermittently receive a 15-5 error code</b><br>You may receive a 15-5 error code in Windows Mixed Reality Portal and your headset may not wake up from sleep.<br><br><a href = '#330msgdesc'>See details ></a></td><td>OS Build 17763.678<br><br>August 13, 2019<br><a href ='https://support.microsoft.com/help/4511553' target='_blank'>KB4511553</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520062' target='_blank'>KB4520062</a></td><td>October 15, 2019 <br>10:00 AM PT</td></tr>
      <tr><td><div id='244msg'></div><b>Startup to a black screen after installing updates</b><br>Your device may startup to a black screen during the first logon after installing updates.<br><br><a href = '#244msgdesc'>See details ></a></td><td>OS Build 17763.557<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503327' target='_blank'>KB4503327</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520062' target='_blank'>KB4520062</a></td><td>October 15, 2019 <br>10:00 AM PT</td></tr>
@ -57,6 +58,7 @@ sections:
  - type: markdown
    text: "
      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in <a href='https://support.microsoft.com/help/4534321' target='_blank'>KB4534321</a>.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 17763.737<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4512578' target='_blank'>KB4512578</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534321' target='_blank'>KB4534321</a></td><td>Resolved:<br>January 23, 2020 <br>02:00 PM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='360msgdesc'></div><b>Microsoft Defender Advanced Threat Protection might stop running</b><div>After installing the optional non-security&nbsp;update (<a href='https://support.microsoft.com/help/4520062' target='_blank'>KB4520062</a>), the Microsoft Defender Advanced Threat Protection (ATP) service might stop running and might fail to send reporting data. You might also receive a&nbsp;0xc0000409 error in <strong>Event Viewer</strong> on MsSense.exe.</div><div><br></div><div><strong>Note</strong> Microsoft Windows Defender Antivirus is not affected by this issue.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019</li><li>Server: Windows Server, version 1809; Windows Server 2019</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in <a href='https://support.microsoft.com/help/4523205' target='_blank'>KB4523205</a>.</div><br><a href ='#360msg'>Back to top</a></td><td>OS Build 17763.832<br><br>October 15, 2019<br><a href ='https://support.microsoft.com/help/4520062' target='_blank'>KB4520062</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4523205' target='_blank'>KB4523205</a></td><td>Resolved:<br>November 12, 2019 <br>10:00 AM PT<br><br>Opened:<br>October 17, 2019 <br>05:14 PM PT</td></tr>
      </table>
      "
--- a/windows/release-information/resolved-issues-windows-10-1903.yml
+++ b/windows/release-information/resolved-issues-windows-10-1903.yml
@ -37,7 +37,6 @@ sections:
      <tr><td><div id='225msg'></div><b>Unable to discover or connect to Bluetooth devices using some Realtek adapters</b><br>Microsoft has identified compatibility issues with some versions of Realtek Bluetooth radio drivers.<br><br><a href = '#225msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved External<br></td><td>November 15, 2019 <br>05:59 PM PT</td></tr>
      <tr><td><div id='317msg'></div><b>Updates may fail to install and you may receive Error 0x80073701</b><br>Installation of updates may fail and you may receive error code 0x80073701.<br><br><a href = '#317msgdesc'>See details ></a></td><td>OS Build 18362.145<br><br>May 29, 2019<br><a href ='https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>November 12, 2019 <br>08:11 AM PT</td></tr>
      <tr><td><div id='228msg'></div><b>Intel Audio displays an intcdaud.sys notification</b><br>Devices with a range of Intel Display Audio device drivers may experience battery drain.<br><br><a href = '#228msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved External<br></td><td>November 12, 2019 <br>08:04 AM PT</td></tr>
      <tr><td><div id='226msg'></div><b>Gamma ramps, color profiles, and night light settings do not apply in some cases</b><br>Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.<br><br><a href = '#226msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a></td><td>July 26, 2019 <br>02:00 PM PT</td></tr>
      <tr><td><div id='358msg'></div><b>Unable to discover or connect to Bluetooth devices using some Qualcomm adapters</b><br>Microsoft has identified compatibility issues with some versions of Qualcomm Bluetooth radio drivers.<br><br><a href = '#358msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4517389' target='_blank'>KB4517389</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
      <tr><td><div id='338msg'></div><b>Safeguard on certain devices with some Intel and Broadcom Wi-Fi adapters</b><br>Some devices with Intel Centrino 6205/6235 and Broadcom 802.11ac Wi-Fi cards may experience compatibility issues.<br><br><a href = '#338msgdesc'>See details ></a></td><td>N/A <br><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4522355' target='_blank'>KB4522355</a></td><td>October 24, 2019 <br>10:00 AM PT</td></tr>
      <tr><td><div id='248msg'></div><b>dGPU occasionally disappear from device manager on Surface Book 2</b><br>Some apps or games may close or fail to open on Surface Book 2 devices with Nvidia dGPU.<br><br><a href = '#248msgdesc'>See details ></a></td><td>OS Build 18362.145<br><br>May 29, 2019<br><a href ='https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>October 18, 2019 <br>04:33 PM PT</td></tr>
@ -54,8 +53,6 @@ sections:
      <tr><td><div id='236msg'></div><b>Windows Sandbox may fail to start with error code “0x80070002”</b><br>Windows Sandbox may fail to start on devices in which the operating system language was changed between updates.<br><br><a href = '#236msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512941' target='_blank'>KB4512941</a></td><td>August 30, 2019 <br>10:00 AM PT</td></tr>
      <tr><td><div id='252msg'></div><b>Devices starting using PXE from a WDS or SCCM servers may fail to start</b><br>Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"<br><br><a href = '#252msgdesc'>See details ></a></td><td>OS Build 18362.175<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503293' target='_blank'>KB4503293</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512941' target='_blank'>KB4512941</a></td><td>August 30, 2019 <br>10:00 AM PT</td></tr>
      <tr><td><div id='306msg'></div><b>MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices</b><br>You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.<br><br><a href = '#306msgdesc'>See details ></a></td><td>OS Build 18362.175<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503293' target='_blank'>KB4503293</a></td><td>Resolved External<br></td><td>August 09, 2019 <br>07:03 PM PT</td></tr>
      <tr><td><div id='227msg'></div><b>Display brightness may not respond to adjustments</b><br>Devices configured with certain Intel display drivers may experience a driver compatibility issue.<br><br><a href = '#227msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a></td><td>July 26, 2019 <br>02:00 PM PT</td></tr>
      <tr><td><div id='249msg'></div><b>RASMAN service may stop working and result in the error “0xc0000005”</b><br>The RASMAN service may stop working with VPN profiles configured as an Always On VPN connection.<br><br><a href = '#249msgdesc'>See details ></a></td><td>OS Build 18362.145<br><br>May 29, 2019<br><a href ='https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a></td><td>July 26, 2019 <br>02:00 PM PT</td></tr>
      </table>
      "
@ -116,15 +113,6 @@ sections:
      </table>
      "
 - title: June 2019
 - items:
  - type: markdown
    text: "
      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='249msgdesc'></div><b>RASMAN service may stop working and result in the error “0xc0000005”</b><div>The Remote Access Connection Manager (RASMAN) service may stop working and you may receive the error “0xc0000005” on devices where the diagnostic data level is manually configured to the non-default setting of 0.&nbsp;You may also receive an error in the<strong> Application section </strong>of <strong>Windows Logs</strong> <strong>in</strong>&nbsp;<strong>Event Viewer&nbsp;</strong>with Event ID 1000 referencing “svchost.exe_RasMan” and “rasman.dll”.</div><div><br></div><div>This issue only occurs when a VPN profile is configured as an Always On VPN (AOVPN) connection with or without device tunnel. This does not affect manual only VPN profiles or connections.</div><div><br></div><div><strong>Affected platforms</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in <a href='https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a>.</div><br><a href ='#249msg'>Back to top</a></td><td>OS Build 18362.145<br><br>May 29, 2019<br><a href ='https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a></td><td>Resolved:<br>July 26, 2019 <br>02:00 PM PT<br><br>Opened:<br>June 28, 2019 <br>05:01 PM PT</td></tr>
      </table>
      "
 - title: May 2019
 - items:
  - type: markdown
@ -133,8 +121,6 @@ sections:
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='231msgdesc'></div><b>Intermittent loss of Wi-Fi connectivity</b><div>Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available from your device manufacturer (OEM).</div><div><br></div><div>To safeguard your upgrade experience, we have applied a hold on devices with affected Qualcomm driver from being offered Windows 10, version 1903 or Windows 10, version 1909, until&nbsp;the updated driver is installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903</li></ul><div></div><div><strong>Resolution:&nbsp;</strong>This issue was resolved with an updated Qualcomm Wifi driver and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1909 or Windows 10, version 1903.</div><br><a href ='#231msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved External<br></td><td>Last updated:<br>November 22, 2019 <br>04:10 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:13 AM PT</td></tr>
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='225msgdesc'></div><b>Unable to discover or connect to Bluetooth devices using some Realtek adapters</b><div>Microsoft has identified compatibility issues with some driver versions for Bluetooth radios made by Realtek. To safeguard your update experience, we have applied a compatibility hold on devices with affected driver versions for Realtek Bluetooth radios from being offered Windows 10, version 1903 or Windows Server, version 1903 until the driver has been updated.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903</li><li>Server: Windows 10, version 1909; Windows Server, version 1903</li></ul><div></div><div><strong>Resolution:&nbsp;</strong>This issue was resolved with an updated driver for the affected Realtek Bluetooth radio and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1909 or Windows 10, version 1903.</div><br><a href ='#225msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved External<br></td><td>Last updated:<br>November 15, 2019 <br>05:59 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:29 AM PT</td></tr>
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='228msgdesc'></div><b>Intel Audio displays an intcdaud.sys notification</b><div>Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in higher than normal battery drain.&nbsp;If you see an <strong>intcdaud.sys</strong> notification or “What needs your attention” notification when trying to update to Windows 10, version 1903, you have an affected Intel Audio Display device driver installed on your machine (intcdaud.sys, versions 10.25.0.3 through 10.25.0.8).</div><div>&nbsp;&nbsp;</div><div>To safeguard your update experience, we have applied a compatibility hold on devices with drivers from being offered Windows 10, version 1903 until&nbsp;updated device drivers have been installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809</li></ul><div></div><div><strong>Resolution:&nbsp;</strong>This issue was resolved with updated drivers from your device manufacturer (OEM) or Intel. The safeguard hold has been removed.</div><div><br></div><div><strong>Note </strong>If you are still experiencing the issue described, please contact your device manufacturer (OEM).</div><br><a href ='#228msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved External<br></td><td>Last updated:<br>November 12, 2019 <br>08:04 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:22 AM PT</td></tr>
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='226msgdesc'></div><b>Gamma ramps, color profiles, and night light settings do not apply in some cases</b><div>Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.</div><div><br></div><div>Microsoft has identified some scenarios in which these features may have issues or stop working, for example:</div><ul><li>Connecting to (or disconnecting from) an external monitor, dock, or projector</li><li>Rotating the screen</li><li>Updating display drivers or making other display mode changes</li><li>Closing full screen applications</li><li>Applying custom color profiles</li><li>Running applications that rely on custom gamma ramps</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Resolution:&nbsp;</strong>This issue was resolved in&nbsp;<a href='https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a> and the safeguard hold has been removed.</div><br><a href ='#226msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a></td><td>Resolved:<br>July 26, 2019 <br>02:00 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:28 AM PT</td></tr>
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='236msgdesc'></div><b>Windows Sandbox may fail to start with error code “0x80070002”</b><div>Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language is changed during the update process when installing Windows 10, version 1903.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in <a href='https://support.microsoft.com/help/4512941' target='_blank'>KB4512941</a>.</div><br><a href ='#236msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512941' target='_blank'>KB4512941</a></td><td>Resolved:<br>August 30, 2019 <br>10:00 AM PT<br><br>Opened:<br>May 24, 2019 <br>04:20 PM PT</td></tr>
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='227msgdesc'></div><b>Display brightness may not respond to adjustments</b><div>Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers. After updating to Windows 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.</div><div><br></div><div>To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Resolution:&nbsp;</strong>This issue was resolved in <a href='https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a> and the safeguard hold has been removed. Please ensure you have applied the resolving update before attempting to update to the Windows 10 May 2019 Update (version 1903). Please note, it can take up to 48 hours for the safeguard to be removed.</div><br><a href ='#227msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a></td><td>Resolved:<br>July 26, 2019 <br>02:00 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:56 AM PT</td></tr>
      </table>
      "
--- a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
+++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
@ -32,6 +32,7 @@ sections:
  - type: markdown
    text: "
      <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
      <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>September 24, 2019<br><a href ='https://support.microsoft.com/help/4516048' target='_blank'>KB4516048</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
      <tr><td><div id='329msg'></div><b>You may receive an error when opening or using the Toshiba Qosmio AV Center</b><br>Toshiba Qosmio AV Center may error when opening and you may also receive an error in Event Log related to cryptnet.dll.<br><br><a href = '#329msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4516048' target='_blank'>KB4516048</a></td><td>September 24, 2019 <br>10:00 AM PT</td></tr>
      <tr><td><div id='307msg'></div><b>Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV</b><br>Windows updates that are SHA-2 signed are not available with Symantec or Norton antivirus program installed<br><br><a href = '#307msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Resolved External<br></td><td>August 27, 2019 <br>02:29 PM PT</td></tr>
@ -49,6 +50,15 @@ sections:
        <div>
        </div> 
      "
 - title: November 2019
 - items:
  - type: markdown
    text: "
      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>02:08 PM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
      </table>
      "
 - title: September 2019
 - items:
  - type: markdown
--- a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml
+++ b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml
@ -32,6 +32,7 @@ sections:
  - type: markdown
    text: "
      <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
      <tr><td><div id='327msg'></div><b>Issues manually installing updates by double-clicking the .msu file</b><br>You may encounter issues manually installing updates by double-clicking the .msu file and may receive an error.<br><br><a href = '#327msgdesc'>See details ></a></td><td>September 10, 2019<br><a href ='https://support.microsoft.com/help/4474419' target='_blank'>KB4474419</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4474419' target='_blank'>KB4474419</a></td><td>September 23, 2019 <br>10:00 AM PT</td></tr>
      <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>September 24, 2019<br><a href ='https://support.microsoft.com/help/4516030' target='_blank'>KB4516030</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520002' target='_blank'>KB4520002</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
      <tr><td><div id='252msg'></div><b>Devices starting using PXE from a WDS or SCCM servers may fail to start</b><br>Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"<br><br><a href = '#252msgdesc'>See details ></a></td><td>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503273' target='_blank'>KB4503273</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4512499' target='_blank'>KB4512499</a></td><td>August 17, 2019 <br>02:00 PM PT</td></tr>
@ -47,6 +48,15 @@ sections:
        <div>
        </div> 
      "
 - title: November 2019
 - items:
  - type: markdown
    text: "
      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>02:08 PM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
      </table>
      "
 - title: September 2019
 - items:
  - type: markdown
--- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
+++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
@ -60,9 +60,9 @@ sections:
  - type: markdown
    text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
      <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
      <tr><td><div id='61msg'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><br>Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.<br><br><a href = '#61msgdesc'>See details ></a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
      <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 14393.3274<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519998' target='_blank'>KB4519998</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
      <tr><td><div id='195msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#195msgdesc'>See details ></a></td><td>OS Build 14393.2724<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480961' target='_blank'>KB4480961</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
      <tr><td><div id='61msg'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><br>Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.<br><br><a href = '#61msgdesc'>See details ></a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>February 19, 2019 <br>10:00 AM PT</td></tr>
      <tr><td><div id='36msg'></div><b>Cluster service may fail if the minimum password length is set to greater than 14</b><br>The cluster service may fail to start if “Minimum Password Length” is configured with greater than 14 characters.<br><br><a href = '#36msgdesc'>See details ></a></td><td>OS Build 14393.2639<br><br>November 27, 2018<br><a href ='https://support.microsoft.com/help/4467684' target='_blank'>KB4467684</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
      </table>
      "
@ -97,7 +97,7 @@ sections:
  - type: markdown
    text: "
      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='61msgdesc'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><div>After installing <a href=\"https://support.microsoft.com/help/4467691\" target=\"_blank\">KB4467691</a>, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround:</strong> Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.</div><div><br></div><div>If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.</div><div><br></div><div><strong>Next steps:</strong> Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.</div><br><a href ='#61msg'>Back to top</a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>February 19, 2019 <br>10:00 AM PT<br><br>Opened:<br>November 13, 2018 <br>10:00 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='61msgdesc'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><div>After installing <a href=\"https://support.microsoft.com/help/4467691\" rel=\"noopener noreferrer\" target=\"_blank\">KB4467691</a>, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround:</strong> Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.</div><div><br></div><div>If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.</div><div><br></div><div><strong>Resolution:</strong> Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.</div><br><a href ='#61msg'>Back to top</a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Resolved External<br></td><td>Last updated:<br>January 23, 2020 <br>02:08 PM PT<br><br>Opened:<br>November 13, 2018 <br>10:00 AM PT</td></tr>
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='36msgdesc'></div><b>Cluster service may fail if the minimum password length is set to greater than 14</b><div>After installing <a href=\"https://support.microsoft.com/help/4467684\" target=\"_blank\">KB4467684</a>, the cluster service may fail to start with the error \"2245 (NERR_PasswordTooShort)\" if the Group Policy \"Minimum Password Length\" is configured with greater than 14 characters.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround:</strong> Set the domain default \"Minimum Password Length\" policy to less than or equal to 14 characters.</div><div><br></div><div><strong>Next steps:</strong> Microsoft is working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#36msg'>Back to top</a></td><td>OS Build 14393.2639<br><br>November 27, 2018<br><a href ='https://support.microsoft.com/help/4467684' target='_blank'>KB4467684</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>April 25, 2019 <br>02:00 PM PT<br><br>Opened:<br>November 27, 2018 <br>10:00 AM PT</td></tr>
      </table>
      "
--- a/windows/release-information/status-windows-10-1709.yml
+++ b/windows/release-information/status-windows-10-1709.yml
@ -60,7 +60,7 @@ sections:
  - type: markdown
    text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
      <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 16299.1387<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516066' target='_blank'>KB4516066</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>November 12, 2019 <br>08:05 AM PT</td></tr>
+      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 16299.1387<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516066' target='_blank'>KB4516066</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534318' target='_blank'>KB4534318</a></td><td>January 23, 2020 <br>02:00 PM PT</td></tr>
      <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 16299.1451<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520004' target='_blank'>KB4520004</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
      <tr><td><div id='193msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#193msgdesc'>See details ></a></td><td>OS Build 16299.904<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480978' target='_blank'>KB4480978</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
      </table>
@ -87,7 +87,7 @@ sections:
  - type: markdown
    text: "
      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Workaround: </strong>To mitigate this issue, set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. Once the OOBE is done and you are at the desktop, you can rename the current user using <a href=\"https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc725595(v=ws.11)\" rel=\"noopener noreferrer\" target=\"_blank\">these instructions</a>. If you prefer to create a new local user, see <a href=\"https://support.microsoft.com/help/4026923\" rel=\"noopener noreferrer\" target=\"_blank\">KB4026923</a>.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 16299.1387<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516066' target='_blank'>KB4516066</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>November 12, 2019 <br>08:05 AM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in <a href='https://support.microsoft.com/help/4534318' target='_blank'>KB4534318</a>.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 16299.1387<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516066' target='_blank'>KB4516066</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534318' target='_blank'>KB4534318</a></td><td>Resolved:<br>January 23, 2020 <br>02:00 PM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
      </table>
      "
--- a/windows/release-information/status-windows-10-1803.yml
+++ b/windows/release-information/status-windows-10-1803.yml
@ -64,7 +64,7 @@ sections:
  - type: markdown
    text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
      <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 17134.1006<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516058' target='_blank'>KB4516058</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>November 12, 2019 <br>08:05 AM PT</td></tr>
+      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 17134.1006<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516058' target='_blank'>KB4516058</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534308' target='_blank'>KB4534308</a></td><td>January 23, 2020 <br>02:00 PM PT</td></tr>
      <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 17134.1069<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520008' target='_blank'>KB4520008</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
      <tr><td><div id='192msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#192msgdesc'>See details ></a></td><td>OS Build 17134.523<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480966' target='_blank'>KB4480966</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
      </table>
@ -91,7 +91,7 @@ sections:
  - type: markdown
    text: "
      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Workaround: </strong>To mitigate this issue, set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. Once the OOBE is done and you are at the desktop, you can rename the current user using <a href=\"https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc725595(v=ws.11)\" rel=\"noopener noreferrer\" target=\"_blank\">these instructions</a>. If you prefer to create a new local user, see <a href=\"https://support.microsoft.com/help/4026923\" rel=\"noopener noreferrer\" target=\"_blank\">KB4026923</a>.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 17134.1006<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516058' target='_blank'>KB4516058</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>November 12, 2019 <br>08:05 AM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in <a href='https://support.microsoft.com/help/4534308' target='_blank'>KB4534308</a>.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 17134.1006<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516058' target='_blank'>KB4516058</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534308' target='_blank'>KB4534308</a></td><td>Resolved:<br>January 23, 2020 <br>02:00 PM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
      </table>
      "
--- a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
+++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
@ -64,7 +64,7 @@ sections:
  - type: markdown
    text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
      <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 17763.737<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4512578' target='_blank'>KB4512578</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>November 12, 2019 <br>08:05 AM PT</td></tr>
+      <tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 17763.737<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4512578' target='_blank'>KB4512578</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534321' target='_blank'>KB4534321</a></td><td>January 23, 2020 <br>02:00 PM PT</td></tr>
      <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 17763.805<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519338' target='_blank'>KB4519338</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
      <tr><td><div id='211msg'></div><b>Devices with some Asian language packs installed may receive an error</b><br>Devices with Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.\"<br><br><a href = '#211msgdesc'>See details ></a></td><td>OS Build 17763.437<br><br>April 09, 2019<br><a href ='https://support.microsoft.com/help/4493509' target='_blank'>KB4493509</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 03, 2019 <br>10:59 AM PT</td></tr>
      <tr><td><div id='191msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail </b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#191msgdesc'>See details ></a></td><td>OS Build 17763.253<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480116' target='_blank'>KB4480116</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 09, 2019 <br>10:00 AM PT</td></tr>
@ -92,7 +92,7 @@ sections:
  - type: markdown
    text: "
      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Workaround: </strong>To mitigate this issue, set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. Once the OOBE is done and you are at the desktop, you can rename the current user using <a href=\"https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc725595(v=ws.11)\" rel=\"noopener noreferrer\" target=\"_blank\">these instructions</a>. If you prefer to create a new local user, see <a href=\"https://support.microsoft.com/help/4026923\" rel=\"noopener noreferrer\" target=\"_blank\">KB4026923</a>.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 17763.737<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4512578' target='_blank'>KB4512578</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>November 12, 2019 <br>08:05 AM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='348msgdesc'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><div>When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.</div><div><br></div><div><strong>Note</strong> This issue does not affect using a Microsoft Account during OOBE.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709</li><li>Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in <a href='https://support.microsoft.com/help/4534321' target='_blank'>KB4534321</a>.</div><br><a href ='#348msg'>Back to top</a></td><td>OS Build 17763.737<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4512578' target='_blank'>KB4512578</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4534321' target='_blank'>KB4534321</a></td><td>Resolved:<br>January 23, 2020 <br>02:00 PM PT<br><br>Opened:<br>October 29, 2019 <br>05:15 PM PT</td></tr>
      </table>
      "
--- a/windows/release-information/status-windows-10-1909.yml
+++ b/windows/release-information/status-windows-10-1909.yml
@ -21,7 +21,7 @@ sections:
      Find information on known issues and the status of the rollout for Windows 10, version 1909 and Windows Server, version 1909. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s).
 <table border = '0' class='box-info'><tr>
-<td bgcolor='#d3f1fb' class='alert is-primary'><div><strong>Current status as of December 5, 2019:</strong></div><div>Windows 10, version 1909 is available for any user on a recent version of Windows 10 who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.</div><div>&nbsp;</div><div>Beginning today, we will slowly start the phased process to automatically initiate a feature update for devices running the October 2018 Update (Windows 10, version 1809) Home and Pro editions, keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health.&nbsp;We are starting this rollout process several months in advance of the end of service date to provide adequate time for a smooth update process.</div><div><br></div><div>For information on how users running Windows 10, version 1903 can update to&nbsp;Windows 10, version 1909 in a new, streamlined way, see <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1909-delivery-options/ba-p/1002660\" rel=\"noopener noreferrer\" target=\"_blank\">this post</a>.</div><div>&nbsp;</div><div><strong>Note </strong>follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>&nbsp;on Twitter to find out when new content is published to the release information dashboard.</div>
+<td bgcolor='#d3f1fb' class='alert is-primary'><div><strong>Current status as of January 21, 2020:</strong></div><div>Windows 10, version 1909 is available for any user on a recent version of Windows 10 who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.</div><div>&nbsp;</div><div>We are starting the next phase in our controlled approach to automatically initiate a feature update for an increased number of devices running the October 2018 Update (Windows 10, version 1809) Home and Pro editions, keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health.&nbsp;Our rollout process starts several months in advance of the end of service date to provide adequate time for a smooth update process.</div><div><br></div><div>For information on how users running Windows 10, version 1903 can update to&nbsp;Windows 10, version 1909 in a new, streamlined way, see <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1909-delivery-options/ba-p/1002660\" rel=\"noopener noreferrer\" target=\"_blank\">this post</a>.</div><div>&nbsp;</div><div><strong>Note </strong>follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>&nbsp;on Twitter to find out when new content is published to the release information dashboard.</div>
 </td></tr></table>
      " 
--- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
+++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
@ -60,7 +60,8 @@ sections:
  - type: markdown
    text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
      <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>November 15, 2019 <br>05:59 PM PT</td></tr>
+      <tr><td><div id='384msg'></div><b>Custom wallpaper displays as black</b><br>Using a custom image set to \"Stretch\" might not display as expected.<br><br><a href = '#384msgdesc'>See details ></a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>January 27, 2020 <br>12:27 PM PT</td></tr>
      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
      <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
      <tr><td><div id='310msg'></div><b>IA64 and x64 devices may fail to start after installing updates</b><br>After installing updates released on or after August 13, 2019, IA64 and x64 devices using EFI Boot may fail to start.<br><br><a href = '#310msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>August 17, 2019 <br>12:59 PM PT</td></tr>
      </table>
@ -73,12 +74,21 @@ sections:
        <div>
        </div> 
      "
 - title: January 2020
 - items:
  - type: markdown
    text: "
      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='384msgdesc'></div><b>Custom wallpaper displays as black</b><div>After installing <a href='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a>, your desktop wallpaper when set to \"Stretch\" might display as black.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Workaround:</strong> To mitigate the issue, you can do one of the following:</div><ul><li>Set your custom image to an option other than \"Stretch\", such as “Fill”, “Fit”, “Tile”, or “Center”, or</li><li>Choose a custom wallpaper that matches the resolution of your desktop.</li></ul><div></div><div><strong>Next steps: </strong>We are working on a resolution and estimate a solution will be available mid-February, which will be released to all customers running Windows 7 and Windows Server 2008 R2 SP1.</div><br><a href ='#384msg'>Back to top</a></td><td>January 14, 2020<br><a href ='https://support.microsoft.com/help/4534310' target='_blank'>KB4534310</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>January 27, 2020 <br>12:27 PM PT<br><br>Opened:<br>January 24, 2020 <br>09:15 AM PT</td></tr>
      </table>
      "
 - title: November 2019
 - items:
  - type: markdown
    text: "
      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Workaround:</strong> You can manually install the November 2019 update for Windows Malicious Software Removal Tool (MSRT) by downloading it <a href=\"http://www.microsoft.com/en-us/downloads/details.aspx?familyid=ad724ae0-e72d-4f54-9ab3-75b8eb148356\" rel=\"noopener noreferrer\" target=\"_blank\">here</a> for 32-bit x86-based devices or <a href=\"https://www.microsoft.com/en-us/downloads/details.aspx?familyid=585d2bde-367f-495e-94e7-6349f4effc74\" rel=\"noopener noreferrer\" target=\"_blank\">here</a> for&nbsp;64-bit x64-based devices. If you are using WSUS or Configuration Manager, guidance can be found <a href=\"https://support.microsoft.com/help/891716\" rel=\"noopener noreferrer\" target=\"_blank\">here</a>.</div><div><br></div><div><strong>Next steps:</strong> This issue has been mitigated on the server side and MSRT will no longer offered to affected platforms. We are working on a resolution and estimate a solution will be available in&nbsp;the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>November 15, 2019 <br>05:59 PM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>02:08 PM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
      </table>
      "
--- a/windows/release-information/status-windows-server-2008-sp2.yml
+++ b/windows/release-information/status-windows-server-2008-sp2.yml
@ -60,7 +60,7 @@ sections:
  - type: markdown
    text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
      <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>November 15, 2019 <br>05:59 PM PT</td></tr>
+      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
      <tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520002' target='_blank'>KB4520002</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
      </table>
      "
@ -77,7 +77,7 @@ sections:
  - type: markdown
    text: "
      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Workaround:</strong> You can manually install the November 2019 update for Windows Malicious Software Removal Tool (MSRT) by downloading it <a href=\"http://www.microsoft.com/en-us/downloads/details.aspx?familyid=ad724ae0-e72d-4f54-9ab3-75b8eb148356\" rel=\"noopener noreferrer\" target=\"_blank\">here</a> for 32-bit x86-based devices or <a href=\"https://www.microsoft.com/en-us/downloads/details.aspx?familyid=585d2bde-367f-495e-94e7-6349f4effc74\" rel=\"noopener noreferrer\" target=\"_blank\">here</a> for&nbsp;64-bit x64-based devices. If you are using WSUS or Configuration Manager, guidance can be found <a href=\"https://support.microsoft.com/help/891716\" rel=\"noopener noreferrer\" target=\"_blank\">here</a>.</div><div><br></div><div><strong>Next steps:</strong> This issue has been mitigated on the server side and MSRT will no longer offered to affected platforms. We are working on a resolution and estimate a solution will be available in&nbsp;the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>November 15, 2019 <br>05:59 PM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='374msgdesc'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><div>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from Windows Update (WU), Windows Server Update Services (WSUS) or Configuration Manager and might be re-offered. If you use WU or WSUS, you might also receive the following error in the WindowsUpdate.log, “Misc&nbsp;&nbsp;WARNING: Digital Signatures on file C:\\Windows\\SoftwareDistribution\\Download\\XXXX are not trusted: Error 0x800b0109”. If you use Configuration Manager, you might also receive the following error in the WUAHandler.log, \"Failed to download updates to the WUAgent datastore. Error = 0x800b0109.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;WUAHandler&nbsp;&nbsp;&nbsp;14/11/2019 16:33:23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;980 (0x03D4)\". <strong>Note</strong> All Configuration Manager information&nbsp;also applies to System Center Configuration Manager (SCCM) and Microsoft Endpoint Configuration Manager.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong> This issue was resolved in the December 2019 release of Windows Malicious Software Removal Tool (MSRT).</div><br><a href ='#374msg'>Back to top</a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>January 23, 2020 <br>02:08 PM PT<br><br>Opened:<br>November 15, 2019 <br>05:59 PM PT</td></tr>
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520002' target='_blank'>KB4520002</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
      </table>
      "
--- a/windows/release-information/windows-message-center.yml
+++ b/windows/release-information/windows-message-center.yml
@ -50,9 +50,11 @@ sections:
    text: "
      <table border ='0'><tr><td width='80%'>Message</td><td width='20%'>Date</td></tr>
      <tr><td id='385'><a href = 'https://support.microsoft.com/help/4532695' target='_blank'><b>January 2020 Windows 10, version 1909 \"D\" optional release is available.</b></a><a class='docon docon-link heading-anchor' aria-labelledby='385' href='#385'></a><br><div>The January<strong> </strong>2020 optional monthly “D” release for Windows 10, version 1909 and Windows 10, version 1903 is now available. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. Follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>&nbsp;for the latest on the availability of this release.</div></td><td>January 28, 2020 <br>08:00 AM PT</td></tr>
      <tr><td id='383'><b>January 2020 Windows \"C\" optional release is available.</b><a class='docon docon-link heading-anchor' aria-labelledby='383' href='#383'></a><br><div>The January 2020 optional monthly “C” release for all supported versions of Windows is now available. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. Follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>&nbsp;for the latest on the availability of this release.</div></td><td>January 23, 2020 <br>12:00 PM PT</td></tr>
      <tr><td id='382'><a href = 'https://www.microsoft.com/en-us/microsoft-365/blog/2020/01/14/windows-7-support-ends-today-and-windows-10-is-better-than-ever/' target='_blank'><b>Windows 7 has reached end of support</b></a><a class='docon docon-link heading-anchor' aria-labelledby='382' href='#382'></a><br><div>Windows&nbsp;7 reached end of support on January 14, 2020. If your organization has&nbsp;not yet been able to complete your transition from Windows 7 to Windows 10, and want to continue to receive security updates while you complete your upgrade projects, please read <a href=\"https://techcommunity.microsoft.com/t5/windows-it-pro-blog/how-to-get-extended-security-updates-for-eligible-windows/ba-p/917807\" rel=\"noopener noreferrer\" target=\"_blank\">How to get Extended Security Updates for eligible Windows devices</a>. For more information on end of service dates for currently supported versions of Windows 10, see the&nbsp;<a href=\"https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet\" rel=\"noopener noreferrer\" target=\"_blank\">Windows lifecycle fact sheet</a>.</div></td><td>January 15, 2020 <br>10:00 AM PT</td></tr>
      <tr><td id='379'><a href = 'https://support.microsoft.com/help/4528760' target='_blank'><b>Take action: January 2020 security update available for all supported versions of Windows</b></a><a class='docon docon-link heading-anchor' aria-labelledby='379' href='#379'></a><br><div>The January 2020 security update release, referred to as our “B” release, is now available for Windows 10, version 1909 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. To be informed about the latest updates and releases, follow us on Twitter&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>.</div></td><td>January 14, 2020 <br>08:00 AM PT</td></tr>
-      <tr><td id='380'><a href = 'https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601' target='_blank'><b>Advisory: Windows CryptoAPI certificate validation vulnerability</b></a><a class='docon docon-link heading-anchor' aria-labelledby='380' href='#380'></a><br><div>On January 14, 2020, Microsoft released security updates to address&nbsp;an<a href=\"&nbsp;elliptic-curve cryptography&nbsp;(\" target=\"_blank\" rel=\"noopener noreferrer\">&nbsp;elliptic-curve cryptography<u>&nbsp;(</u></a>ECC) certificate validation issue in the Windows CryptoAPI. This vulnerability applies to all versions of the Windows 10&nbsp;operating system, client and server.&nbsp;While we have not observed an attack exploiting this vulnerability,&nbsp;we recommend that you apply this update to all of your Windows 10 devices&nbsp;with priority. Here is what you need to know:</div><ul><li>If you are running a supported version of Windows&nbsp;10&nbsp;and have automatic updates enabled, you are automatically protected and do not need to take any&nbsp;further&nbsp;action.</li><li>If you are managing updates on behalf of your organization, you should download the latest updates from the&nbsp;<a href=\"https://portal.msrc.microsoft.com/en-us/\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Security Update Guide&nbsp;</a>and apply those updates to your&nbsp;Windows 10 devices and servers&nbsp;as soon as possible.</li></ul><div></div><div>If you are&nbsp;running an <a href=\"https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet\" target=\"_blank\" rel=\"noopener noreferrer\">unsupported version of Windows 10</a>, we&nbsp;recommend that you upgrade to the current version of Windows 10 to benefit from the latest security protections.&nbsp;For more information&nbsp;about this vulnerability,&nbsp;see&nbsp;the <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Security Guidance for&nbsp;CVE-2020-0601</a> and the Microsoft Security Response Center blog, <a href=\"https://msrc-blog.microsoft.com/2020/01/14/january-2020-security-updates-cve-2020-0601/\" target=\"_blank\" rel=\"noopener noreferrer\">January 2020 Security Updates: CVE-2020-0601</a>.</div></td><td>January 14, 2020 <br>08:00 AM PT</td></tr>
+      <tr><td id='380'><a href = 'https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601' target='_blank'><b>Advisory: Windows CryptoAPI certificate validation vulnerability</b></a><a class='docon docon-link heading-anchor' aria-labelledby='380' href='#380'></a><br><div>On January 14, 2020, Microsoft released security updates to address&nbsp;an&nbsp;<a href=\"https://en.wikipedia.org/wiki/Elliptic-curve_cryptography\" rel=\"noopener noreferrer\" target=\"_blank\"><u>elliptic-curve cryptography</u></a>&nbsp;(ECC) certificate validation issue in the Windows CryptoAPI. This vulnerability applies to all versions of the Windows 10&nbsp;operating system, client and server.&nbsp;While we have not observed an attack exploiting this vulnerability,&nbsp;we recommend that you apply this update to all of your Windows 10 devices&nbsp;with priority. Here is what you need to know:</div><ul><li>If you are running a supported version of Windows&nbsp;10&nbsp;and have automatic updates enabled, you are automatically protected and do not need to take any&nbsp;further&nbsp;action.</li><li>If you are managing updates on behalf of your organization, you should download the latest updates from the&nbsp;<a href=\"https://portal.msrc.microsoft.com/en-us/\" rel=\"noopener noreferrer\" target=\"_blank\">Microsoft Security Update Guide&nbsp;</a>and apply those updates to your&nbsp;Windows 10 devices and servers&nbsp;as soon as possible.</li></ul><div></div><div>If you are&nbsp;running an <a href=\"https://support.microsoft.com/help/13853/windows-lifecycle-fact-sheet\" rel=\"noopener noreferrer\" target=\"_blank\">unsupported version of Windows 10</a>, we&nbsp;recommend that you upgrade to the current version of Windows 10 to benefit from the latest security protections.&nbsp;For more information&nbsp;about this vulnerability,&nbsp;see&nbsp;the <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601\" rel=\"noopener noreferrer\" target=\"_blank\">Microsoft Security Guidance for&nbsp;CVE-2020-0601</a> and the Microsoft Security Response Center blog, <a href=\"https://msrc-blog.microsoft.com/2020/01/14/january-2020-security-updates-cve-2020-0601/\" rel=\"noopener noreferrer\" target=\"_blank\">January 2020 Security Updates: CVE-2020-0601</a>.</div></td><td>January 14, 2020 <br>08:00 AM PT</td></tr>
      <tr><td id='376'><a href = 'https://support.microsoft.com/help/4530684' target='_blank'><b>Take action: December 2019 security update available for all supported versions of Windows</b></a><a class='docon docon-link heading-anchor' aria-labelledby='376' href='#376'></a><br><div>The December 2019 security update release, referred to as our “B” release, is now available for Windows 10, version 1909 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. To be informed about the latest updates and releases, follow us on Twitter&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>.</div></td><td>December 10, 2019 <br>08:00 AM PT</td></tr>
      <tr><td id='378'><b>Timing of Windows 10 optional update releases (December 2019)</b><a class='docon docon-link heading-anchor' aria-labelledby='378' href='#378'></a><br><div>For the balance of this calendar year, there will be no optional non-security “C” and “D” releases for Windows 10. The \"C\" releases normally target the third week of the month, with \"D\" releases targeting the fourth week.&nbsp;For more information on the different types of monthly quality updates, see our&nbsp;<a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>.</div></td><td>December 10, 2019 <br>08:00 AM PT</td></tr>
      <tr><td id='369'><a href = 'https://aka.ms/how-to-get-1909' target='_blank'><b>Windows 10, version 1909 now available</b></a><a class='docon docon-link heading-anchor' aria-labelledby='369' href='#369'></a><br><div>Learn how to get Windows 10, version 1909 (the November 2019 Update), and explore how we’ve worked to make this a great experience for all devices, including a new, streamlined (and fast) update experience for devices updating directly from the May 2019 Update.</div></td><td>November 12, 2019 <br>10:00 AM PT</td></tr>
--- a/windows/security/identity-protection/hello-for-business/hello-identity-verification.md
+++ b/windows/security/identity-protection/hello-for-business/hello-identity-verification.md
@ -36,18 +36,6 @@ Windows Hello addresses the following problems with passwords:
 ## Prerequisites
 > [!Important]
 > 1. Hybrid deployments support non-destructive PIN reset that only works with the certificate trust model.</br>. 
 > **Requirements:**</br>
 > Microsoft PIN Reset Service - Windows 10, versions 1709 to 1809, Enterprise Edition. There is no licensing requirement for this service since version 1903</br>
 > Reset above lock screen (_I forgot my PIN_ link) - Windows 10, version 1903
 >
 > 2. On-premises deployments support destructive PIN reset that works with both the certificate trust and the key trust models.</br>
 > **Requirements:**</br>
 > Reset from settings - Windows 10, version 1703, Professional</br>
 > Reset above lock screen - Windows 10, version 1709, Professional</br>
 > Reset above lock screen (_I forgot my PIN_ link) - Windows 10, version 1903
 ### Cloud Only Deployment
 * Windows 10, version 1511 or later
@ -75,6 +63,18 @@ The table shows the minimum requirements for each deployment. For key trust in a
 | Azure AD Connect | Azure AD Connect | Azure AD Connect | Azure AD Connect | 
 | Azure AD Premium, optional | Azure AD Premium, needed for device write-back | Azure AD Premium, optional for automatic MDM enrollment | Azure AD Premium, optional for automatic MDM enrollment |
 > [!Important]
 > 1. Hybrid deployments support non-destructive PIN reset that works with both the certificate trust and key trust models. </br> 
 > **Requirements:**</br>
 > Microsoft PIN Reset Service - Windows 10, versions 1709 to 1809, Enterprise Edition. There is no licensing requirement for this service since version 1903</br>
 > Reset above lock screen (_I forgot my PIN_ link) - Windows 10, version 1903
 >
 > 2. On-premises deployments support destructive PIN reset that works with both the certificate trust and the key trust models.</br>
 > **Requirements:**</br>
 > Reset from settings - Windows 10, version 1703, Professional</br>
 > Reset above lock screen - Windows 10, version 1709, Professional</br>
 > Reset above lock screen (_I forgot my PIN_ link) - Windows 10, version 1903
 ### On-premises Deployments
 The table shows the minimum requirements for each deployment.
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@ -34,8 +34,11 @@
 #### [Web protection]()
 ##### [Web protection overview](microsoft-defender-atp/web-protection-overview.md)
-##### [Monitor web security](microsoft-defender-atp/web-protection-monitoring.md)
+##### [Web threat protection]()
-##### [Respond to web threats](microsoft-defender-atp/web-protection-response.md)
+###### [Web threat protection overview](microsoft-defender-atp/web-threat-protection.md)
 ###### [Monitor web security](microsoft-defender-atp/web-protection-monitoring.md)
 ###### [Respond to web threats](microsoft-defender-atp/web-protection-response.md)
 ##### [Web content filtering](microsoft-defender-atp/web-content-filtering.md)
 #### [Controlled folder access](microsoft-defender-atp/controlled-folders.md)
 #### [Attack surface reduction](microsoft-defender-atp/attack-surface-reduction.md)
@ -114,7 +117,7 @@
 #### [Use shared queries](microsoft-defender-atp/advanced-hunting-shared-queries.md)
 #### [Advanced hunting schema reference]()
 ##### [Understand the schema](microsoft-defender-atp/advanced-hunting-schema-reference.md)
-##### [AlertEvents](microsoft-defender-atp/advanced-hunting-alertevents-table.md)
+##### [DeviceAlertEvents](microsoft-defender-atp/advanced-hunting-devicealertevents-table.md)
 ##### [DeviceFileEvents](microsoft-defender-atp/advanced-hunting-devicefileevents-table.md)
 ##### [DeviceImageLoadEvents](microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table.md)
 ##### [DeviceLogonEvents](microsoft-defender-atp/advanced-hunting-devicelogonevents-table.md)
@ -153,6 +156,15 @@
 ### [Portal overview](microsoft-defender-atp/portal-overview.md)
 ### [Microsoft Defender ATP for US Government Community Cloud High customers](microsoft-defender-atp/commercial-gov.md)
 ## [Deployment guide]()
 ### [Product brief](microsoft-defender-atp/product-brief.md)
 ### [Prepare deployment](microsoft-defender-atp/prepare-deployment.md)
 ### [Evaluate capabilities](microsoft-defender-atp/evaluation-lab.md)
 ### [Production deployment](microsoft-defender-atp/production-deployment.md)
 ### [Helpful resources](microsoft-defender-atp/helpful-resources.md)
 ## [Get started]()
 ### [What's new in Microsoft Defender ATP](microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md)
 ### [Minimum requirements](microsoft-defender-atp/minimum-requirements.md)
@ -391,6 +403,9 @@
 ####### [Get machine by ID](microsoft-defender-atp/get-machine-by-id.md)
 ####### [Get machine log on users](microsoft-defender-atp/get-machine-log-on-users.md)
 ####### [Get machine related alerts](microsoft-defender-atp/get-machine-related-alerts.md)
 ####### [Get installed software](microsoft-defender-atp/get-installed-software.md)
 ####### [Get discovered vulnerabilities](microsoft-defender-atp/get-discovered-vulnerabilities.md)
 ####### [Get security recommendation](microsoft-defender-atp/get-security-recommendations.md)
 ####### [Add or Remove machine tags](microsoft-defender-atp/add-or-remove-machine-tags.md)
 ####### [Find machines by IP](microsoft-defender-atp/find-machines-by-ip.md)
@ -441,6 +456,34 @@
 ####### [Get user related alerts](microsoft-defender-atp/get-user-related-alerts.md)
 ####### [Get user related machines](microsoft-defender-atp/get-user-related-machines.md)
 ###### [Score]()
 ####### [Score methods and properties](microsoft-defender-atp/score.md)
 ####### [List exposure score by machine group](microsoft-defender-atp/get-machine-group-exposure-score.md)
 ####### [Get exposure score](microsoft-defender-atp/get-exposure-score.md)
 ####### [Get device secure score](microsoft-defender-atp/get-device-secure-score.md)
 ###### [Software]()
 ####### [Software methods and properties](microsoft-defender-atp/software.md)
 ####### [List software](microsoft-defender-atp/get-software.md)
 ####### [Get software by Id](microsoft-defender-atp/get-software-by-id.md)
 ####### [List software version distribution](microsoft-defender-atp/get-software-ver-distribution.md)
 ####### [List machines by software](microsoft-defender-atp/get-machines-by-software.md)
 ####### [List vulnerabilities by software](microsoft-defender-atp/get-vuln-by-software.md)
 ###### [Vulnerability]()
 ####### [Vulnerability methods and properties](microsoft-defender-atp/vulnerability.md)
 ####### [Get all vulnerabilities](microsoft-defender-atp/get-all-vulnerabilities.md)
 ####### [Get vulnerability by Id](microsoft-defender-atp/get-vulnerability-by-id.md)
 ####### [List machines by vulnerability](microsoft-defender-atp/get-machines-by-vulnerability.md)
 ###### [Recommendation]()
 ####### [Recommendation methods and properties](microsoft-defender-atp/recommendation.md)
 ####### [List all recommendations](microsoft-defender-atp/get-all-recommendations.md)
 ####### [Get recommendation by Id](microsoft-defender-atp/get-recommendation-by-id.md)
 ####### [Get recommendation by software](microsoft-defender-atp/get-recommendation-software.md)
 ####### [Get recommendation by machines](microsoft-defender-atp/get-recommendation-machines.md)
 ####### [Get recommendation by vulnerabilities](microsoft-defender-atp/get-recommendation-vulnerabilities.md)
 ##### [How to use APIs - Samples]()
 ###### [Microsoft Flow](microsoft-defender-atp/api-microsoft-flow.md)
 ###### [Power BI](microsoft-defender-atp/api-power-bi.md)
@ -448,11 +491,18 @@
 ###### [Advanced Hunting using PowerShell](microsoft-defender-atp/run-advanced-query-sample-powershell.md)
 ###### [Using OData Queries](microsoft-defender-atp/exposed-apis-odata-samples.md)
 #### [Windows updates (KB) info]()
 ##### [Get KbInfo collection](microsoft-defender-atp/get-kbinfo-collection.md)
 #### [Common Vulnerabilities and Exposures (CVE) to KB map]()
 ##### [Get CVE-KB map](microsoft-defender-atp/get-cvekbmap-collection.md)
 #### [Pull detections to your SIEM tools]()
 #### [Raw data streaming API]()
 ##### [Raw data streaming (preview)](microsoft-defender-atp/raw-data-export.md)
 ##### [Stream advanced hunting events to Azure Events hub](microsoft-defender-atp/raw-data-export-event-hub.md)
 ##### [Stream advanced hunting events to your storage account](microsoft-defender-atp/raw-data-export-storage.md)
- 
+
 #### [SIEM integration]()
 ##### [Understand threat intelligence concepts](microsoft-defender-atp/threat-indicator-concepts.md)
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table.md
@ -1,7 +1,7 @@
 ---
-title: AlertEvents table in the advanced hunting schema
+title: DeviceAlertEvents table in the advanced hunting schema
-description: Learn about alert generation events in the AlertEvents table of the advanced hunting schema
+description: Learn about alert generation events in the DeviceAlertEvents table of the advanced hunting schema
-keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, windows defender atp, wdatp search, query, telemetry, schema reference, kusto, table, column, data type, description, alertevents, alert, severity, category
+keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, windows defender atp, wdatp search, query, telemetry, schema reference, kusto, table, column, data type, description, DeviceAlertEvents, alert, severity, category
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: w10
@ -15,10 +15,10 @@ manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
-ms.date: 10/08/2019
+ms.date: 01/22/2020
 ---
-# AlertEvents
+# DeviceAlertEvents
 **Applies to:**
@ -26,7 +26,7 @@ ms.date: 10/08/2019
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
-The `AlertEvents` table in the [advanced hunting](advanced-hunting-overview.md) schema contains information about alerts in Microsoft Defender Security Center. Use this reference to construct queries that return information from the table.
+The `DeviceAlertEvents` table in the [advanced hunting](advanced-hunting-overview.md) schema contains information about alerts in Microsoft Defender Security Center. Use this reference to construct queries that return information from the table.
 For information on other tables in the advanced hunting schema, see [the advanced hunting schema reference](advanced-hunting-schema-reference.md).
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefilecertificateinfobeta-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefilecertificateinfobeta-table.md
@ -34,23 +34,24 @@ For information on other tables in the advanced hunting schema, see [the advance
 | Column name | Data type | Description |
 |-------------|-----------|-------------|
-| `Timestamp` | datetime | Date and time when the event was recorded
+| `Timestamp` | datetime | Date and time when the event was recorded |
-| `DeviceId` | string | Unique identifier for the machine in the service
+| `DeviceId` | string | Unique identifier for the machine in the service |
-| `DeviceName` | string | Fully qualified domain name (FQDN) of the machine
+| `DeviceName` | string | Fully qualified domain name (FQDN) of the machine |
-| `SHA1` | string | SHA-1 of the file that the recorded action was applied to
+| `SHA1` | string | SHA-1 of the file that the recorded action was applied to |
-| `IsSigned` | boolean | Indicates whether the file is signed
+| `IsSigned` | boolean | Indicates whether the file is signed |
-| `SignatureType` | string | Indicates whether signature information was read as embedded content in the file itself or read from an external catalog file
+| `SignatureType` | string | Indicates whether signature information was read as embedded content in the file itself or read from an external catalog file |
-| `Signer` | string | Information about the signer of the file
+| `Signer` | string | Information about the signer of the file |
-| `SignerHash` | string | Unique hash value identifying the signer
+| `SignerHash` | string | Unique hash value identifying the signer |
-| `Issuer` | string | Information about the issuing certificate authority (CA)
+| `Issuer` | string | Information about the issuing certificate authority (CA) |
-| `IssuerHash` | string | Unique hash value identifying issuing certificate authority (CA)
+| `IssuerHash` | string | Unique hash value identifying issuing certificate authority (CA) |
-| `CrlDistributionPointUrls` | string |  URL of the network share that contains certificates and the certificate revocation list (CRL)
+| `CertificateSerialNumber` | string | Identifier for the certificate that is unique to the issuing certificate authority (CA) |
-| `CertificateCreationTime` | datetime | Date and time the certificate was created
+| `CrlDistributionPointUrls` | string |  JSON array listing the URLs of network shares that contain certificates and certificate revocation lists (CRLs) |
-| `CertificateExpirationTime` | datetime | Date and time the certificate is set to expire
+| `CertificateCreationTime` | datetime | Date and time the certificate was created |
-| `CertificateCountersignatureTime` | datetime | Date and time the certificate was countersigned
+| `CertificateExpirationTime` | datetime | Date and time the certificate is set to expire |
-| `IsTrusted` | boolean | Indicates whether the file is trusted based on the results of the WinVerifyTrust function, which checks for unknown root certificate information, invalid signatures, revoked certificates, and other questionable attributes
+| `CertificateCountersignatureTime` | datetime | Date and time the certificate was countersigned |
-| `IsRootSignerMicrosoft` | boolean | Indicates whether the signer of the root certificate is Microsoft
+| `IsTrusted` | boolean | Indicates whether the file is trusted based on the results of the WinVerifyTrust function, which checks for unknown root certificate information, invalid signatures, revoked certificates, and other questionable attributes |
-| `ReportId` | long | Event identifier based on a repeating counter. To identify unique events, this column must be used in conjunction with the DeviceName and Timestamp columns.
+| `IsRootSignerMicrosoft` | boolean | Indicates whether the signer of the root certificate is Microsoft |
 | `ReportId` | long | Event identifier based on a repeating counter. To identify unique events, this column must be used in conjunction with the DeviceName and Timestamp columns. |
 ## Related topics
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table.md
@ -26,7 +26,7 @@ ms.date: 10/08/2019
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
-The `DeviceImageLoadEvents table` in the [advanced hunting](advanced-hunting-overview.md) schema contains information about DLL loading events. Use this reference to construct queries that return information from the table.
+The `DeviceImageLoadEvents` table in the [advanced hunting](advanced-hunting-overview.md) schema contains information about DLL loading events. Use this reference to construct queries that return information from the table.
 For information on other tables in the advanced hunting schema, see [the advanced hunting schema reference](advanced-hunting-schema-reference.md).
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md
@ -37,7 +37,7 @@ Table and column names are also listed within the Microsoft Defender Security Ce
 | Table name | Description |
 |------------|-------------|
-| **[AlertEvents](advanced-hunting-alertevents-table.md)** | Alerts on Microsoft Defender Security Center |
+| **[DeviceAlertEvents](advanced-hunting-devicealertevents-table.md)** | Alerts on Microsoft Defender Security Center |
 | **[DeviceInfo](advanced-hunting-deviceinfo-table.md)** | Machine information, including OS information |
 | **[DeviceNetworkInfo](advanced-hunting-devicenetworkinfo-table.md)** | Network properties of machines, including adapters, IP and MAC addresses, as well as connected networks and domains |
 | **[DeviceProcessEvents](advanced-hunting-deviceprocessevents-table.md)** | Process creation and related events |
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-tvm-softwarevulnerability-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-tvm-softwarevulnerability-table.md
@ -28,7 +28,7 @@ ms.date: 11/12/2019
 [!include[Prerelease information](../../includes/prerelease.md)]
-The `DeviceTvmSoftwareInventoryVulnerabilities` table in the advanced hunting schema contains the list of vulnerabilities [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) assesses devices for. Use this reference to construct queries that return information from the table.
+The `DeviceTvmSoftwareVulnerabilitiesKB` table in the advanced hunting schema contains the list of vulnerabilities [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) assesses devices for. Use this reference to construct queries that return information from the table.
 For information on other tables in the advanced hunting schema, see [the advanced hunting reference](advanced-hunting-reference.md).
--- a/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md
@ -74,3 +74,8 @@ See how you can [improve your security configuration](https://docs.microsoft.com
 - [Weaknesses](tvm-weaknesses.md)
 - [Scenarios](threat-and-vuln-mgt-scenarios.md)
 - [Configure data access for Threat & Vulnerability Management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
 - [Score APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/score)
 - [Software APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/software)
 - [Vulnerability APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
 - [Recommendation APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md
@ -118,7 +118,7 @@ If a proxy or firewall is blocking anonymous traffic, as Microsoft Defender ATP
 ## Microsoft Defender ATP service backend IP range
-If you network devices don't support the URLs white-listed in the prior section, you can use the following information.
+If your network devices don't support the URLs white-listed in the prior section, you can use the following information.
 Microsoft Defender ATP is built on Azure cloud, deployed in the following regions:
--- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-list.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-list.md
@ -57,6 +57,10 @@ Machines | Run API calls such as get machines, get machines by ID, information a
 Machine Actions | Run API call such as Isolation, Run anti-virus scan and more.
 Indicators | Run API call such as create Indicator, get Indicators and delete Indicators.
 Users | Run API calls such as get user related alerts and user related machines.
 Score | Run API calls such as get exposure score or get device secure score.
 Software | Run API calls such as list vulnerabilities by software.
 Vulnerability | Run API calls such as list machines by vulnerability.
 Recommendation | Run API calls such as Get recommendation by Id.
 ## Related topic
 - [Microsoft Defender ATP APIs](apis-intro.md)
--- a/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
@ -0,0 +1,108 @@
 ---
 title: List all recommendations
 description: Retrieves a list of all security recommendations affecting the organization.
 keywords: apis, graph api, supported apis, get, security recommendations, mdatp tvm api, threat and vulnerability management, threat and vulnerability management api 
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: dolmont
 author: DulceMontemayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # List all recommendations
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 [!include[Prerelease information](../../includes/prerelease.md)]
 Retrieves a list of all security recommendations affecting the organization.
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
 Application |	SecurityRecommendation.Read.All |	'Read Threat and Vulnerability Management security recommendation information'
 Delegated (work or school account) | SecurityRecommendation.Read |	'Read Threat and Vulnerability Management security recommendation information'
 ## HTTP request
 ```
 GET /api/recommendations
 ```
 ## Request headers
 Name | Type | Description
 :---|:---|:---
 Authorization | String | Bearer {token}. **Required**.
 ## Request body
 Empty
 ## Response
 If successful, this method returns 200 OK with the list of security recommendations in the body.
 ## Example
 **Request**
 Here is an example of the request.
 ```
 GET https://api.securitycenter.windows.com/api/recommendations
 ```
 **Response**
 Here is an example of the response.
 ```
 Content-type: json
 {
    "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Recommendations",
    "value": [
        {
            "id": "va-_-microsoft-_-windows_10",
            "productName": "windows_10",
            "recommendationName": "Update Windows 10",
            "weaknesses": 397,
            "vendor": "microsoft",
            "recommendedVersion": "",
            "recommendationCategory": "Application",
            "subCategory": "",
            "severityScore": 0,
            "publicExploit": true,
            "activeAlert": false,
            "associatedThreats": [
                "3098b8ef-23b1-46b3-aed4-499e1928f9ed",
                "40c189d5-0330-4654-a816-e48c2b7f9c4b",
                "4b0c9702-9b6c-4ca2-9d02-1556869f56f8",
                "e8fc2121-3cf3-4dd2-9ea0-87d7e1d2b29d",
                "94b6e94b-0c1d-4817-ac06-c3b8639be3ab"
            ],
            "remediationType": "Update",
            "status": "Active",
            "configScoreImpact": 0,
            "exposureImpact": 7.674418604651163,
            "totalMachineCount": 37,
            "exposedMachinesCount": 7,
            "nonProductivityImpactedAssets": 0,
            "relatedComponent": "Windows 10"
        }
        ]
 }
 ```
 ## Related topics
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Threat & Vulnerability security recommendation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation)
--- a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
@ -0,0 +1,96 @@
 ---
 title: Get all vulnerabilities
 description: Retrieves a list of all the vulnerabilities affecting the organization
 keywords: apis, graph api, supported apis, get, vulnerability information, mdatp tvm api
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: dolmont
 author: DulceMontemayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # Get all vulnerabilities
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 [!include[Prerelease information](../../includes/prerelease.md)]
 Retrieves a list of all the vulnerabilities affecting the organization.
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
 Application |	Vulnerability.Read.All |	'Read Threat and Vulnerability Management vulnerability information'
 Delegated (work or school account) | Vulnerability.Read |	'Read Threat and Vulnerability Management vulnerability information'
 ## HTTP request
 ```
 GET /api/vulnerabilities
 ```
 ## Request headers
 Name | Type | Description
 :---|:---|:---
 Authorization | String | Bearer {token}. **Required**.
 ## Request body
 Empty
 ## Response
 If successful, this method returns 200 OK with the list of vulnerabilities in the body.
 ## Example
 **Request**
 Here is an example of the request.
 ```
 GET https://api.securitycenter.windows.com/api/Vulnerabilities
 ```
 **Response**
 Here is an example of the response.
 ```
 Content-type: json
 {
    "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#Vulnerabilities",
    "value": [
        {
            "id": "CVE-2019-0608",
            "name": "CVE-2019-0608",
            "description": "A spoofing vulnerability exists when Microsoft Browsers does not properly parse HTTP content. An attacker who successfully exploited this vulnerability could impersonate a user request by crafting HTTP queries. The specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services.To exploit the vulnerability, the user must click a specially crafted URL. In an email attack scenario, an attacker could send an email message containing the specially crafted URL to the user in an attempt to convince the user to click it.In a web-based attack scenario, an attacker could host a specially crafted website designed to appear as a legitimate website to the user. However, the attacker would have no way to force the user to visit the specially crafted website. The attacker would have to convince the user to visit the specially crafted website, typically by way of enticement in an email or instant message, and then convince the user to interact with content on the website.The update addresses the vulnerability by correcting how Microsoft Browsers parses HTTP responses.",
            "severity": "Medium",
            "cvssV3": 4.3,
            "exposedMachines": 4,
            "publishedOn": "2019-10-08T00:00:00Z",
            "updatedOn": "2019-12-16T16:20:00Z",
            "publicExploit": false,
            "exploitVerified": false,
            "exploitInKit": false,
            "exploitTypes": [],
            "exploitUris": []
        }
        ]
        {
 }
 ```
 ## Related topics
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Vulnerabilities in your organization](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses)
--- a/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
@ -0,0 +1,84 @@
 ---
 title: Get Device Secure score
 description: Retrieves the organizational device secure score.
 keywords: apis, graph api, supported apis, get, alerts, recent
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: dolmont
 author: DulceMontemayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # Get Device Secure score
 **Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 [!include[Prerelease information](../../includes/prerelease.md)]
 Retrieves the organizational device secure score.
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
 Application |	Score.Read.Alll |	'Read Threat and Vulnerability Management score'
 Delegated (work or school account) | Score.Read | 'Read Threat and Vulnerability Management score'
 ## HTTP request
 ```
 GET /api/configurationScore
 ```
 ## Request headers
 Name | Type | Description
 :---|:---|:---
 Authorization | String | Bearer {token}. **Required**.
 ## Request body
 Empty
 ## Response
 If successful, this method returns 200 OK, with the with device secure score data in the response body.
 ## Example
 **Request**
 Here is an example of the request.
 ```
 GET https://api.securitycenter.windows.com/api/configurationScore
 ```
 **Response**
 Here is an example of the response.
 >[!NOTE]
 >The response list shown here may be truncated for brevity. 
 ```json
 {
    "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#ConfigurationScore/$entity",
    "time": "2019-12-03T09:15:58.1665846Z",
    "score": 340,
    "rbacGroupId": null
 }
 ```
 ## Related topics
 - [OData queries with Microsoft Defender ATP](exposed-apis-odata-samples.md)
--- a/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md
@ -0,0 +1,93 @@
 ---
 title: Get discovered vulnerabilities
 description: Retrieves a collection of discovered vulnerabilities related to a given machine ID.
 keywords: apis, graph api, supported apis, get, list, file, information, discovered vulnerabilities, threat & vulnerability management api, mdatp tvm api
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: dolmont
 author: DulceMontemayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # Get discovered vulnerabilities
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 [!include[Prerelease information](../../includes/prerelease.md)]
 Retrieves a collection of discovered vulnerabilities related to a given machine ID.
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
 Application |Vulnerability.Read.All |	'Read Threat and Vulnerability Management vulnerability information'
 Delegated (work or school account) | Vulnerability.Read |	'Read Threat and Vulnerability Management vulnerability information'
 ## HTTP request
 ```
 GET /api/machines/{machineId}/vulnerabilities
 ```
 ## Request headers
 Name | Type | Description
 :---|:---|:---
 Authorization | String | Bearer {token}. **Required**.
 ## Request body
 Empty
 ## Response
 If successful, this method returns 200 OK with the discovered vulnerability information in the body.
 ## Example
 **Request**
 Here is an example of the request.
 ```
 GET https://api.securitycenter.windows.com/api/machines/ac233fa6208e1579620bf44207c4006ed7cc4501/vulnerabilities
 ```
 **Response**
 Here is an example of the response.
 ```
 {
    "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Collection(Analytics.Contracts.PublicAPI.PublicVulnerabilityDto)",
    "value": [
        {
            "id": "CVE-2019-1348",
            "name": "CVE-2019-1348",
            "description": "Git could allow a remote attacker to bypass security restrictions, caused by a flaw in the --export-marks option of git fast-import. By persuading a victim to import specially-crafted content, an attacker could exploit this vulnerability to overwrite arbitrary paths.",
            "severity": "Medium",
            "cvssV3": 4.3,
            "exposedMachines": 1,
            "publishedOn": "2019-12-13T00:00:00Z",
            "updatedOn": "2019-12-13T00:00:00Z",
            "publicExploit": false,
            "exploitVerified": false,
            "exploitInKit": false,
            "exploitTypes": [],
            "exploitUris": []
        }
 }
 ```
 ## Related topics
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Vulnerabilities in your organization](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses)
--- a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
@ -0,0 +1,89 @@
 ---
 title: Get exposure score
 description: Retrieves the organizational exposure score.
 keywords: apis, graph api, supported apis, get, exposure score, organizational exposure score
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: dolmont
 author: DulceMontemayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # Get exposure score
 **Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 [!include[Prerelease information](../../includes/prerelease.md)]
 Retrieves the organizational exposure score.
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
 Application |	Score.Read.All |	'Read Threat and Vulnerability Management score'
 Delegated (work or school account) | Score.Read | 'Read Threat and Vulnerability Management score'
 ## HTTP request
 ```
 GET /api/exposureScore
 ```
 ## Request headers
 Name | Type | Description
 :---|:---|:---
 Authorization | String | Bearer {token}. **Required**.
 ## Request body
 Empty
 ## Response
 If successful, this method returns 200 OK, with the exposure data in the response body.
 ## Example
 **Request**
 Here is an example of the request.
 ```
 GET https://api.securitycenter.windows.com/api/exposureScore
 ```
 **Response**
 Here is an example of the response.
 >[!NOTE]
 >The response list shown here may be truncated for brevity. 
 ```json
 {
    "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#ExposureScore/$entity",
    "time": "2019-12-03T07:23:53.280499Z",
    "score": 33.491554051195706,
    "rbacGroupId": null
 }
 ```
 ## Related topics
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Threat & Vulnerability exposure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score)
--- a/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md
@ -0,0 +1,89 @@
 ---
 title: Get installed software
 description: Retrieves a collection of installed software related to a given machine ID.
 keywords: apis, graph api, supported apis, get, list, file, information, software inventory, installed software per machine, threat & vulnerability management api, mdatp tvm api
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: dolmont
 author: DulceMontemayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # Get installed software
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 [!include[Prerelease information](../../includes/prerelease.md)]
 Retrieves a collection of installed software related to a given machine ID.
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
 Application |Software.Read.All |	'Read Threat and Vulnerability Management Software information'
 Delegated (work or school account) | Software.Read |	'Read Threat and Vulnerability Management Software information'
 ## HTTP request
 ```
 GET /api/machines/{machineId}/software
 ```
 ## Request headers
 Name | Type | Description
 :---|:---|:---
 Authorization | String | Bearer {token}. **Required**.
 ## Request body
 Empty
 ## Response
 If successful, this method returns 200 OK with the installed software information in the body.
 ## Example
 **Request**
 Here is an example of the request.
 ```
 GET https://api.securitycenter.windows.com/api/machines/ac233fa6208e1579620bf44207c4006ed7cc4501/software
 ```
 **Response**
 Here is an example of the response.
 ```
 {
 "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Software",
 "value": [
        {
 "id": "microsoft-_-internet_explorer",
 "name": "internet_explorer",
 "vendor": "microsoft",
 "weaknesses": 67,
 "publicExploit": true,
 "activeAlert": false,
 "exposedMachines": 42115,
 "impactScore": 46.2037163
        }
    ]
 }
 ```
 ## Related topics
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Threat & Vulnerability software inventory](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory)
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md
@ -0,0 +1,100 @@
 ---
 title: List exposure score by machine group
 description: Retrieves a list of exposure scores by machine group.
 keywords: apis, graph api, supported apis, get, exposure score, machine group, machine group exposure score
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: dolmont
 author: DulceMontemayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # List exposure score by machine group
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 [!include[Prerelease information](../../includes/prerelease.md)]
 Retrieves a collection of alerts related to a given domain address.
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
 Permission type |   Permission  |   Permission display name
 :---|:---|:---
 Application | Score.Read.All | 'Read Threat and Vulnerability Management score'
 Delegated (work or school account) | Score.Read | 'Read Threat and Vulnerability Management score'
 ## HTTP request
 ```
 GET /api/exposureScore/ByMachineGroups
 ```
 ## Request headers
 | Name        | Type | Description
 |:--------------|:-------|:--------------|
 | Authorization | String | Bearer {token}.**Required**.
 ## Request body
 Empty
 ## Response
 If successful, this method returns 200 OK, with a list of exposure score per machine group data in the response body. 
 ## Example
 **Request**
 Here is an example of the request.
 ```
 GET https://api.securitycenter.windows.com/api/exposureScore/ByMachineGroups
 ```
 **Response**
 Here is an example of the response.
 ```json
 {
    "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#ExposureScore",
    "value": [
        {
            "time": "2019-12-03T09:51:28.214338Z",
            "score": 41.38041766305988,
            "rbacGroupId": 10
        },
        {
            "time": "2019-12-03T09:51:28.2143399Z",
            "score": 37.403726933165366,
            "rbacGroupId": 11
        },
        {
            "time": "2019-12-03T09:51:28.2143407Z",
            "score": 26.390921344426033,
            "rbacGroupId": 9
        },
        {
            "time": "2019-12-03T09:51:28.2143414Z",
            "score": 23.58823563070858,
            "rbacGroupId": 5
        }
    ]
 }
 ```
 ## Related topics
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Threat & Vulnerability exposure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score)
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
@ -0,0 +1,92 @@
 ---
 title: List machines by software
 description: Retrieve a list of machines that has this software installed.
 keywords: apis, graph api, supported apis, get, list machines, machines list, list machines by software, mdatp tvm api
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: dolmont
 author: DulceMontemayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # List machines by software
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 [!include[Prerelease information](../../includes/prerelease.md)]
 Retrieve a list of machines that has this software installed.
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 Permission type |   Permission  |   Permission display name
 :---|:---|:---
 Application | Software.Read.All | 'Read Threat and Vulnerability Management Software information'
 Delegated (work or school account) | Software.Read | 'Read Threat and Vulnerability Management Software information'
 ## HTTP request
 ```
 GET /api/Software/{Id}/machineReferences 
 ```
 ## Request headers
 | Name        | Type | Description
 |:--------------|:-------|:--------------|
 | Authorization | String | Bearer {token}.**Required**.
 ## Request body
 Empty
 ## Response
 If successful, this method returns 200 OK and a list of machines with the software installed in the body. 
 ## Example
 **Request**
 Here is an example of the request.
 ```
 GET https://api.securitycenter.windows.com/api/Software/microsoft-_-edge/machineReferences
 ```
 **Response**
 Here is an example of the response.
 ```json
 {
    "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#MachineReferences",
    "value": [
        {
            "id": "7c7e1896fa39efb0a32a2cf421d837af1b9bf762",
            "computerDnsName": "dave_desktop",
            "osPlatform": "Windows10",
            "rbacGroupId": 9
        },
        {
            "id": "7d5cc2e7c305e4a0a290392abf6707f9888fda0d",
            "computerDnsName": "jane_PC",
            "osPlatform": "Windows10",
            "rbacGroupId": 9
        }
 ]
 }
 ```
 ## Related topics
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Threat & Vulnerability software inventory](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory)
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md
@ -0,0 +1,92 @@
 ---
 title: List machines by vulnerability
 description: Retrieves a list of machines affected by a vulnerability.
 keywords: apis, graph api, supported apis, get, machines list, vulnerable machines, mdatp tvm api
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: dolmont
 author: DulceMontemayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # List machines by vulnerability
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 [!include[Prerelease information](../../includes/prerelease.md)]
 Retrieves a list of machines affected by a vulnerability.
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
 Application |Vulnerability.Read.All |	'Read Threat and Vulnerability Management vulnerability information'
 Delegated (work or school account) | Vulnerability.Read |	'Read Threat and Vulnerability Management vulnerability information'
 ## HTTP request
 ```
 GET /api/vulnerabilities/{cveId}/machineReferences
 ```
 ## Request headers
 Name | Type | Description
 :---|:---|:---
 Authorization | String | Bearer {token}. **Required**.
 ## Request body
 Empty
 ## Response
 If successful, this method returns 200 OK with the vulnerability information in the body.
 ## Example
 **Request**
 Here is an example of the request.
 ```
 GET https://api.securitycenter.windows.com/api/vulnerabilities/CVE-2019-0608/machineReferences
 ```
 **Response**
 Here is an example of the response.
 ```
 Content-type: json
 {
    "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#MachineReferences",
    "value": [
        {
            "id": "235a2e6278c63fcf85bab9c370396972c58843de",
            "computerDnsName": "h1mkn_PC",
            "osPlatform": "Windows10",
            "rbacGroupId": 1268
        },
        {
            "id": "afb3f807d1a185ac66668f493af028385bfca184",
            "computerDnsName": "chat_Desk ",
            "osPlatform": "Windows10",
            "rbacGroupId": 410
        }
    ]
 }
 ```
 ## Related topics
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Vulnerabilities in your organization](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses)
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md
@ -0,0 +1,97 @@
 ---
 title: Get recommendation by Id
 description: Retrieves a security recommendation by its ID.
 keywords: apis, graph api, supported apis, get, security recommendation, security recommendation by ID, threat and vulnerability management, threat and vulnerability management api 
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: dolmont
 author: DulceMontemayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # Get recommendation by ID
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 [!include[Prerelease information](../../includes/prerelease.md)]
 Retrieves a security recommendation by its ID.
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
 Application |	SecurityRecommendation.Read.All |	'Read Threat and Vulnerability Management security recommendation information'
 Delegated (work or school account) | SecurityRecommendation.Read |	'Read Threat and Vulnerability Management security recommendation information'
 ## HTTP request
 ```
 GET /api/recommendations/{id}
 ```
 ## Request headers
 Name | Type | Description
 :---|:---|:---
 Authorization | String | Bearer {token}. **Required**.
 ## Request body
 Empty
 ## Response
 If successful, this method returns 200 OK with the security recommendations in the body.
 ## Example
 **Request**
 Here is an example of the request.
 ```
 GET https://api.securitycenter.windows.com/api/recommendations/va-_-google-_-chrome
 ```
 **Response**
 Here is an example of the response.
 ```
 Content-type: json
 {
    "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Recommendations/$entity",
    "id": "va-_-google-_-chrome",
    "productName": "chrome",
    "recommendationName": "Update Chrome",
    "weaknesses": 38,
    "vendor": "google",
    "recommendedVersion": "",
    "recommendationCategory": "Application",
    "subCategory": "",
    "severityScore": 0,
    "publicExploit": false,
    "activeAlert": false,
    "associatedThreats": [],
    "remediationType": "Update",
    "status": "Active",
    "configScoreImpact": 0,
    "exposureImpact": 3.9441860465116285,
    "totalMachineCount": 6,
    "exposedMachinesCount": 5,
    "nonProductivityImpactedAssets": 0,
    "relatedComponent": "Chrome"
 }
 ```
 ## Related topics
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Threat & Vulnerability security recommendation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation)
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
@ -0,0 +1,84 @@
 ---
 title: Get recommendation by machines
 description: Retrieves a list of machines associated with the security recommendation. 
 keywords: apis, graph api, supported apis, get, security recommendation for vulnerable machines, threat and vulnerability management, threat and vulnerability management api 
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: dolmont
 author: DulceMontemayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # Get recommendation by machines
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 [!include[Prerelease information](../../includes/prerelease.md)]
 Retrieves a list of machines associated with the security recommendation.
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
 Application |	SecurityRecommendation.Read.All |	'Read Threat and Vulnerability Management security recommendation information'
 Delegated (work or school account) | SecurityRecommendation.Read |	'Read Threat and Vulnerability Management security recommendation information'
 ## HTTP request
 ```
 GET /api/recommendations/{id}/machineReferences
 ```
 ## Request headers
 Name | Type | Description
 :---|:---|:---
 Authorization | String | Bearer {token}. **Required**.
 ## Request body
 Empty
 ## Response
 If successful, this method returns 200 OK with the list of machines associated with the security recommendation.
 ## Example
 **Request**
 Here is an example of the request.
 ```
 GET https://api.securitycenter.windows.com/api/recommendations/va-_-google-_-chrome/machineReferences
 ```
 **Response**
 Here is an example of the response.
 ```json
 {
    "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#MachineReferences",
    "value": [
        {
            "id": "e058770379bc199a9c179ce52a23e16fd44fd2ee",
            "computerDnsName": "niw_pc",
            "osPlatform": "Windows10",
            "rbacGroupId": 2154
        }
        ]
 }
 ```
 ## Related topics
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Threat & Vulnerability security recommendation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation)
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md
@ -0,0 +1,85 @@
 ---
 title: Get recommendation by software
 description: Retrieves a security recommendation related to a specific software.
 keywords: apis, graph api, supported apis, get, security recommendation, security recommendation for software, threat and vulnerability management, threat and vulnerability management api 
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: dolmont
 author: DulceMontemayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # Get recommendation by software
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 [!include[Prerelease information](../../includes/prerelease.md)]
 Retrieves a security recommendation related to a specific software.
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
 Application |	SecurityRecommendation.Read.All |	'Read Threat and Vulnerability Management security recommendation information'
 Delegated (work or school account) | SecurityRecommendation.Read |	'Read Threat and Vulnerability Management security recommendation information'
 ## HTTP request
 ```
 GET /api/recommendations/{id}/software
 ```
 ## Request headers
 Name | Type | Description
 :---|:---|:---
 Authorization | String | Bearer {token}. **Required**.
 ## Request body
 Empty
 ## Response
 If successful, this method returns 200 OK with the software associated with the security recommendations in the body.
 ## Example
 **Request**
 Here is an example of the request.
 ```
 GET https://api.securitycenter.windows.com/api/recommendations/va-_-google-_-chrome/software 
 ```
 **Response**
 Here is an example of the response.
 ```
 Content-type: json
 {
    "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Analytics.Contracts.PublicAPI.PublicProductDto",
    "id": "google-_-chrome",
    "name": "chrome",
    "vendor": "google",
    "weaknesses": 38,
    "publicExploit": false,
    "activeAlert": false,
    "exposedMachines": 5,
    "impactScore": 3.94418621
 }
 ```
 ## Related topics
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Threat & Vulnerability security recommendation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation)
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md
@ -0,0 +1,94 @@
 ---
 title: Get recommendation by vulnerabilities
 description: Retrieves a list of vulnerabilities associated with the security recommendation.
 keywords: apis, graph api, supported apis, get, list of vulnerabilities, security recommendation, security recommendation for vulnerabilities, threat and vulnerability management, threat and vulnerability management api 
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: dolmont
 author: DulceMontemayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # Get recommendation by vulnerabilities
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 [!include[Prerelease information](../../includes/prerelease.md)]
 Retrieves a list of vulnerabilities associated with the security recommendation.
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
 Application |	SecurityRecommendation.Read.All |	'Read Threat and Vulnerability Management security recommendation information'
 Delegated (work or school account) | SecurityRecommendation.Read |	'Read Threat and Vulnerability Management security recommendation information'
 ## HTTP request
 ```
 GET /api/recommendations/{id}/vulnerabilities
 ```
 ## Request headers
 Name | Type | Description
 :---|:---|:---
 Authorization | String | Bearer {token}. **Required**.
 ## Request body
 Empty
 ## Response
 If successful, this method returns 200 OK, with the list of vulnerabilities associated with the security recommendation.
 ## Example
 **Request**
 Here is an example of the request.
 ```
 GET https://api.securitycenter.windows.com/api/recommendations/va-_-google-_-chrome/vulnerabilities
 ```
 **Response**
 Here is an example of the response.
 ```
 Content-type: json
 {
    "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Collection(Analytics.Contracts.PublicAPI.PublicVulnerabilityDto)",
    "value": [
        {
            "id": "CVE-2019-13748",
            "name": "CVE-2019-13748",
            "description": "Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page.",
            "severity": "Medium",
            "cvssV3": 6.5,
            "exposedMachines": 0,
            "publishedOn": "2019-12-10T00:00:00Z",
            "updatedOn": "2019-12-16T12:15:00Z",
            "publicExploit": false,
            "exploitVerified": false,
            "exploitInKit": false,
            "exploitTypes": [],
            "exploitUris": []
        }
        ]
 }
 ```
 ## Related topics
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Threat & Vulnerability security recommendation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation)
--- a/windows/security/threat-protection/microsoft-defender-atp/get-security-recommendations.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-security-recommendations.md
@ -0,0 +1,101 @@
 ---
 title: Get security recommendations
 description: Retrieves a collection of security recommendations related to a given machine ID.
 keywords: apis, graph api, supported apis, get, list, file, information, security recommendation per machine, threat & vulnerability management api, mdatp tvm api
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: dolmont
 author: DulceMontemayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # Get security recommendations
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 [!include[Prerelease information](../../includes/prerelease.md)]
 Retrieves a collection of security recommendations related to a given machine ID.
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
 Application | SecurityRecommendation.Read.All |	'Read Threat and Vulnerability Management security recommendation information'
 Delegated (work or school account) | SecurityRecommendation.Read |	'Read Threat and Vulnerability Management security recommendation information'
 ## HTTP request
 ```
 GET /api/machines/{machineId}/recommendations
 ```
 ## Request headers
 Name | Type | Description
 :---|:---|:---
 Authorization | String | Bearer {token}. **Required**.
 ## Request body
 Empty
 ## Response
 If successful, this method returns 200 OK with the security recommendations in the body.
 ## Example
 **Request**
 Here is an example of the request.
 ```
 GET https://api.securitycenter.windows.com/api/machines/ac233fa6208e1579620bf44207c4006ed7cc4501/recommendations
 ```
 **Response**
 Here is an example of the response.
 ```
 {
    "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Recommendations",
    "value": [
        {
            "id": "va-_-git-scm-_-git",
            "productName": "git",
            "recommendationName": "Update Git to version 2.24.1.2",
            "weaknesses": 3,
            "vendor": "git-scm",
            "recommendedVersion": "2.24.1.2",
            "recommendationCategory": "Application",
            "subCategory": "",
            "severityScore": 0,
            "publicExploit": false,
            "activeAlert": false,
            "associatedThreats": [],
            "remediationType": "Update",
            "status": "Active",
            "configScoreImpact": 0,
            "exposureImpact": 0,
            "totalMachineCount": 0,
            "exposedMachinesCount": 1,
            "nonProductivityImpactedAssets": 0,
            "relatedComponent": "Git"
        },
 …
 }
 ```
 ## Related topics
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Threat & Vulnerability security recommendation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation)
--- a/windows/security/threat-protection/microsoft-defender-atp/get-software-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-software-by-id.md
@ -0,0 +1,86 @@
 ---
 title: Get software by Id
 description: Retrieves a list of exposure scores by machine group.
 keywords: apis, graph api, supported apis, get, software, mdatp tvm api
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: dolmont
 author: DulceMontemayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # Get software by Id
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 [!include[Prerelease information](../../includes/prerelease.md)]
 Retrieves software details by ID.
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 Permission type |   Permission  |   Permission display name
 :---|:---|:---
 Application | Software.Read.All | 'Read Threat and Vulnerability Management Software information'
 Delegated (work or school account) | Software.Read | 'Read Threat and Vulnerability Management Software information'
 ## HTTP request
 ```
 GET /api/Software/{Id}
 ```
 ## Request headers
 | Name        | Type | Description
 |:--------------|:-------|:--------------|
 | Authorization | String | Bearer {token}.**Required**.
 ## Request body
 Empty
 ## Response
 If successful, this method returns 200 OK with the specified software data in the body. 
 ## Example
 **Request**
 Here is an example of the request.
 ```
 GET https://api.securitycenter.windows.com/api/Software/microsoft-_-edge
 ```
 **Response**
 Here is an example of the response.
 ```json
 {
    "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Software/$entity",
    "id": "microsoft-_-edge",
    "name": "edge",
    "vendor": "microsoft",
    "weaknesses": 467,
    "publicExploit": true,
    "activeAlert": false,
    "exposedMachines": 172,
    "impactScore": 2.39947438
 }
 ```
 ## Related topics
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Threat & Vulnerability software inventory](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory)
--- a/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
@ -0,0 +1,90 @@
 ---
 title: List software version distribution 
 description: Retrieves a list of your organization's software version distribution 
 keywords: apis, graph api, supported apis, get, software version distribution, mdatp tvm api
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: dolmont
 author: DulceMontemayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # List software version distribution 
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 [!include[Prerelease information](../../includes/prerelease.md)]
 Retrieves a list of your organization's software version distribution. 
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 Permission type |   Permission  |   Permission display name
 :---|:---|:---
 Application | Software.Read.All | 'Read Threat and Vulnerability Management Software information'
 Delegated (work or school account) | Software.Read | 'Read Threat and Vulnerability Management Software information'
 ## HTTP request
 ```
 GET /api/Software/{Id}/distributions
 ```
 ## Request headers
 | Name        | Type | Description
 |:--------------|:-------|:--------------|
 | Authorization | String | Bearer {token}.**Required**.
 ## Request body
 Empty
 ## Response
 If successful, this method returns 200 OK with a list of software distributions data in the body. 
 ## Example
 **Request**
 Here is an example of the request.
 ```
 GET https://api.securitycenter.windows.com/api/Software/microsoft-_-edge/distributions
 ```
 **Response**
 Here is an example of the response.
 ```json
 {
    "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#Distributions",
    "value": [
        {
            "version": "11.0.17134.1039",
            "installations": 1,
            "vulnerabilities": 11
        },
        {
            "version": "11.0.18363.535",
            "installations": 750,
            "vulnerabilities": 0
        }
        ]
 }
 ```
 ## Related topics
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Threat & Vulnerability software inventory](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory)
--- a/windows/security/threat-protection/microsoft-defender-atp/get-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-software.md
@ -0,0 +1,89 @@
 ---
 title: List software
 description: Retrieves a list of software inventory
 keywords: apis, graph api, supported apis, get, list, file, information, software inventory, threat & vulnerability management api, mdatp tvm api
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: dolmont
 author: DulceMontemayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # List software inventory API
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 [!include[Prerelease information](../../includes/prerelease.md)]
 Retrieves the organization software inventory.
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
 Application |Software.Read.All |	'Read Threat and Vulnerability Management Software information'
 Delegated (work or school account) | Software.Read |	'Read Threat and Vulnerability Management Software information'
 ## HTTP request
 ```
 GET /api/Software
 ```
 ## Request headers
 Name | Type | Description
 :---|:---|:---
 Authorization | String | Bearer {token}. **Required**.
 ## Request body
 Empty
 ## Response
 If successful, this method returns 200 OK with the software inventory in the body.
 ## Example
 **Request**
 Here is an example of the request.
 ```
 GET https://api.securitycenter.windows.com/api/Software
 ```
 **Response**
 Here is an example of the response.
 ```
 {
    "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#Software",
    "value": [
        {
            "id": "microsoft-_-edge",
            "name": "edge",
            "vendor": "microsoft",
            "weaknesses": 467,
            "publicExploit": true,
            "activeAlert": false,
            "exposedMachines": 172,
            "impactScore": 2.39947438
        }
        ]
 }
 ```
 ## Related topics
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Threat & Vulnerability software inventory](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory)
--- a/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md
@ -0,0 +1,92 @@
 ---
 title: List vulnerabilities by software
 description: Retrieve a list of vulnerabilities in the installed software. 
 keywords: apis, graph api, supported apis, get, vulnerabilities list, mdatp tvm api
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: dolmont
 author: DulceMontemayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # List vulnerabilities by software
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 [!include[Prerelease information](../../includes/prerelease.md)]
 Retrieve a list of vulnerabilities in the installed software. 
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 Permission type |   Permission  |   Permission display name
 :---|:---|:---
 Application | Software.Read.All | 'Read Threat and Vulnerability Management Software information'
 Delegated (work or school account) | Software.Read | 'Read Threat and Vulnerability Management Software information'
 ## HTTP request
 ```
 GET /api/Software/{Id}/vulnerabilities
 ```
 ## Request headers
 | Name        | Type | Description
 |:--------------|:-------|:--------------|
 | Authorization | String | Bearer {token}.**Required**.
 ## Request body
 Empty
 ## Response
 If successful, this method returns 200 OK with a a list of vulnerabilities exposed by the specified software. 
 ## Example
 **Request**
 Here is an example of the request.
 ```
 GET https://api.securitycenter.windows.com/api/Software/microsoft-_-edge/vulnerabilities 
 ```
 **Response**
 Here is an example of the response.
 ```json
 {
    "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#Collection(Analytics.Contracts.PublicAPI.PublicVulnerabilityDto)",
    "value": [
        {
            "id": "CVE-2017-0140",
            "name": "CVE-2017-0140",
            "description": "A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins. The vulnerability allows Microsoft Edge to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to send data that would otherwise be restricted.In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites, and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.The security update addresses the vulnerability by modifying how affected Microsoft Edge handles different-origin requests.",
            "severity": "Medium",
            "cvssV3": 4.2,
            "exposedMachines": 1,
            "publishedOn": "2017-03-14T00:00:00Z",
            "updatedOn": "2019-10-03T00:03:00Z",
            "publicExploit": false,
            "exploitVerified": false,
            "exploitInKit": false,
            "exploitTypes": [],
            "exploitUris": []
        }
        ]
 }
 ```
--- a/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md
@ -0,0 +1,89 @@
 ---
 title: Get vulnerability by Id
 description: Retrieves vulnerability information by its ID.
 keywords: apis, graph api, supported apis, get, vulnerability information, mdatp tvm api
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: dolmont
 author: DulceMontemayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
 ---
 # Get vulnerability by ID
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 [!include[Prerelease information](../../includes/prerelease.md)]
 Retrieves vulnerability information by its ID.
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
 Application | Vulnerability.Read.All |	'Read Threat and Vulnerability Management vulnerability information'
 Delegated (work or school account) | Vulnerability.Read |	'Read Threat and Vulnerability Management vulnerability information'
 ## HTTP request
 ```
 GET /api/vulnerabilities/{cveId}
 ```
 ## Request headers
 Name | Type | Description
 :---|:---|:---
 Authorization | String | Bearer {token}. **Required**.
 ## Request body
 Empty
 ## Response
 If successful, this method returns 200 OK with the vulnerability information in the body.
 ## Example
 **Request**
 Here is an example of the request.
 ```
 GET https://api.securitycenter.windows.com/api/Vulnerabilities/CVE-2019-0608
 ```
 **Response**
 Here is an example of the response.
 ```
 Content-type: json
 {
    "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#Vulnerabilities/$entity",
    "id": "CVE-2019-0608",
    "name": "CVE-2019-0608",
    "description": "A spoofing vulnerability exists when Microsoft Browsers does not properly parse HTTP content. An attacker who successfully exploited this vulnerability could impersonate a user request by crafting HTTP queries. The specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services.To exploit the vulnerability, the user must click a specially crafted URL. In an email attack scenario, an attacker could send an email message containing the specially crafted URL to the user in an attempt to convince the user to click it.In a web-based attack scenario, an attacker could host a specially crafted website designed to appear as a legitimate website to the user. However, the attacker would have no way to force the user to visit the specially crafted website. The attacker would have to convince the user to visit the specially crafted website, typically by way of enticement in an email or instant message, and then convince the user to interact with content on the website.The update addresses the vulnerability by correcting how Microsoft Browsers parses HTTP responses.",
    "severity": "Medium",
    "cvssV3": 4.3,
    "exposedMachines": 4,
    "publishedOn": "2019-10-08T00:00:00Z",
    "updatedOn": "2019-12-16T16:20:00Z",
    "publicExploit": false,
    "exploitVerified": false,
    "exploitInKit": false,
    "exploitTypes": [],
    "exploitUris": []
 }
 ```
 ## Related topics
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Vulnerabilities in your organization](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses)
--- a/windows/security/threat-protection/microsoft-defender-atp/helpful-resources.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/helpful-resources.md
@ -0,0 +1,60 @@
 ---
 title: Helpful Microsoft Defender Advanced Threat Protection resources
 description: Access helpful resources such as links to blogs and other resources related to  Microsoft Defender Advanced Threat Protection
 keywords: Microsoft Defender Security Center, product brief, brief, capabilities, licensing
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: conceptual 
 ---
 # Helpful Microsoft Defender Advanced Threat Protection resources
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 Access helpful resources such as links to blogs and other resources related to  Microsoft Defender Advanced Threat Protection.
 ## Endpoint protection platform
 -   [Top scoring in industry
    tests](https://docs.microsoft.com/windows/security/threat-protection/intelligence/top-scoring-industry-antivirus-tests)
 -   [Inside out: Get to know the advanced technologies at the core of Microsoft
    Defender ATP next generation
    protection](https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection/)
 -   [Protecting disconnected devices with Microsoft Defender
    ATP](https://techcommunity.microsoft.com/t5/Microsoft-Defender-ATP/Protecting-disconnected-devices-with-Microsoft-Defender-ATP/ba-p/500341)
 -   [Tamper protection in Microsoft Defender
    ATP](https://techcommunity.microsoft.com/t5/Microsoft-Defender-ATP/Tamper-protection-in-Microsoft-Defender-ATP/ba-p/389571)
 ## Endpoint Detection Response
 -   [Incident response at your fingertips with Microsoft Defender ATP live
    response](https://techcommunity.microsoft.com/t5/Microsoft-Defender-ATP/Incident-response-at-your-fingertips-with-Microsoft-Defender-ATP/ba-p/614894)
 ## Threat Vulnerability Management
 -   [Microsoft Defender ATP Threat & Vulnerability Management now publicly
    available!](https://techcommunity.microsoft.com/t5/Microsoft-Defender-ATP/MDATP-Threat-amp-Vulnerability-Management-now-publicly-available/ba-p/460977)
 ## Operational
 -   [The Golden Hour remake - Defining metrics for a successful security
    operations](https://techcommunity.microsoft.com/t5/Microsoft-Defender-ATP/The-Golden-Hour-remake-Defining-metrics-for-a-successful/ba-p/782014)
 -   [Microsoft Defender ATP Evaluation lab is now available in public preview
    ](https://techcommunity.microsoft.com/t5/Microsoft-Defender-ATP/Microsoft-Defender-ATP-Evaluation-lab-is-now-available-in-public/ba-p/770271)
 -   [How automation brings value to your security
    teams](https://techcommunity.microsoft.com/t5/Microsoft-Defender-ATP/How-automation-brings-value-to-your-security-teams/ba-p/729297)
--- a/windows/security/threat-protection/microsoft-defender-atp/images/09833d16df7f37eda97ea1d5009b651a.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/09833d16df7f37eda97ea1d5009b651a.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/0a6536f2c4024c08709cac8fcf800060.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/0a6536f2c4024c08709cac8fcf800060.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/0ccfe3e803be4b56c668b220b51da7f7.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/0ccfe3e803be4b56c668b220b51da7f7.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/112a19b825f4e7b60795ffbd1be52fa9.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/112a19b825f4e7b60795ffbd1be52fa9.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/13201b477bc9a9ae0020814915fe80cc.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/13201b477bc9a9ae0020814915fe80cc.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/1566ad81bae3d714cc9e0d47575a8cbd.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/1566ad81bae3d714cc9e0d47575a8cbd.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/1b9f85316170cfe24b46330afa8517d5.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/1b9f85316170cfe24b46330afa8517d5.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/1c3795a91872940f0850bcd1619d6d17.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/1c3795a91872940f0850bcd1619d6d17.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/1e439168370e6821083f2c0e91cfabef.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/1e439168370e6821083f2c0e91cfabef.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/2177e2b9b72a444243acd770e7017457.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/2177e2b9b72a444243acd770e7017457.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/227f249bcb6e7f29c4d43aa1ffaccd20.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/227f249bcb6e7f29c4d43aa1ffaccd20.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/24bfb16ed561cbb468bd8ce51130ca9d.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/24bfb16ed561cbb468bd8ce51130ca9d.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/262a41839704d6da2bbd72ed6b4a826a.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/262a41839704d6da2bbd72ed6b4a826a.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/26efa2711bca78f6b6d73712f86b5bd9.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/26efa2711bca78f6b6d73712f86b5bd9.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/2c7f9d05a2ebd19607cc76b6933b945b.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/2c7f9d05a2ebd19607cc76b6933b945b.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/33f08a38f2f4dd12a364f8eac95e8c6b.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/33f08a38f2f4dd12a364f8eac95e8c6b.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/36c7c2ed737f2f4b54918a4f20791d4b.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/36c7c2ed737f2f4b54918a4f20791d4b.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/3876ca687391bfc0ce215d221c683970.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/3876ca687391bfc0ce215d221c683970.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/3a01c7970ce3ec977a35883c0a01f0a2.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/3a01c7970ce3ec977a35883c0a01f0a2.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/3c1cf2e3df19509b198c084f264b410d.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/3c1cf2e3df19509b198c084f264b410d.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/41b9a023bc96364062c2041a8f5c344e.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/41b9a023bc96364062c2041a8f5c344e.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/4a37f3687e6ff53a593d3670b1dad3aa.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/4a37f3687e6ff53a593d3670b1dad3aa.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/5420a8790c550f39f189830775a6d4c9.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/5420a8790c550f39f189830775a6d4c9.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/653db482c7ccaf31d06f29fb2aa24b7a.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/653db482c7ccaf31d06f29fb2aa24b7a.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/6d325a2f9a638337823e03ad5ca08651.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/6d325a2f9a638337823e03ad5ca08651.png
--- a/Show More
+++ b/Show More