Merge branch 'master' of https://github.com/MicrosoftDocs/windows-docs-pr into FromPrivateRepo

windows/client-management/mdm/TOC.md

@@ -245,6 +245,7 @@
 #### [RestrictedGroups](policy-csp-restrictedgroups.md)
 #### [Search](policy-csp-search.md)
 #### [Security](policy-csp-security.md)
+#### [ServiceControlManager](policy-csp-servicecontrolmanager.md)
 #### [Settings](policy-csp-settings.md)
 #### [SmartScreen](policy-csp-smartscreen.md)
 #### [Speech](policy-csp-speech.md)

windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md

@@ -117,6 +117,7 @@ For details about Microsoft mobile device management protocols for Windows 10 s
 <li>[Power/UnattendedSleepTimeoutOnBattery](policy-csp-power.md#power-unattendedsleeptimeoutonbattery)</li>
 <li>[Power/UnattendedSleepTimeoutPluggedIn](policy-csp-power.md#power-unattendedsleeptimeoutpluggedin)</li>
 <li>[Search/AllowFindMyFiles](policy-csp-search.md#search-allowfindmyfiles)</li>
+<li>[ServiceControlManager/SvchostProcessMitigation](policy-csp-servicecontrolmanager.md#servicecontrolmanager-svchostprocessmitigation)</li>
 <li>[System/AllowCommercialDataPipeline](policy-csp-system.md#system-allowcommercialdatapipeline)</li>
 <li>[System/TurnOffFileHistory](policy-csp-system.md#system-turnofffilehistory)</li>
 <li>[Update/AutomaticMaintenanceWakeUp](policy-csp-update.md#update-automaticmaintenancewakeup)</li>
@@ -1870,16 +1871,17 @@ How do I turn if off? | The service can be stopped from the "Services" console o
 
 |New or updated topic | Description|
 |--- | ---|
+|[DeviceStatus CSP](devicestatus-csp.md)|Updated description of the following nodes:<br>DeviceStatus/Antivirus/SignatureStatus, DeviceStatus/Antispyware/SignatureStatus.|
 |[EnrollmentStatusTracking CSP](enrollmentstatustracking-csp.md)|Added new CSP in Windows 10, version 1903.|
 |[Policy CSP - DeliveryOptimization](policy-csp-deliveryoptimization.md)|Added the following new policies:<br> DODelayCacheServerFallbackBackground, DODelayCacheServerFallbackForeground.<br><br>Updated description of the following policies:<br>DOMinRAMAllowedToPeer, DOMinFileSizeToCache, DOMinDiskSizeAllowedToPeer.|
 |[Policy CSP - Experience](policy-csp-experience.md)|Added the following new policy:<br>ShowLockOnUserTile.|
 |[Policy CSP - InternetExplorer](policy-csp-internetexplorer.md)|Added the following new policies:<br>AllowEnhancedSuggestionsInAddressBar, DisableActiveXVersionListAutoDownload, DisableCompatView, DisableFeedsBackgroundSync, DisableGeolocation, DisableWebAddressAutoComplete, NewTabDefaultPage.|
 |[Policy CSP - Power](policy-csp-power.md)|Added the following new policies:<br>EnergySaverBatteryThresholdOnBattery, EnergySaverBatteryThresholdPluggedIn, SelectLidCloseActionOnBattery, SelectLidCloseActionPluggedIn, SelectPowerButtonActionOnBattery, SelectPowerButtonActionPluggedIn, SelectSleepButtonActionOnBattery, SelectSleepButtonActionPluggedIn, TurnOffHybridSleepOnBattery, TurnOffHybridSleepPluggedIn, UnattendedSleepTimeoutOnBattery, UnattendedSleepTimeoutPluggedIn.|
 |[Policy CSP - Search](policy-csp-search.md)|Added the following new policy:<br>AllowFindMyFiles.|
+|[Policy CSP - ServiceControlManager](policy-csp-servicecontrolmanager.md)|Added the following new policy:<br>SvchostProcessMitigation.|
 |[Policy CSP - System](policy-csp-system.md)|Added the following new policies:<br>AllowCommercialDataPipeline, TurnOffFileHistory.|
 |[Policy CSP - Update](policy-csp-update.md)|Added the following new policies:<br>AutomaticMaintenanceWakeUp, ConfigureDeadlineForFeatureUpdates, ConfigureDeadlineForQualityUpdates, ConfigureDeadlineGracePeriod, ConfigureDeadlineNoAutoReboot.|
 |[Policy CSP - WindowsLogon](policy-csp-windowslogon.md)|Added the following new policies:<br>AllowAutomaticRestartSignOn, ConfigAutomaticRestartSignOn, EnableFirstLogonAnimation.|
-|[DeviceStatus CSP](devicestatus-csp.md)|Updated description of the following nodes:<br>DeviceStatus/Antivirus/SignatureStatus, DeviceStatus/Antispyware/SignatureStatus.|
 
 ### April 2019
 

windows/client-management/mdm/policy-configuration-service-provider.md

@@ -3002,6 +3002,13 @@ The following diagram shows the Policy configuration service provider in tree fo
   </dd>
 </dl>
 
+### ServiceControlManager policies
+<dl>
+  <dd>
+    <a href="./policy-csp-servicecontrolmanager.md#servicecontrolmanager-svchostprocessmitigation" id="servicecontrolmanager-svchostprocessmitigation">ServiceControlManager/SvchostProcessMitigation</a>
+  </dd>
+</dl>
+
 ### Settings policies
 
 <dl>
@@ -4221,6 +4228,7 @@ The following diagram shows the Policy configuration service provider in tree fo
 -   [RemoteShell/SpecifyMaxProcesses](./policy-csp-remoteshell.md#remoteshell-specifymaxprocesses)
 -   [RemoteShell/SpecifyMaxRemoteShells](./policy-csp-remoteshell.md#remoteshell-specifymaxremoteshells)
 -   [RemoteShell/SpecifyShellTimeout](./policy-csp-remoteshell.md#remoteshell-specifyshelltimeout)
+-   [ServiceControlManager/SvchostProcessMitigation](./policy-csp-servicecontrolmanager.md#servicecontrolmanager-svchostprocessmitigation)
 -   [Storage/EnhancedStorageDevices](./policy-csp-storage.md#storage-enhancedstoragedevices)
 -   [System/BootStartDriverInitialization](./policy-csp-system.md#system-bootstartdriverinitialization)
 -   [System/DisableSystemRestore](./policy-csp-system.md#system-disablesystemrestore)
@@ -4965,6 +4973,7 @@ The following diagram shows the Policy configuration service provider in tree fo
 -   [Search/PreventIndexingLowDiskSpaceMB](./policy-csp-search.md#search-preventindexinglowdiskspacemb)
 -   [Search/PreventRemoteQueries](./policy-csp-search.md#search-preventremotequeries)
 -   [Security/ClearTPMIfNotReady](./policy-csp-security.md#security-cleartpmifnotready)
+-   [ServiceControlManager/SvchostProcessMitigation](./policy-csp-servicecontrolmanager.md#servicecontrolmanager-svchostprocessmitigation)
 -   [Settings/AllowOnlineTips](./policy-csp-settings.md#settings-allowonlinetips)
 -   [Settings/ConfigureTaskbarCalendar](./policy-csp-settings.md#settings-configuretaskbarcalendar)
 -   [Settings/PageVisibilityList](./policy-csp-settings.md#settings-pagevisibilitylist)

windows/client-management/mdm/policy-csp-servicecontrolmanager.md

@@ -0,0 +1,112 @@
+---
+title: Policy CSP - ServiceControlManager
+description: Policy CSP - ServiceControlManager
+ms.author: Heidi.Lohr
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: Heidilohr
+ms.date: 05/21/2019
+---
+
+# Policy CSP - ServiceControlManager
+
+
+<hr/>
+
+<!--Policies-->
+## ServiceControlManager policies  
+
+<dl>
+  <dd>
+    <a href="#servicecontrolmanager-svchostprocessmitigation">ServiceControlManager/SvchostProcessMitigation</a>
+  </dd>
+</dl>
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="servicecontrolmanager-svchostprocessmitigation"></a>**ServiceControlManager/SvchostProcessMitigation**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+	<th>Home</th>
+	<th>Pro</th>
+	<th>Business</th>
+	<th>Enterprise</th>
+	<th>Education</th>
+	<th>Mobile</th>
+	<th>Mobile Enterprise</th>
+</tr>
+<tr>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>6</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>6</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>6</sup></td>
+	<td></td>
+	<td></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+This policy setting enables process mitigation options on svchost.exe processes.
+
+If you enable this policy setting, built-in system services hosted in svchost.exe processes will have stricter security policies enabled on them.
+
+This includes a policy requiring all binaries loaded in these processes to be signed by Microsoft, as well as a policy disallowing dynamically-generated code.  
+
+If you disable or do not configure this policy setting, the stricter security settings will not be applied.
+
+<!--/Description-->
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it.  For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP English name: *Enable svchost.exe mitigation options*
+-   GP name: *SvchostProcessMitigationEnable*
+-   GP path: *System/Service Control Manager Settings/Security Settings*
+-   GP ADMX file name: *ServiceControlManager.admx*
+
+<!--/ADMXBacked-->
+<!--SupportedValues-->
+Supported values:  
+- disabled - Do not add ACG/CIG enforcement and other process mitigation/code integrity policies to SVCHOST processes.
+- enabled - Add ACG/CIG enforcement and other process mitigation/code integrity policies to SVCHOST processes.
+<!--/SupportedValues-->
+<!--Example-->
+
+<!--/Example-->
+<!--Validation-->
+
+<!--/Validation-->
+<!--/Policy-->
+
+<!--/Policies-->
+
+<hr/>
+
+Footnotes:
+
+-   1 - Added in Windows 10, version 1607.
+-   2 - Added in Windows 10, version 1703.
+-   3 - Added in Windows 10, version 1709.
+-   4 - Added in Windows 10, version 1803.
+-   5 - Added in Windows 10, version 1809.
+-   6 - Added in Windows 10, version 1903.

windows/release-information/status-windows-10-1607-and-windows-server-2016.yml

@@ -70,7 +70,6 @@ sections:
       <tr><td><div id='423msg'></div><b>Unable to access some gov.uk websites</b><br>gov.uk websites that don’t support “HSTS” may not be accessible<br><br><a href = '#423msgdesc'>See details ></a></td><td>OS Build 14393.2969<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505052' target='_blank'>KB4505052</a></td><td>May 19, 2019 <br>02:00 PM PT</td></tr>
       <tr><td><div id='379msg'></div><b>Layout and cell size of Excel sheets may change when using MS UI Gothic </b><br>When using the MS UI Gothic or MS PGothic fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel. <br><br><a href = '#379msgdesc'>See details ></a></td><td>OS Build 14393.2941<br><br>April 25, 2019<br><a href ='https://support.microsoft.com/help/4493473' target='_blank'>KB4493473</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a></td><td>May 14, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='360msg'></div><b>Zone transfers over TCP may fail</b><br>Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail.<br><br><a href = '#360msgdesc'>See details ></a></td><td>OS Build 14393.2941<br><br>April 25, 2019<br><a href ='https://support.microsoft.com/help/4493473' target='_blank'>KB4493473</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a></td><td>May 14, 2019 <br>10:00 AM PT</td></tr>
-      <tr><td><div id='191msg'></div><b>Custom URI schemes may not start corresponding application</b><br>Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.<br><br><a href = '#191msgdesc'>See details ></a></td><td>OS Build 14393.2848<br><br>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489882' target='_blank'>KB4489882</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4493473' target='_blank'>KB4493473</a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
       </table>
       "
 
@@ -109,7 +108,6 @@ sections:
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='238msgdesc'></div><b>Issue using PXE to start a device from WDS</b><div>After installing <a href=\"https://support.microsoft.com/help/4489882\" target=\"_blank\">KB4489882</a>, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1</li><li>Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012</li></ul><div></div><div><strong>Workaround:</strong> To mitigate the issue, disable the Variable Window Extension on WDS server using one of the following options:</div><div><br></div><div><strong>Option 1:</strong></div><div>Open an Administrator Command prompt and type the following:</div><pre class=\"ql-syntax\" spellcheck=\"false\">Wdsutil /Set-TransportServer /EnableTftpVariableWindowExtension:No
 </pre><div><br></div><div><strong>Option 2:</strong></div><div>Use the Windows Deployment Services UI to make the following adjustment:</div><ol><li>Open Windows Deployment Services from Windows Administrative Tools.</li><li>Expand Servers and right-click a WDS server.</li><li>Open its properties and clear the <strong>Enable Variable Window Extension</strong> box on the TFTP tab.</li></ol><div><strong>Option 3:</strong></div><div>Set the following registry value to 0:</div><div>HKLM\\System\\CurrentControlSet\\Services\\WDSServer\\Providers\\WDSTFTP\\EnableVariableWindowExtension</div><div><br></div><div>Restart the WDSServer service after disabling the Variable Window Extension.</div><div><br></div><div><strong>Next steps:</strong> Microsoft is working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#238msg'>Back to top</a></td><td>OS Build 14393.2848<br><br>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489882' target='_blank'>KB4489882</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>April 25, 2019 <br>02:00 PM PT<br><br>Opened:<br>March 12, 2019 <br>10:00 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='191msgdesc'></div><b>Custom URI schemes may not start corresponding application</b><div>After installing <a href=\"https://support.microsoft.com/help/4489882\" target=\"_blank\">KB4489882</a>, Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.</div><div><br></div><div><strong>Affected platforms:&nbsp;</strong></div><ul><li>Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1&nbsp;</li><li>Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Resolution:</strong> This issue is resolved in <a href=\"https://support.microsoft.com/help/4493473\" target=\"_blank\">KB4493473</a>.&nbsp;</div><br><a href ='#191msg'>Back to top</a></td><td>OS Build 14393.2848<br><br>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489882' target='_blank'>KB4489882</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4493473' target='_blank'>KB4493473</a></td><td>Resolved:<br>April 25, 2019 <br>02:00 PM PT<br><br>Opened:<br>March 12, 2019 <br>10:00 AM PT</td></tr>
       </table>
       "
 

windows/release-information/status-windows-10-1703.yml

@@ -63,7 +63,6 @@ sections:
       <tr><td><div id='321msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".<br><br><a href = '#321msgdesc'>See details ></a></td><td>OS Build 15063.1563<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480973' target='_blank'>KB4480973</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
       <tr><td><div id='423msg'></div><b>Unable to access some gov.uk websites</b><br>gov.uk websites that don’t support “HSTS” may not be accessible<br><br><a href = '#423msgdesc'>See details ></a></td><td>OS Build 15063.1805<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4499181' target='_blank'>KB4499181</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505055' target='_blank'>KB4505055</a></td><td>May 19, 2019 <br>02:00 PM PT</td></tr>
       <tr><td><div id='379msg'></div><b>Layout and cell size of Excel sheets may change when using MS UI Gothic </b><br>When using the MS UI Gothic or MS PGothic fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel. <br><br><a href = '#379msgdesc'>See details ></a></td><td>OS Build 15063.1784<br><br>April 25, 2019<br><a href ='https://support.microsoft.com/help/4493436' target='_blank'>KB4493436</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4499181' target='_blank'>KB4499181</a></td><td>May 14, 2019 <br>10:00 AM PT</td></tr>
-      <tr><td><div id='190msg'></div><b>Custom URI schemes may not start corresponding application</b><br>Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.<br><br><a href = '#190msgdesc'>See details ></a></td><td>OS Build 15063.1689<br><br>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489871' target='_blank'>KB4489871</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4493436' target='_blank'>KB4493436</a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
       </table>
       "
 
@@ -84,15 +83,6 @@ sections:
       </table>
       "
 
-- title: March 2019
-- items:
-  - type: markdown
-    text: "
-      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='190msgdesc'></div><b>Custom URI schemes may not start corresponding application</b><div>After installing <a href=\"https://support.microsoft.com/help/4489871\" target=\"_blank\">KB4489871</a>, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1&nbsp;</li><li>Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Resolution:</strong> This issue is resolved in <a href=\"https://support.microsoft.com/help/4493436\" target=\"_blank\">KB4493436</a>.&nbsp;</div><br><a href ='#190msg'>Back to top</a></td><td>OS Build 15063.1689<br><br>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489871' target='_blank'>KB4489871</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4493436' target='_blank'>KB4493436</a></td><td>Resolved:<br>April 25, 2019 <br>02:00 PM PT<br><br>Opened:<br>March 12, 2019 <br>10:00 AM PT</td></tr>
-      </table>
-      "
-
 - title: January 2019
 - items:
   - type: markdown

windows/release-information/status-windows-10-1709.yml

@@ -64,7 +64,6 @@ sections:
       <tr><td><div id='422msg'></div><b>Unable to access some gov.uk websites</b><br>gov.uk websites that don’t support “HSTS” may not be accessible<br><br><a href = '#422msgdesc'>See details ></a></td><td>OS Build 16299.1143<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4498946' target='_blank'>KB4498946</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505062' target='_blank'>KB4505062</a></td><td>May 19, 2019 <br>02:00 PM PT</td></tr>
       <tr><td><div id='379msg'></div><b>Layout and cell size of Excel sheets may change when using MS UI Gothic </b><br>When using the MS UI Gothic or MS PGothic fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel. <br><br><a href = '#379msgdesc'>See details ></a></td><td>OS Build 16299.1127<br><br>April 25, 2019<br><a href ='https://support.microsoft.com/help/4493440' target='_blank'>KB4493440</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4499179' target='_blank'>KB4499179</a></td><td>May 14, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='361msg'></div><b>Zone transfers over TCP may fail</b><br>Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail.<br><br><a href = '#361msgdesc'>See details ></a></td><td>OS Build 16299.1127<br><br>April 25, 2019<br><a href ='https://support.microsoft.com/help/4493440' target='_blank'>KB4493440</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4499179' target='_blank'>KB4499179</a></td><td>May 14, 2019 <br>10:00 AM PT</td></tr>
-      <tr><td><div id='347msg'></div><b>Custom URI schemes may not start corresponding application</b><br>Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.<br><br><a href = '#347msgdesc'>See details ></a></td><td>OS Build 16299.1029<br><br>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489886' target='_blank'>KB4489886</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4493440' target='_blank'>KB4493440</a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
       </table>
       "
 
@@ -94,15 +93,6 @@ sections:
       </table>
       "
 
-- title: March 2019
-- items:
-  - type: markdown
-    text: "
-      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='347msgdesc'></div><b>Custom URI schemes may not start corresponding application</b><div>After installing <a href=\"https://support.microsoft.com/help/4489886\" target=\"_blank\">KB4489886</a>, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1&nbsp;</li><li>Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Resolution:</strong> This issue is resolved in <a href=\"https://support.microsoft.com/help/4493440\" target=\"_blank\">KB4493440</a>.&nbsp;</div><br><a href ='#347msg'>Back to top</a></td><td>OS Build 16299.1029<br><br>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489886' target='_blank'>KB4489886</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4493440' target='_blank'>KB4493440</a></td><td>Resolved:<br>April 25, 2019 <br>02:00 PM PT<br><br>Opened:<br>March 12, 2019 <br>10:00 AM PT</td></tr>
-      </table>
-      "
-
 - title: January 2019
 - items:
   - type: markdown

windows/release-information/status-windows-10-1803.yml

@@ -65,7 +65,6 @@ sections:
       <tr><td><div id='422msg'></div><b>Unable to access some gov.uk websites</b><br>gov.uk websites that don’t support “HSTS” may not be accessible<br><br><a href = '#422msgdesc'>See details ></a></td><td>OS Build 17134.765<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4499167' target='_blank'>KB4499167</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505064' target='_blank'>KB4505064</a></td><td>May 19, 2019 <br>02:00 PM PT</td></tr>
       <tr><td><div id='379msg'></div><b>Layout and cell size of Excel sheets may change when using MS UI Gothic </b><br>When using the MS UI Gothic or MS PGothic fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel. <br><br><a href = '#379msgdesc'>See details ></a></td><td>OS Build 17134.753<br><br>April 25, 2019<br><a href ='https://support.microsoft.com/help/4493437' target='_blank'>KB4493437</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4499167' target='_blank'>KB4499167</a></td><td>May 14, 2019 <br>10:00 AM PT</td></tr>
       <tr><td><div id='362msg'></div><b>Zone transfers over TCP may fail</b><br>Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail.<br><br><a href = '#362msgdesc'>See details ></a></td><td>OS Build 17134.753<br><br>April 25, 2019<br><a href ='https://support.microsoft.com/help/4493437' target='_blank'>KB4493437</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4499167' target='_blank'>KB4499167</a></td><td>May 14, 2019 <br>10:00 AM PT</td></tr>
-      <tr><td><div id='188msg'></div><b>Custom URI schemes may not start corresponding application</b><br>Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.<br><br><a href = '#188msgdesc'>See details ></a></td><td>OS Build 17134.648<br><br>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489868' target='_blank'>KB4489868</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4493437' target='_blank'>KB4493437</a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
       </table>
       "
 
@@ -102,7 +101,6 @@ sections:
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='237msgdesc'></div><b>Issue using PXE to start a device from WDS</b><div>After installing <a href=\"https://support.microsoft.com/help/4489868\" target=\"_blank\">KB4489868</a>, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.&nbsp;</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1</li><li>Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012</li></ul><div></div><div><strong>Workaround:</strong> To mitigate the issue, disable the Variable Window Extension on WDS server using one of the following options:</div><div><br></div><div><strong>Option 1:</strong>&nbsp;</div><div>Open an Administrator Command prompt and type the following:&nbsp;&nbsp;</div><pre class=\"ql-syntax\" spellcheck=\"false\">Wdsutil /Set-TransportServer /EnableTftpVariableWindowExtension:No
 </pre><div><br></div><div>&nbsp;<strong>Option 2:</strong>&nbsp;</div><div>Use the Windows Deployment Services UI to make the following adjustment:&nbsp;&nbsp;</div><ol><li>Open Windows Deployment Services from Windows Administrative Tools.&nbsp;</li><li>Expand Servers and right-click a WDS server.&nbsp;</li><li>Open its properties and clear the <strong>Enable Variable Window Extension </strong>box on the TFTP tab.&nbsp;&nbsp;</li></ol><div><strong>Option 3:</strong>&nbsp;</div><div>Set the following registry value to 0:</div><div>HKLM\\System\\CurrentControlSet\\Services\\WDSServer\\Providers\\WDSTFTP\\EnableVariableWindowExtension&nbsp;&nbsp;</div><div><br></div><div>Restart the WDSServer service after disabling the Variable Window Extension.&nbsp;</div><div>&nbsp;</div><div><strong>Next steps:</strong> Microsoft is working on a resolution and will provide an update in an upcoming release.&nbsp;</div><br><a href ='#237msg'>Back to top</a></td><td>OS Build 17134.648<br><br>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489868' target='_blank'>KB4489868</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>April 25, 2019 <br>02:00 PM PT<br><br>Opened:<br>March 12, 2019 <br>10:00 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='188msgdesc'></div><b>Custom URI schemes may not start corresponding application</b><div>After installing <a href=\"https://support.microsoft.com/help/4489868\" target=\"_blank\">KB4489868</a>, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.&nbsp;</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1&nbsp;</li><li>Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Resolution:</strong> This issue is resolved in <a href=\"https://support.microsoft.com/help/4493437\" target=\"_blank\">KB4493437</a>.&nbsp;</div><br><a href ='#188msg'>Back to top</a></td><td>OS Build 17134.648<br><br>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489868' target='_blank'>KB4489868</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4493437' target='_blank'>KB4493437</a></td><td>Resolved:<br>April 25, 2019 <br>02:00 PM PT<br><br>Opened:<br>March 12, 2019 <br>10:00 AM PT</td></tr>
       </table>
       "
 

windows/release-information/status-windows-10-1903.yml

@@ -65,8 +65,8 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='456msg'></div><b>Windows Sandbox may fail to start with error code “0x80070002”</b><br>Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language was changed between updates<br><br><a href = '#456msgdesc'>See details ></a></td><td>OS Build 18362.113<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4497936' target='_blank'>KB4497936</a></td><td>Acknowledged<br><a href = '' target='_blank'></a></td><td>May 24, 2019 <br>04:20 PM PT</td></tr>
+      <tr><td><div id='456msg'></div><b>Windows Sandbox may fail to start with error code “0x80070002”</b><br>Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language was changed between updates<br><br><a href = '#456msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Acknowledged<br><a href = '' target='_blank'></a></td><td>May 24, 2019 <br>04:20 PM PT</td></tr>
-      <tr><td><div id='455msg'></div><b>Loss of functionality in Dynabook Smartphone Link app</b><br>After updating to Windows 10, version 1903, you may experience a loss of functionality when using the Dynabook Smartphone Link application.<br><br><a href = '#455msgdesc'>See details ></a></td><td>OS Build 18362.113<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4497936' target='_blank'>KB4497936</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 24, 2019 <br>03:10 PM PT</td></tr>
+      <tr><td><div id='455msg'></div><b>Loss of functionality in Dynabook Smartphone Link app</b><br>After updating to Windows 10, version 1903, you may experience a loss of functionality when using the Dynabook Smartphone Link application.<br><br><a href = '#455msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 24, 2019 <br>03:10 PM PT</td></tr>
       <tr><td><div id='448msg'></div><b>Display brightness may not respond to adjustments</b><br>Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers.<br><br><a href = '#448msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:47 PM PT</td></tr>
       <tr><td><div id='433msg'></div><b>Audio not working with Dolby Atmos headphones and home theater </b><br>Users may experience audio loss with Dolby Atmos headphones or Dolby Atmos home theater.<br><br><a href = '#433msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:17 AM PT</td></tr>
       <tr><td><div id='426msg'></div><b>Duplicate folders and documents showing in user profile directory</b><br>If known folders (e.g. Desktop, Documents, or Pictures folders) are redirected, an empty folder with that same name may be created.<br><br><a href = '#426msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:16 AM PT</td></tr>
@@ -94,8 +94,8 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='456msgdesc'></div><b>Windows Sandbox may fail to start with error code “0x80070002”</b><div>Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language is changed during the update process when installing Windows 10, version 1903.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Next steps: </strong>We are working on a resolution and estimate a solution will be available in late June.</div><br><a href ='#456msg'>Back to top</a></td><td>OS Build 18362.113<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4497936' target='_blank'>KB4497936</a></td><td>Acknowledged<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 24, 2019 <br>04:20 PM PT<br><br>Opened:<br>May 24, 2019 <br>04:20 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='456msgdesc'></div><b>Windows Sandbox may fail to start with error code “0x80070002”</b><div>Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language is changed during the update process when installing Windows 10, version 1903.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Next steps: </strong>We are working on a resolution and estimate a solution will be available in late June.</div><br><a href ='#456msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Acknowledged<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 24, 2019 <br>04:20 PM PT<br><br>Opened:<br>May 24, 2019 <br>04:20 PM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='455msgdesc'></div><b>Loss of functionality in Dynabook Smartphone Link app</b><div>Some users may experience a loss of functionality after updating to Windows 10, version 1903 when using the Dynabook Smartphone Link application on Windows devices. Loss of functionality may affect the display of phone numbers in the Call menu and the ability to answer phone calls on the Windows PC.</div><div><br></div><div>To safeguard your update experience, we have applied a compatibility hold on devices with Dynabook Smartphone Link from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Next steps: </strong>Microsoft and Dynabook are working on a resolution; the Dynabook Smartphone Link application may have a loss of functionality until this issue is resolved.</div><div><br></div><div><strong>Note&nbsp;</strong>We recommend that you do not attempt to manually update using the&nbsp;<strong>Update now</strong>&nbsp;button or the Media Creation Tool until this issue has been resolved.</div><br><a href ='#455msg'>Back to top</a></td><td>OS Build 18362.113<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4497936' target='_blank'>KB4497936</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 24, 2019 <br>03:10 PM PT<br><br>Opened:<br>May 24, 2019 <br>03:10 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='455msgdesc'></div><b>Loss of functionality in Dynabook Smartphone Link app</b><div>Some users may experience a loss of functionality after updating to Windows 10, version 1903 when using the Dynabook Smartphone Link application on Windows devices. Loss of functionality may affect the display of phone numbers in the Call menu and the ability to answer phone calls on the Windows PC.</div><div><br></div><div>To safeguard your update experience, we have applied a compatibility hold on devices with Dynabook Smartphone Link from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Next steps: </strong>Microsoft and Dynabook are working on a resolution; the Dynabook Smartphone Link application may have a loss of functionality until this issue is resolved.</div><div><br></div><div><strong>Note&nbsp;</strong>We recommend that you do not attempt to manually update using the&nbsp;<strong>Update now</strong>&nbsp;button or the Media Creation Tool until this issue has been resolved.</div><br><a href ='#455msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 24, 2019 <br>03:10 PM PT<br><br>Opened:<br>May 24, 2019 <br>03:10 PM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='448msgdesc'></div><b>Display brightness may not respond to adjustments</b><div>Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers. After updating to Window 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.</div><div><br></div><div>To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Restart your device to apply changes to brightness.</div><div><br></div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution that will be made available in upcoming release.</div><br><a href ='#448msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:47 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:56 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='433msgdesc'></div><b>Audio not working with Dolby Atmos headphones and home theater </b><div>After updating to Windows 10, version 1903, you may experience loss of audio with Dolby Atmos for home theater (free extension) or Dolby Atmos for headphones (paid extension) acquired through the Microsoft Store due to a licensing configuration error.</div><div>&nbsp;</div><div>This occurs due to an issue with a Microsoft Store licensing component, where license holders are not able to connect to the Dolby Access app and enable Dolby Atmos extensions.</div><div>&nbsp;</div><div>To safeguard your update experience, we have applied protective hold on devices from being offered Windows 10, version 1903 until&nbsp;this issue is resolved. This configuration error will not result in loss of access for the acquired license once the problem is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Next steps: </strong>We are working on a resolution for Microsoft Store and estimate a solution will be available in mid-June.</div><div><strong>Note</strong> We recommend you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.&nbsp;</div><br><a href ='#433msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:17 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:16 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='426msgdesc'></div><b>Duplicate folders and documents showing in user profile directory</b><div>If you have redirected known folders (e.g. Desktop, Documents, or Pictures folders) you may see an empty folder with the same name in your %userprofile% directories after updating to Windows 10, version 1903. This may occur if known folders were redirected when you chose to back up your content to OneDrive using the OneDrive wizard, or if you chose to back up your content during the Windows Out-of-Box-Experience (OOBE). This may also occur if you redirected your known folders manually through the Properties dialog box in File Explorer. ​This issue does not cause any user files to be deleted and a solution is in progress.</div><div><br></div><div>To safeguard your update experience, we have applied a quality hold on devices with redirected known folders from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Next steps: </strong>Microsoft is working on a resolution and estimates a solution will be available in late May.</div><div><strong>Note </strong>We recommend that you do not attempt to manually update to Windows 10, version 1903 using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><br><a href ='#426msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:16 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:16 AM PT</td></tr>

windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml

@@ -66,7 +66,6 @@ sections:
       <tr><td><div id='370msg'></div><b>System unresponsive after restart if Sophos Endpoint Protection installed</b><br>Devices with Sophos Endpoint Protection installed and managed by Sophos Central or Sophos Enterprise Console (SEC) may become unresponsive upon restart.<br><br><a href = '#370msgdesc'>See details ></a></td><td>April 09, 2019<br><a href ='https://support.microsoft.com/help/4493472' target='_blank'>KB4493472</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>May 14, 2019 <br>01:22 PM PT</td></tr>
       <tr><td><div id='366msg'></div><b>System may be unresponsive after restart if Avira antivirus software installed</b><br>Devices with Avira antivirus software installed may become unresponsive upon restart.<br><br><a href = '#366msgdesc'>See details ></a></td><td>April 09, 2019<br><a href ='https://support.microsoft.com/help/4493472' target='_blank'>KB4493472</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>May 14, 2019 <br>01:21 PM PT</td></tr>
       <tr><td><div id='357msg'></div><b>Authentication may fail for services after the Kerberos ticket expires</b><br>Authentication may fail for services that require unconstrained delegation after the Kerberos ticket expires.<br><br><a href = '#357msgdesc'>See details ></a></td><td>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489878' target='_blank'>KB4489878</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4499164' target='_blank'>KB4499164</a></td><td>May 14, 2019 <br>10:00 AM PT</td></tr>
-      <tr><td><div id='268msg'></div><b>Devices may not respond at login or Welcome screen if running certain Avast software</b><br>Devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software may become unresponsive after restart.<br><br><a href = '#268msgdesc'>See details ></a></td><td>April 09, 2019<br><a href ='https://support.microsoft.com/help/4493472' target='_blank'>KB4493472</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
       </table>
       "
 
@@ -95,7 +94,6 @@ sections:
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='372msgdesc'></div><b>System may be unresponsive after restart if ArcaBit antivirus software installed</b><div>Microsoft and ArcaBit have identified an issue on devices with ArcaBit antivirus software installed that may cause the system to become unresponsive upon restart after installing <a href=\"https://support.microsoft.com/help/4493472\" target=\"_blank\">KB4493472</a>.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server 2012 R2; Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue has been resolved. Microsoft has removed the temporary block for all affected Windows updates. ArcaBit has released an update to address this issue. For more information, see the <a href=\"https://www.arcabit.pl/wsparcie-techniczne.html\" target=\"_blank\">Arcabit support article</a>.</div><br><a href ='#372msg'>Back to top</a></td><td>April 09, 2019<br><a href ='https://support.microsoft.com/help/4493472' target='_blank'>KB4493472</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>May 14, 2019 <br>01:23 PM PT<br><br>Opened:<br>April 09, 2019 <br>10:00 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='370msgdesc'></div><b>System unresponsive after restart if Sophos Endpoint Protection installed</b><div>Microsoft and Sophos have identified an issue on devices with Sophos Endpoint Protection installed and managed by either Sophos Central or Sophos Enterprise Console (SEC) that may cause the system to become unresponsive upon restart after installing <a href=\"https://support.microsoft.com/help/4493472\" target=\"_blank\">KB4493472</a>.</div><div><br></div><div><strong>Affected platforms:</strong>&nbsp;</div><ul><li>Client: Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue has been resolved. Microsoft has removed the temporary block for all affected Windows updates. Sophos has&nbsp;released an update to address this issue. Guidance for Sophos Endpoint and Sophos Enterprise Console customers can be found in the <a href=\"https://community.sophos.com/kb/133945\" target=\"_blank\">Sophos support article</a>.</div><br><a href ='#370msg'>Back to top</a></td><td>April 09, 2019<br><a href ='https://support.microsoft.com/help/4493472' target='_blank'>KB4493472</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>May 14, 2019 <br>01:22 PM PT<br><br>Opened:<br>April 09, 2019 <br>10:00 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='366msgdesc'></div><b>System may be unresponsive after restart if Avira antivirus software installed</b><div>Microsoft and Avira have identified an issue on devices with Avira antivirus software installed that may cause the system to become unresponsive upon restart after installing <a href=\"https://support.microsoft.com/help/4493472\" target=\"_blank\">KB4493472</a>.</div><div><br></div><div><strong>Affected platforms:</strong>&nbsp;</div><ul><li>Client: Windows 8.1; Windows 7 SP1&nbsp;</li><li>Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue has been resolved. Microsoft has removed the temporary block for all affected Windows updates. Avira has released an automatic update to address this issue. Guidance for Avira customers can be found in the <a href=\"https://www.avira.com/en/support-for-home-knowledgebase-detail/kbid/1976\" target=\"_blank\">Avira support article</a>.</div><br><a href ='#366msg'>Back to top</a></td><td>April 09, 2019<br><a href ='https://support.microsoft.com/help/4493472' target='_blank'>KB4493472</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>May 14, 2019 <br>01:21 PM PT<br><br>Opened:<br>April 09, 2019 <br>10:00 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='268msgdesc'></div><b>Devices may not respond at login or Welcome screen if running certain Avast software</b><div>Microsoft and Avast have identified an issue on devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software after you install <a href=\"https://support.microsoft.com/help/4493472\" target=\"_blank\">KB4493472</a> and restart. Devices may become unresponsive at the login or Welcome screen. Additionally, you may be unable to log in or log in after an extended period of time.</div><div><br></div><div><strong>Affected platforms:</strong>&nbsp;</div><ul><li>Client: Windows 8.1; Windows 7 SP1&nbsp;</li><li>Server: Windows Server 2012 R2; Windows Server 2008 R2 SP1&nbsp;</li></ul><div></div><div><strong>Resolution:</strong> Avast has released emergency updates to address this issue. For more information and AV update schedule, see the <a href=\"https://kb.support.business.avast.com/GetPublicArticle?title=Windows-machines-running-Avast-for-Business-and-Cloud-Care-Freezing-on-Start-up\" target=\"_blank\">Avast support KB article</a>.</div><br><a href ='#268msg'>Back to top</a></td><td>April 09, 2019<br><a href ='https://support.microsoft.com/help/4493472' target='_blank'>KB4493472</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>April 25, 2019 <br>02:00 PM PT<br><br>Opened:<br>April 09, 2019 <br>10:00 AM PT</td></tr>
       </table>
       "
 

windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml

@@ -69,7 +69,6 @@ sections:
       <tr><td><div id='371msg'></div><b>System may be unresponsive after restart if ArcaBit antivirus software installed</b><br>Devices with ArcaBit antivirus software installed may become unresponsive upon restart.<br><br><a href = '#371msgdesc'>See details ></a></td><td>April 09, 2019<br><a href ='https://support.microsoft.com/help/4493446' target='_blank'>KB4493446</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>May 14, 2019 <br>01:22 PM PT</td></tr>
       <tr><td><div id='369msg'></div><b>System unresponsive after restart if Sophos Endpoint Protection installed</b><br>Devices with Sophos Endpoint Protection installed and managed by Sophos Central or Sophos Enterprise Console (SEC) may become unresponsive upon restart.<br><br><a href = '#369msgdesc'>See details ></a></td><td>April 09, 2019<br><a href ='https://support.microsoft.com/help/4493446' target='_blank'>KB4493446</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>May 14, 2019 <br>01:22 PM PT</td></tr>
       <tr><td><div id='365msg'></div><b>System may be unresponsive after restart if Avira antivirus software installed</b><br>Devices with Avira antivirus software installed may become unresponsive upon restart.<br><br><a href = '#365msgdesc'>See details ></a></td><td>April 09, 2019<br><a href ='https://support.microsoft.com/help/4493446' target='_blank'>KB4493446</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>May 14, 2019 <br>01:21 PM PT</td></tr>
-      <tr><td><div id='284msg'></div><b>Devices may not respond at login or Welcome screen if running certain Avast software</b><br>Devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software may become unresponsive after restart.<br><br><a href = '#284msgdesc'>See details ></a></td><td>April 09, 2019<br><a href ='https://support.microsoft.com/help/4493446' target='_blank'>KB4493446</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
       </table>
       "
 
@@ -100,7 +99,6 @@ sections:
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='371msgdesc'></div><b>System may be unresponsive after restart if ArcaBit antivirus software installed</b><div>Microsoft and ArcaBit have identified an issue on devices with ArcaBit antivirus software installed that may cause the system to become unresponsive upon restart after installing <a href=\"https://support.microsoft.com/help/4493446\" target=\"_blank\">KB4493446</a>.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server 2012 R2; Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue has been resolved. Microsoft has removed the temporary block for all affected Windows updates. ArcaBit has released an update to address this issue. For more information, see the <a href=\"https://www.arcabit.pl/wsparcie-techniczne.html\" target=\"_blank\">Arcabit support article</a>.</div><br><a href ='#371msg'>Back to top</a></td><td>April 09, 2019<br><a href ='https://support.microsoft.com/help/4493446' target='_blank'>KB4493446</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>May 14, 2019 <br>01:22 PM PT<br><br>Opened:<br>April 09, 2019 <br>10:00 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='369msgdesc'></div><b>System unresponsive after restart if Sophos Endpoint Protection installed</b><div>Microsoft and Sophos have identified an issue on devices with Sophos Endpoint Protection installed and managed by either Sophos Central or Sophos Enterprise Console (SEC) that may cause the system to become unresponsive upon restart after installing <a href=\"https://support.microsoft.com/help/4493446\" target=\"_blank\">KB4493446</a>.</div><div><br></div><div><strong>Affected platforms:</strong>&nbsp;</div><ul><li>Client: Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue has been resolved. Microsoft has removed the temporary block for all affected Windows updates. Sophos has&nbsp;released an update to address this issue. Guidance for Sophos Endpoint and Sophos Enterprise Console customers can be found in the <a href=\"https://community.sophos.com/kb/133945\" target=\"_blank\">Sophos support article</a>.</div><br><a href ='#369msg'>Back to top</a></td><td>April 09, 2019<br><a href ='https://support.microsoft.com/help/4493446' target='_blank'>KB4493446</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>May 14, 2019 <br>01:22 PM PT<br><br>Opened:<br>April 09, 2019 <br>10:00 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='365msgdesc'></div><b>System may be unresponsive after restart if Avira antivirus software installed</b><div>Microsoft and Avira have identified an issue on devices with Avira antivirus software installed that may cause the system to become unresponsive upon restart after installing <a href=\"https://support.microsoft.com/help/4493446\" target=\"_blank\">KB4493446</a>.</div><div><br></div><div><strong>Affected platforms:</strong>&nbsp;</div><ul><li>Client: Windows 8.1; Windows 7 SP1&nbsp;</li><li>Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2&nbsp;</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue has been resolved. Microsoft has removed the temporary block for all affected Windows updates. Avira has released an automatic update to address this issue. Guidance for Avira customers can be found in the <a href=\"https://www.avira.com/en/support-for-home-knowledgebase-detail/kbid/1976\" target=\"_blank\">Avira support article</a>.</div><br><a href ='#365msg'>Back to top</a></td><td>April 09, 2019<br><a href ='https://support.microsoft.com/help/4493446' target='_blank'>KB4493446</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>May 14, 2019 <br>01:21 PM PT<br><br>Opened:<br>April 09, 2019 <br>10:00 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='284msgdesc'></div><b>Devices may not respond at login or Welcome screen if running certain Avast software</b><div>Microsoft and Avast have identified an issue on devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software after you install <a href=\"https://support.microsoft.com/help/4493446\" target=\"_blank\">KB4493446 </a>and restart. Devices may become unresponsive at the login or Welcome screen. Additionally, you may be unable to log in or log in after an extended period of time.</div><div><br></div><div><strong>Affected platforms:</strong>&nbsp;</div><ul><li>Client: Windows 8.1; Windows 7 SP1&nbsp;</li><li>Server: Windows Server 2012 R2; Windows Server 2008 R2 SP1&nbsp;</li></ul><div></div><div><strong>Resolution</strong>: Avast has released emergency updates to address this issue. For more information and AV update schedule, see the <a href=\"https://kb.support.business.avast.com/GetPublicArticle?title=Windows-machines-running-Avast-for-Business-and-Cloud-Care-Freezing-on-Start-up\" target=\"_blank\">Avast support KB article</a>.</div><br><a href ='#284msg'>Back to top</a></td><td>April 09, 2019<br><a href ='https://support.microsoft.com/help/4493446' target='_blank'>KB4493446</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>April 25, 2019 <br>02:00 PM PT<br><br>Opened:<br>April 09, 2019 <br>10:00 AM PT</td></tr>
       </table>
       "
 

windows/security/identity-protection/access-control/special-identities.md

@@ -83,7 +83,7 @@ The special identity groups are described in the following tables:
 
 -   [This Organization](#this-organization)
 
--   [Window Manager\\Window Manager Group](#window-manager\\window-manager-group)
+-   [Window Manager\\Window Manager Group](#window-manager-window-manager-group)
 
 ## Anonymous Logon
 

windows/security/identity-protection/hello-for-business/hello-how-it-works-technology.md

@@ -35,8 +35,8 @@ ms.reviewer:
 - [Key Trust](#key-trust)
 - [Managed Environment](#managed-environment)
 - [On-premises Deployment](#on-premises-deployment)
-- [Pass-through Authentication](#passthrough-authentication)
+- [Pass-through Authentication](#pass-through-authentication)
-- [Password Hash Synchronization](#password-hash-synchronization)
+- [Password Hash Synchronization](#password-hash-sync)
 - [Primary Refresh Token](#primary-refresh-token) 
 - [Storage Root Key](#storage-root-key)
 - [Trust Type](#trust-type)
@@ -213,9 +213,9 @@ The key trust model uses the user's Windows Hello for Business identity to authe
 Managed environments are for non-federated environments where Azure Active Directory manages the authentication using technologies such as Password Hash Synchronization and Pass-through Authentication rather than a federation service such as Active Directory Federation Services. 
 
 ### Related topics
-[Federated Environment](#federated-environment), [Pass-through authentication](#pass-through-authentication), [Password Hash Synchronization](#password-hash-synchronization)
+[Federated Environment](#federated-environment), [Pass-through authentication](#pass-through-authentication), [Password Hash Synchronization](#password-hash-sync)
 
-[Return to Top](#Technology-and-Terms)
+[Return to Top](#technology-and-terms)
 ## On-premises Deployment 
 The Windows Hello for Business on-premises deployment is for organizations that exclusively have on-premises resources that are accessed using Active Directory identities.  On-premises deployments support domain joined devices.  The on-premises deployment model supports two authentication trust types, key trust and certificate trust.
 
@@ -230,13 +230,13 @@ The Windows Hello for Business on-premises deployment is for organizations that
 Provides a simple password validation for Azure AD authentication services using a software agent running on one or more on-premises servers to validate the users directly with your on-premises Active Directory. With pass-through authentication (PTA), you synchronize on-premises Active Directory user account objects with Office 365 and manage your users on-premises. Allows your users to sign in to both on-premises and Office 365 resources and applications using their on-premises account and password. This configuration validates users' passwords directly against your on-premises Active Directory without sending password hashes to Office 365. Companies with a security requirement to immediately enforce on-premises user account states, password policies, and logon hours would use this authentication method. With seamless single sign-on, users are automatically signed in to Azure AD when they are on their corporate devices and connected to your corporate network.
 
 ### Related topics
-[Federated Environment](#federated-environment), [Managed Environment](#managed-environment), [Password Hash Synchronization](#password-hash-synchronization)
+[Federated Environment](#federated-environment), [Managed Environment](#managed-environment), [Password Hash Synchronization](#password-hash-sync)
 
 
 ### More information
 - [Choosing the right authentication method for your Azure Active Directory hybrid identity solution](https://docs.microsoft.com/azure/security/azure-ad-choose-authn)
 
-[Return to Top](#hello-how-it-works-technology.md)
+[Return to Top](hello-how-it-works-technology.md)
 ## Password Hash Sync
 The simplest way to enable authentication for on-premises directory objects in Azure AD. With password hash sync (PHS), you synchronize your on-premises Active Directory user account objects with Office 365 and manage your users on-premises. Hashes of user passwords are synchronized from your on-premises Active Directory to Azure AD so that the users have the same password on-premises and in the cloud. When passwords are changed or reset on-premises, the new password hashes are synchronized to Azure AD so that your users can always use the same password for cloud resources and on-premises resources. The passwords are never sent to Azure AD or stored in Azure AD in clear text. Some premium features of Azure AD, such as Identity Protection, require PHS regardless of which authentication method is selected. With seamless single sign-on, users are automatically signed in to Azure AD when they are on their corporate devices and connected to your corporate network.
 
@@ -254,7 +254,7 @@ The PRT is initially obtained during Windows Logon (user sign-in/unlock) in a si
 
 The PRT is needed for SSO. Without it, the user will be prompted for credentials when accessing applications every time. Please also note that the PRT contains information about the device. This means that if you have any [device-based conditional access](https://docs.microsoft.com/azure/active-directory/active-directory-conditional-access-policy-connected-applications) policy set on an application, without the PRT, access will be denied.
 
-[Return to Top](#Technology-and-Terms)
+[Return to Top](#technology-and-terms)
 ## Storage Root Key
 The storage root key (SRK) is also an asymmetric key pair (RSA with a minimum of 2048 bits length). The SRK has a major role and is used to protect TPM keys, so that these keys cannot be used without the TPM. The SRK key is created when the ownership of the TPM is taken.
 

windows/security/threat-protection/microsoft-defender-atp/TOC.md

@@ -98,7 +98,7 @@
 #### [Managed security service provider support](mssp-support.md)
 
 ### [Microsoft Threat Protection](threat-protection-integration.md)
-####  [Protect users, data, and devices with conditional access](conditional-access.md)
+####  [Protect users, data, and devices with Conditional Access](conditional-access.md)
 #### [Microsoft Cloud App Security in Windows overview](microsoft-cloud-app-security-integration.md)
 #### [Information protection in Windows overview](information-protection-in-windows-overview.md)
 
@@ -360,7 +360,7 @@
 #### [Configure managed security service provider (MSSP) support](configure-mssp-support.md)
 
 ### Configure Microsoft Threat Protection integration
-#### [Configure conditional access](configure-conditional-access.md)
+#### [Configure Conditional Access](configure-conditional-access.md)
 #### [Configure Microsoft Cloud App Security in Windows](microsoft-cloud-app-security-config.md)
 ####[Configure information protection in Windows](information-protection-in-windows-config.md)
 

windows/security/threat-protection/microsoft-defender-atp/conditional-access.md

@@ -1,6 +1,6 @@
 ---
-title: Enable conditional access to better protect users, devices, and data
+title: Enable Conditional Access to better protect users, devices, and data
-description: Enable conditional access to prevent applications from running if a device is considered at risk and an application is determined to be non-compliant.
+description: Enable Conditional Access to prevent applications from running if a device is considered at risk and an application is determined to be non-compliant.
 keywords: conditional access, block applications, security level, intune,
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -17,7 +17,7 @@ ms.collection: M365-security-compliance
 ms.topic: article
 ---
 
-# Enable conditional access to better protect users, devices, and data 
+# Enable Conditional Access to better protect users, devices, and data 
 
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
@@ -26,26 +26,26 @@ ms.topic: article
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-conditionalaccess-abovefoldlink)
 
-Conditional access is a capability that helps you better protect your users and enterprise information by making sure that only secure devices have access to applications.
+Conditional Access is a capability that helps you better protect your users and enterprise information by making sure that only secure devices have access to applications.
 
-With conditional access, you can control access to enterprise information based on the risk level of a device. This helps keep trusted users on trusted devices using trusted applications.
+With Conditional Access, you can control access to enterprise information based on the risk level of a device. This helps keep trusted users on trusted devices using trusted applications.
 
 You can define security conditions under which devices and applications can run and access information from your network by enforcing policies to stop applications from running until a device returns to a compliant state. 
 
-The implementation of conditional access in Microsoft Defender ATP is based on Microsoft Intune (Intune) device compliance policies and Azure Active Directory (Azure AD) conditional access policies. 
+The implementation of Conditional Access in Microsoft Defender ATP is based on Microsoft Intune (Intune) device compliance policies and Azure Active Directory (Azure AD) conditional access policies. 
 
-The compliance policy is used with conditional access to allow only devices that fulfill one or more device compliance policy rules to access applications. 
+The compliance policy is used with Conditional Access to allow only devices that fulfill one or more device compliance policy rules to access applications. 
 
-## Understand the conditional access flow
+## Understand the Conditional Access flow
-Conditional access is put in place so that when a threat is seen on a device, access to sensitive content is blocked until the threat is remediated. 
+Conditional Access is put in place so that when a threat is seen on a device, access to sensitive content is blocked until the threat is remediated. 
 
 The flow begins with machines being seen to have a low, medium, or high risk. These risk determinations are then sent to Intune. 
 
-Depending on how you configure policies in Intune, conditional access can be set up so that when certain conditions are met, the policy is applied.
+Depending on how you configure policies in Intune, Conditional Access can be set up so that when certain conditions are met, the policy is applied.
 
-For example, you can configure Intune to apply conditional access on devices that have a high risk.
+For example, you can configure Intune to apply Conditional Access on devices that have a high risk.
 
-In Intune, a device compliance policy is used in conjunction with Azure AD conditional access to block access to applications. In parallel, an automated investigation and remediation process is launched.
+In Intune, a device compliance policy is used in conjunction with Azure AD Conditional Access to block access to applications. In parallel, an automated investigation and remediation process is launched.
 
  A user can still use the device while the automated investigation and remediation is taking place, but access to enterprise data is blocked until the threat is fully remediated. 
 
@@ -54,23 +54,23 @@ To resolve the risk found on a device, you'll need to return the device to a com
 There are three ways to address a risk:
 1. Use Manual or automated remediation.
 2. Resolve active alerts on the machine. This will remove the risk from the machine.
-3. You can remove the machine from the active policies and consequently, conditional access will not be applied on the machine. 
+3. You can remove the machine from the active policies and consequently, Conditional Access will not be applied on the machine. 
 
-Manual remediation requires a secops admin to investigate an alert and address the risk seen on the device. The automated remediation is configured through configuration settings provided in the following section, [Configure conditional access](configure-conditional-access.md).
+Manual remediation requires a secops admin to investigate an alert and address the risk seen on the device. The automated remediation is configured through configuration settings provided in the following section, [Configure Conditional Access](configure-conditional-access.md).
 
 When the risk is removed either through manual or automated remediation, the device returns to a compliant state and access to applications is granted.
 
-The following example sequence of events explains conditional access in action:
+The following example sequence of events explains Conditional Access in action:
 
 1. A user opens a malicious file and Microsoft Defender ATP flags the device as high risk.
 2. The high risk assessment is passed along to Intune. In parallel, an automated investigation is initiated to remediate the identified threat. A manual remediation can also be done to remediate the identified threat.
-3. Based on the policy created in Intune, the device is marked as not compliant. The assessment is then communicated to Azure AD by the Intune conditional access policy. In Azure AD, the corresponding policy is applied to block access to applications.
+3. Based on the policy created in Intune, the device is marked as not compliant. The assessment is then communicated to Azure AD by the Intune Conditional Access policy. In Azure AD, the corresponding policy is applied to block access to applications.
 4. The manual or automated investigation and remediation is completed and the threat is removed. Microsoft Defender ATP sees that there is no risk on the device and Intune assesses the device to be in a compliant state. Azure AD applies the policy which allows access to applications.
 5. Users can now access applications.
 
  
 ## Related topic
-- [Configure conditional access in Microsoft Defender ATP](configure-conditional-access.md)
+- [Configure Conditional Access in Microsoft Defender ATP](configure-conditional-access.md)
 
 
 

windows/security/threat-protection/microsoft-defender-atp/configure-conditional-access.md

@@ -1,5 +1,5 @@
 ---
-title: Configure conditional access in Microsoft Defender ATP
+title: Configure Conditional Access in Microsoft Defender ATP
 description: 
 keywords: 
 search.product: eADQiWindows 10XVcnh
@@ -18,11 +18,11 @@ ms.topic: article
 ms.date: 09/03/2018
 ---
 
-# Configure conditional access in Microsoft Defender ATP
+# Configure Conditional Access in Microsoft Defender ATP
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
-This section guides you through all the steps you need to take to properly implement conditional access.
+This section guides you through all the steps you need to take to properly implement Conditional Access.
 
 ### Before you begin
 >[!WARNING] 
@@ -43,12 +43,12 @@ There are steps you'll need to take in Microsoft Defender Security Center, the I
 > [!NOTE] 
 > You'll need a Microsoft Intune environment, with Intune managed and Azure AD joined Windows 10 devices.
 
-Take the following steps to enable conditional access:
+Take the following steps to enable Conditional Access:
 - Step 1: Turn on the Microsoft Intune connection from Microsoft Defender Security Center
 - Step 2: Turn on the Microsoft Defender ATP integration in Intune
 - Step 3: Create the compliance policy in Intune
 - Step 4: Assign the policy 
-- Step 5: Create an Azure AD conditional access policy
+- Step 5: Create an Azure AD Conditional Access policy
 
 
 ### Step 1: Turn on the Microsoft Intune connection
@@ -85,17 +85,17 @@ Take the following steps to enable conditional access:
 4. Include or exclude your Azure AD groups to assign them the policy.
 5. To deploy the policy to the groups, select **Save**. The user devices targeted by the policy are evaluated for compliance.
 
-### Step 5: Create an Azure AD conditional access policy
+### Step 5: Create an Azure AD Conditional Access policy
-1. In the [Azure portal](https://portal.azure.com), open **Azure Active Directory** > **Conditional access** > **New policy**.
+1. In the [Azure portal](https://portal.azure.com), open **Azure Active Directory** > **Conditional Access** > **New policy**.
 2. Enter a policy **Name**, and select **Users and groups**. Use the Include or Exclude options to add your groups for the policy, and select **Done**.
 3. Select **Cloud apps**, and choose which apps to protect. For example, choose **Select apps**, and select **Office 365 SharePoint Online** and **Office 365 Exchange Online**. Select **Done** to save your changes.
 
 4. Select **Conditions** > **Client apps** to apply the policy to apps and browsers. For example, select **Yes**, and then enable **Browser** and **Mobile apps and desktop clients**. Select **Done** to save your changes.
 
-5. Select **Grant** to apply conditional access based on device compliance. For example, select **Grant access** > **Require device to be marked as compliant**. Choose **Select** to save your changes.
+5. Select **Grant** to apply Conditional Access based on device compliance. For example, select **Grant access** > **Require device to be marked as compliant**. Choose **Select** to save your changes.
 
 6. Select **Enable policy**, and then **Create** to save your changes.
 
-For more information, see [Enable Microsoft Defender ATP with conditional access in Intune](https://docs.microsoft.com/intune/advanced-threat-protection).
+For more information, see [Enable Microsoft Defender ATP with Conditional Access in Intune](https://docs.microsoft.com/intune/advanced-threat-protection).
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-conditionalaccess-belowfoldlink)

windows/security/threat-protection/microsoft-defender-atp/threat-protection-integration.md

@@ -41,8 +41,8 @@ Microsoft Defender ATP provides a comprehensive server protection solution, incl
 ## Azure Information Protection
 Keep sensitive data secure while enabling productivity in the workplace through data data discovery and data protection.
 
-## Conditional access
+## Conditional Access
-Microsoft Defender ATP's dynamic machine risk score is integrated into the conditional access evaluation, ensuring that only secure devices have access to resources. 
+Microsoft Defender ATP's dynamic machine risk score is integrated into the Conditional Access evaluation, ensuring that only secure devices have access to resources. 
 
 
 ## Microsoft Cloud App Security
@@ -57,7 +57,7 @@ The Skype for Business integration provides s a way for analysts to communicate
 
 
 ## Related topic
-- [Protect users, data, and devices with conditional access](conditional-access.md)
+- [Protect users, data, and devices with Conditional Access](conditional-access.md)
 
 
 

windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md

@@ -100,7 +100,7 @@ Query data using Advanced hunting in Microsoft Defender ATP.
     >[!NOTE]
     >Available from Windows 10, version 1803 or later.
 
-- [Conditional access](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection) <br> Enable conditional access to better protect users, devices, and data.
+- [Conditional Access](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection) <br> Enable conditional access to better protect users, devices, and data.
 
 - [Microsoft Defender ATP Community center](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/community-windows-defender-advanced-threat-protection)<BR> 
     The Microsoft Defender ATP Community Center is a place where community members can learn, collaborate, and share experiences about the product. 

windows/security/threat-protection/windows-defender-atp/user-roles.md

@@ -82,5 +82,5 @@ After creating roles, you'll need to create a machine group and provide access t
 
 
 ## Related topics
-- [User basic permissions to access the portal](basic-permissions.md)
+- [User basic permissions to access the portal](../microsoft-defender-atp/basic-permissions.md)
-- [Create and manage machine groups](machine-groups.md)
+- [Create and manage machine groups](../microsoft-defender-atp/machine-groups.md)