From b83d11b566d8c6ae64812062c7357d44f09a7375 Mon Sep 17 00:00:00 2001 From: Peter Smith Date: Fri, 5 Mar 2021 10:46:36 -0800 Subject: [PATCH 1/5] Update vpn-connection-type.md Help fix some customer confusion -- the adapter is called "SSTP" even though it's also used for the plug-in protocols. We have a customer that doesn't want to use a particular VPN plug-in because of concerns that it's using or attempting to use the wrong protocol. --- windows/security/identity-protection/vpn/vpn-connection-type.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/vpn/vpn-connection-type.md b/windows/security/identity-protection/vpn/vpn-connection-type.md index a0330b3425..de5aca388c 100644 --- a/windows/security/identity-protection/vpn/vpn-connection-type.md +++ b/windows/security/identity-protection/vpn/vpn-connection-type.md @@ -41,7 +41,7 @@ There are many options for VPN clients. In Windows 10, the built-in plug-in and - [SSTP](https://technet.microsoft.com/library/ff687819.aspx) - SSTP is supported for Windows desktop editions only. SSTP cannot be configured using mobile device management (MDM), but it is one of the protocols attempted in the **Automatic** option. + SSTP is supported for Windows desktop editions only. SSTP cannot be configured using mobile device management (MDM), but it is one of the protocols attempted in the **Automatic** option. Note: when a VPN plug-in is used, the adapter will be listed as an SSTP adapter even though the VPN protocol used is the plug-in's protocol. - Automatic From d6b7ef9d82ccf61083c4427115713fb2bec8f8c6 Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Wed, 17 Mar 2021 18:31:15 -0700 Subject: [PATCH 2/5] memory integrity --- .openpublishing.redirection.json | 6 ++++- .../device-guard/memory-integrity.md | 24 ------------------- 2 files changed, 5 insertions(+), 25 deletions(-) delete mode 100644 windows/security/threat-protection/device-guard/memory-integrity.md diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json index d9d9223bc1..1488658434 100644 --- a/.openpublishing.redirection.json +++ b/.openpublishing.redirection.json @@ -16550,6 +16550,10 @@ "redirect_url": "https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference", "redirect_document_id": false }, - + { + "source_path": "windows/security/threat-protection/device-guard/memory-integrity.md", + "redirect_url": "https://support.microsoft.com/windows/core-isolation-e30ed737-17d8-42f3-a2a9-87521df09b78", + "redirect_document_id": true + } ] } diff --git a/windows/security/threat-protection/device-guard/memory-integrity.md b/windows/security/threat-protection/device-guard/memory-integrity.md deleted file mode 100644 index d743f3eae6..0000000000 --- a/windows/security/threat-protection/device-guard/memory-integrity.md +++ /dev/null @@ -1,24 +0,0 @@ ---- -title: Memory integrity -keywords: mitigations, vulnerabilities, vulnerability, mitigation, exploit, exploits, emet -description: Learn about memory integrity, a feature of Windows that ensures code running in the Windows kernel is securely designed and trustworthy. -search.product: eADQiWindows 10XVcnh -ms.prod: m365-security -ms.mktglfcycl: manage -ms.sitesec: library -ms.pagetype: security -ms.localizationpriority: medium -author: levinec -ms.author: ellevin -ms.reviewer: -manager: dansimp -ms.technology: mde ---- - -# Memory integrity - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2069559) - -Memory integrity is a feature of Windows that ensures code running in the Windows kernel is securely designed and trustworthy. It uses hardware virtualization and Hyper-V to protect Windows kernel mode processes from the injection and execution of malicious or unverified code. The integrity of code that runs on Windows is validated by memory integrity, making Windows resistant to attacks from malicious software. Memory integrity is a powerful security boundary that helps to block many types of malware from running in Windows 10 and Windows Server 2016 environments. - -For more information about Windows Security, see [Device protection in Windows Security](https://support.microsoft.com/help/4096339/windows-10-device-protection-in-windows-defender-security-center). From 06de20553e51da2ddeedc22020b8e4eb87bfaf37 Mon Sep 17 00:00:00 2001 From: mrmiller1972 <39915569+mrmiller1972@users.noreply.github.com> Date: Thu, 18 Mar 2021 13:19:17 -0400 Subject: [PATCH 3/5] Update windows-10-subscription-activation.md The abbreviation GVLK is not defined and may not be familiar to readers. Replaced GVLKs with "Generic Volume License Keys (GVLKs)" --- windows/deployment/windows-10-subscription-activation.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/windows-10-subscription-activation.md b/windows/deployment/windows-10-subscription-activation.md index 8ea91fd4cc..e974dc183f 100644 --- a/windows/deployment/windows-10-subscription-activation.md +++ b/windows/deployment/windows-10-subscription-activation.md @@ -23,7 +23,7 @@ Starting with Windows 10, version 1703 Windows 10 Pro supports the Subscription With Windows 10, version 1903 the Subscription Activation feature also supports the ability to step-up from Windows 10 Pro Education to the Enterprise grade edition for educational institutions—**Windows 10 Education**. -The Subscription Activation feature eliminates the need to manually deploy Windows 10 Enterprise or Education images on each target device, then later standing up on-prem key management services such as KMS or MAK based activation, entering GVLKs, and subsequently rebooting client devices. +The Subscription Activation feature eliminates the need to manually deploy Windows 10 Enterprise or Education images on each target device, then later standing up on-prem key management services such as KMS or MAK based activation, entering Generic Volume License Keys (GVLKs), and subsequently rebooting client devices. ## Subscription Activation for Windows 10 Enterprise From baa7c5e33dceedc33749486d708f6224350be20d Mon Sep 17 00:00:00 2001 From: Kateyanne <67609554+Kateyanne@users.noreply.github.com> Date: Thu, 18 Mar 2021 13:17:09 -0700 Subject: [PATCH 4/5] Update windows/security/identity-protection/vpn/vpn-connection-type.md Co-authored-by: Trond B. Krokli <38162891+illfated@users.noreply.github.com> --- .../security/identity-protection/vpn/vpn-connection-type.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/windows/security/identity-protection/vpn/vpn-connection-type.md b/windows/security/identity-protection/vpn/vpn-connection-type.md index de5aca388c..806f2df6c1 100644 --- a/windows/security/identity-protection/vpn/vpn-connection-type.md +++ b/windows/security/identity-protection/vpn/vpn-connection-type.md @@ -41,7 +41,10 @@ There are many options for VPN clients. In Windows 10, the built-in plug-in and - [SSTP](https://technet.microsoft.com/library/ff687819.aspx) - SSTP is supported for Windows desktop editions only. SSTP cannot be configured using mobile device management (MDM), but it is one of the protocols attempted in the **Automatic** option. Note: when a VPN plug-in is used, the adapter will be listed as an SSTP adapter even though the VPN protocol used is the plug-in's protocol. + SSTP is supported for Windows desktop editions only. SSTP cannot be configured using mobile device management (MDM), but it is one of the protocols attempted in the **Automatic** option. + + > [!NOTE] + > When a VPN plug-in is used, the adapter will be listed as an SSTP adapter, even though the VPN protocol used is the plug-in's protocol. - Automatic @@ -85,4 +88,3 @@ In Intune, you can also include custom XML for third-party plug-in profiles: - From 90a980f2abd29d593c75eed63bbf980024453ba7 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Thu, 18 Mar 2021 17:46:37 -0700 Subject: [PATCH 5/5] Added automatic image borders --- .../security/identity-protection/vpn/vpn-connection-type.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/windows/security/identity-protection/vpn/vpn-connection-type.md b/windows/security/identity-protection/vpn/vpn-connection-type.md index 806f2df6c1..89a4c83d9b 100644 --- a/windows/security/identity-protection/vpn/vpn-connection-type.md +++ b/windows/security/identity-protection/vpn/vpn-connection-type.md @@ -66,11 +66,13 @@ See [VPN profile options](vpn-profile-options.md) and [VPNv2 CSP](https://msdn.m The following image shows connection options in a VPN Profile configuration policy using Microsoft Intune: -![Available connection types](images/vpn-connection-intune.png) +> [!div class="mx-imgBorder"] +> ![Available connection types](images/vpn-connection-intune.png) In Intune, you can also include custom XML for third-party plug-in profiles: -![Custom XML](images/vpn-custom-xml-intune.png) +> [!div class="mx-imgBorder"] +> ![Custom XML](images/vpn-custom-xml-intune.png) ## Related topics