Merge branch 'master' of https://github.com/microsoftdocs/windows-itpro-docs

2025-05-12 21:37:22 +00:00 · 2018-10-10 09:55:54 -07:00 · 2018-10-10 09:55:54 -07:00 · c88cb4d6af
commit c88cb4d6af
parent 5ee295217a 293d2d92d5
23 changed files with 50 additions and 42 deletions
--- a/browsers/edge/group-policies/index.yml
+++ b/browsers/edge/group-policies/index.yml
@ -202,7 +202,7 @@ sections:

    - href: https://docs.microsoft.com/en-us/microsoft-edge/deploy/group-policies/sync-browser-settings-gp

-      html: <p>Learn how to you can prevent the "browser" group from syncing and prevent users from turning on the the Sync your Settings toggle.</p>
+      html: <p>Learn how to you can prevent the "browser" group from syncing and prevent users from turning on the Sync your Settings toggle.</p>

      image:

@ -228,4 +228,4 @@ sections:

        src: https://docs.microsoft.com/media/common/i_policy.svg
      
-      title: All group policies 
+      title: All group policies 
--- a/mdop/appv-v5/how-to-modify-client-configuration-by-using-powershell.md
+++ b/mdop/appv-v5/how-to-modify-client-configuration-by-using-powershell.md
@ -24,9 +24,9 @@ Use the following procedure to configure the App-V 5.0 client configuration.

    `$config = Get-AppvClientConfiguration`

-    `Set-AppcClientConfiguration $config`
+    `Set-AppvClientConfiguration $config`

-    `Set-AppcClientConfiguration –Name1 MyConfig –Name2 “xyz”`
+    `Set-AppvClientConfiguration –AutoLoad 2`

    **Got a suggestion for App-V**? Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issu**e? Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv).

--- a/mdop/appv-v5/how-to-modify-client-configuration-by-using-powershell51.md
+++ b/mdop/appv-v5/how-to-modify-client-configuration-by-using-powershell51.md
@ -24,9 +24,9 @@ Use the following procedure to configure the App-V 5.1 client configuration.

    `$config = Get-AppvClientConfiguration`

-    `Set-AppcClientConfiguration $config`
+    `Set-AppvClientConfiguration $config`

-    `Set-AppcClientConfiguration –Name1 MyConfig –Name2 “xyz”`
+    `Set-AppvClientConfiguration –AutoLoad 2`

    **Got a suggestion for App-V**? Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). **Got an App-V issue?** Use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv).

--- a/mdop/mbam-v2/how-to-validate-the-mbam-installation-with-configuration-manager.md
+++ b/mdop/mbam-v2/how-to-validate-the-mbam-installation-with-configuration-manager.md
@ -51,7 +51,7 @@ After installing Microsoft BitLocker Administration and Monitoring (MBAM) with C

    To view the configuration baselines with System Center 2012 Configuration Manager: Click the **Assets and Compliance** workspace, **Compliance Settings**, **Configuration Baselines**.

-5.  Use the Configuration Manager console to confirm that that the following new configuration items are displayed:
+5.  Use the Configuration Manager console to confirm that the following new configuration items are displayed:

    -   BitLocker Fixed Data Drives Protection

--- a/windows/client-management/mdm/clientcertificateinstall-csp.md
+++ b/windows/client-management/mdm/clientcertificateinstall-csp.md
@ -90,7 +90,7 @@ The following image shows the ClientCertificateInstall configuration service pro
 <p style="margin-left: 20px">Supported operations are Get, Add, and Replace.

 <a href="" id="clientcertificateinstall-pfxcertinstall-uniqueid-pfxcertpasswordencryptiontype"></a>**ClientCertificateInstall/PFXCertInstall/*UniqueID*/PFXCertPasswordEncryptionType**
-<p style="margin-left: 20px">Optional. Used to specify whtether the PFX certificate password is encrypted with the MDM certificate by the MDM server.
+<p style="margin-left: 20px">Optional. Used to specify whether the PFX certificate password is encrypted with the MDM certificate by the MDM server.

 <p style="margin-left: 20px">The data type is int. Valid values:

--- a/windows/client-management/mdm/configuration-service-provider-reference.md
+++ b/windows/client-management/mdm/configuration-service-provider-reference.md
@ -2744,11 +2744,15 @@ The following list shows the configuration service providers supported in Window
 - [DMAcc CSP](dmacc-csp.md)
 - [DMClient CSP](dmclient-csp.md)
 - [EnterpriseAppManagement CSP](enterpriseappmanagement-csp.md)
+- [HealthAttestation CSP](healthattestation-csp.md)
 - [Policy CSP](policy-configuration-service-provider.md)
 - [Provisioning CSP (Provisioning only)](provisioning-csp.md)
+- [Reboot CSP](reboot-csp.md)
+- [RemoteWipe CSP](remotewipe-csp.md) 1
 - [RootCATrustedCertificates CSP](rootcacertificates-csp.md)
 - [Update CSP](update-csp.md)
 - [VPNv2 CSP](vpnv2-csp.md)
 - [WiFi CSP](wifi-csp.md)

-
+ Footnotes:
+- 1 - Added in Windows 10, version 1809
--- a/windows/client-management/windows-10-mobile-and-mdm.md
+++ b/windows/client-management/windows-10-mobile-and-mdm.md
@ -1055,7 +1055,7 @@ If you choose to completely wipe a device when lost or when an employee leaves t

 A better option than wiping the entire device is to use Windows Information Protection to clean corporate-only data from a personal device. As explained in the Apps chapter, all corporate data will be tagged and when the device is unenrolled from your MDM system of your choice, all enterprise encrypted data, apps, settings and profiles will immediately be removed from the device without affecting the employee’s existing personal data. A user can initiate unenrollment via the settings screen or unenrollment action can be taken by IT from within the MDM management console. Unenrollment is a management event and will be reported to the MDM system.

-**Corporate device:** You can certainly remotely expire the user’s encryption key in case of device theft, but please remember that that will also make the encrypted data on other Windows devices unreadable for the user. A better approach for retiring a discarded or lost device is to execute a full device wipe. The help desk or device users can initiate a full device wipe. When the wipe is complete, Windows 10 Mobile returns the device to a clean state and restarts the OOBE process.
+**Corporate device:** You can certainly remotely expire the user’s encryption key in case of device theft, but please remember that will also make the encrypted data on other Windows devices unreadable for the user. A better approach for retiring a discarded or lost device is to execute a full device wipe. The help desk or device users can initiate a full device wipe. When the wipe is complete, Windows 10 Mobile returns the device to a clean state and restarts the OOBE process.

 **Settings for personal or corporate device retirement**
 -   **Allow manual MDM unenrollment** Whether users are allowed to delete the workplace account (i.e., unenroll the device from the MDM system)
--- a/windows/deployment/update/device-health-using.md
+++ b/windows/deployment/update/device-health-using.md
@ -57,7 +57,7 @@ Clicking the header of the Frequently Crashing Devices blade opens a reliability
 Notice the filters in the left pane; they allow you to filter the crash rate shown to a particular operating system version, device model, or other parameter. 

 >[!NOTE]
->Use caution when interpreting results filtered by model or operating system version. This is very useful for troubleshooting, but might not be accurate for *comparisons* because the crashes displayed could be of different types. The overall goal for working with crash data is to ensure that most devices have the same driver versions and that that version has a low crash rate.
+>Use caution when interpreting results filtered by model or operating system version. This is very useful for troubleshooting, but might not be accurate for *comparisons* because the crashes displayed could be of different types. The overall goal for working with crash data is to ensure that most devices have the same driver versions and that the version has a low crash rate.

 >[!TIP]
 >Once you've applied a filter (for example setting OSVERSION=1607) you will see the query in the text box change to append the filter (for example, with “(OSVERSION=1607)”). To undo the filter, remove that part of the query in the text box and click the search button to the right of the text box to run the adjusted query.”
--- a/windows/deployment/update/windows-analytics-get-started.md
+++ b/windows/deployment/update/windows-analytics-get-started.md
@ -53,7 +53,7 @@ To enable data sharing, configure your proxy server to whitelist the following e
 | `http://adl.windows.com` | Allows the compatibility update to receive the latest compatibility data from Microsoft. |
 | `https://watson.telemetry.microsoft.com` | Windows Error Reporting (WER); required for Device Health and Update Compliance AV reports. Not used by Upgrade Readiness. |
 | `https://oca.telemetry.microsoft.com`  | Online Crash Analysis; required for Device Health and Update Compliance AV reports. Not used by Upgrade Readiness. |
-| `https://login.live.com` | This end-point is required by Device Health to ensure data integrity and provides a more reliable device identity for all Windows Analtyics solutions on Windows 10. Those who wish to disable end-user MSA access should do so by applying [policy](https://docs.microsoft.com/windows/security/identity-protection/access-control/microsoft-accounts#block-all-consumer-microsoft-account-user-authentication) rather than blocking this end-point. |
+| `https://login.live.com` | This end-point is required by Device Health to ensure data integrity and provides a more reliable device identity for all Windows Analytics solutions on Windows 10. Those who wish to disable end-user MSA access should do so by applying [policy](https://docs.microsoft.com/windows/security/identity-protection/access-control/microsoft-accounts#block-all-consumer-microsoft-account-user-authentication) rather than blocking this end-point. |
 | `https://www.msftncsi.com` | Windows Error Reporting (WER); required for Device Health to check connectivity. |
 | `https://www.msftconnecttest.com` | Windows Error Reporting (WER); required for Device Health to check connectivity.  |

--- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1703.md
+++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1703.md
@ -334,7 +334,7 @@ The following fields are available:

 ### Microsoft.Windows.Appraiser.General.DecisionApplicationFileRemove

-This event indicates Indicates that the DecisionApplicationFile object is no longer present.
+This event indicates that the DecisionApplicationFile object is no longer present.

 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).

@ -670,7 +670,7 @@ The following fields are available:

 ### Microsoft.Windows.Appraiser.General.InventoryApplicationFileStartSync

-This event indicates indicates that a new set of InventoryApplicationFileAdd events will be sent.
+This event indicates that a new set of InventoryApplicationFileAdd events will be sent.

 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).

@ -4388,7 +4388,7 @@ The following fields are available:
 - **ReportId**  With Windows Update, this is the updateID that is passed to Setup. In media setup, this is the GUID for the install.wim.
 - **Setup360Extended**  Detailed information about the phase/action when the potential failure occurred.
 - **Setup360Mode**  The phase of Setup360. Example: Predownload, Install, Finalize, Rollback.
- **Setup360Result**  The result of Setup360. This is an HRESULT error code that can be used used to diagnose errors.
+- **Setup360Result**  The result of Setup360. This is an HRESULT error code that can be used to diagnose errors.
 - **Setup360Scenario**  The Setup360 flow type. Example: Boot, Media, Update, MCT.
 - **SetupVersionBuildNumber**  The build number of Setup360 (build number of target OS).
 - **State**  The exit state of a Setup360 run. Example: succeeded, failed, blocked, cancelled.
--- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1709.md
+++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1709.md
@ -359,7 +359,7 @@ The following fields are available:

 ### Microsoft.Windows.Appraiser.General.DecisionApplicationFileRemove

-This event indicates Indicates that the DecisionApplicationFile object is no longer present.
+This event indicates that the DecisionApplicationFile object is no longer present.

 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).

@ -706,7 +706,7 @@ The following fields are available:

 ### Microsoft.Windows.Appraiser.General.InventoryApplicationFileStartSync

-This event indicates indicates that a new set of InventoryApplicationFileAdd events will be sent.
+This event indicates that a new set of InventoryApplicationFileAdd events will be sent.

 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).

@ -4366,7 +4366,7 @@ The following fields are available:
 - **ReportId**  With Windows Update, this is the updateID that is passed to Setup. In media setup, this is the GUID for the install.wim.
 - **Setup360Extended**  Detailed information about the phase/action when the potential failure occurred.
 - **Setup360Mode**  The phase of Setup360. Example: Predownload, Install, Finalize, Rollback.
- **Setup360Result**  The result of Setup360. This is an HRESULT error code that can be used used to diagnose errors.
+- **Setup360Result**  The result of Setup360. This is an HRESULT error code that can be used to diagnose errors.
 - **Setup360Scenario**  The Setup360 flow type. Example: Boot, Media, Update, MCT.
 - **SetupVersionBuildNumber**  The build number of Setup360 (build number of target OS).
 - **State**  The exit state of a Setup360 run. Example: succeeded, failed, blocked, cancelled.
--- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md
+++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md
@ -369,7 +369,7 @@ The following fields are available:

 ### Microsoft.Windows.Appraiser.General.DecisionApplicationFileRemove

-This event indicates Indicates that the DecisionApplicationFile object is no longer present.
+This event indicates that the DecisionApplicationFile object is no longer present.

 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).

@ -701,7 +701,7 @@ The following fields are available:

 ### Microsoft.Windows.Appraiser.General.InventoryApplicationFileStartSync

-This event indicates indicates that a new set of InventoryApplicationFileAdd events will be sent.
+This event indicates that a new set of InventoryApplicationFileAdd events will be sent.

 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).

@ -4538,7 +4538,7 @@ The following fields are available:
 - **ReportId**  With Windows Update, this is the updateID that is passed to Setup. In media setup, this is the GUID for the install.wim.
 - **Setup360Extended**  Detailed information about the phase/action when the potential failure occurred.
 - **Setup360Mode**  The phase of Setup360. Example: Predownload, Install, Finalize, Rollback.
- **Setup360Result**  The result of Setup360. This is an HRESULT error code that can be used used to diagnose errors.
+- **Setup360Result**  The result of Setup360. This is an HRESULT error code that can be used to diagnose errors.
 - **Setup360Scenario**  The Setup360 flow type. Example: Boot, Media, Update, MCT.
 - **SetupVersionBuildNumber**  The build number of Setup360 (build number of target OS).
 - **State**  The exit state of a Setup360 run. Example: succeeded, failed, blocked, cancelled.
--- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md
+++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md
@ -666,7 +666,7 @@ The following fields are available:

 ### Microsoft.Windows.Appraiser.General.DecisionApplicationFileRemove

-This event indicates Indicates that the DecisionApplicationFile object is no longer present.
+This event indicates that the DecisionApplicationFile object is no longer present.

 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).

@ -1013,7 +1013,7 @@ The following fields are available:

 ### Microsoft.Windows.Appraiser.General.InventoryApplicationFileStartSync

-This event indicates indicates that a new set of InventoryApplicationFileAdd events will be sent.
+This event indicates that a new set of InventoryApplicationFileAdd events will be sent.

 This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange).

--- a/windows/privacy/windows-personal-data-services-configuration.md
+++ b/windows/privacy/windows-personal-data-services-configuration.md
@ -123,7 +123,7 @@ This setting determines whether a device shows notifications about Windows diagn

 ### Configure telemetry opt-in setting user interface

-This setting determines whether people can change their own Windows diagnostic data level in in *Start > Settings > Privacy > Diagnostics & feedback*.
+This setting determines whether people can change their own Windows diagnostic data level in *Start > Settings > Privacy > Diagnostics & feedback*.

 #### Group Policy

--- a/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md
+++ b/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md
@ -131,7 +131,7 @@ In the Windows 10, version 1703, the PIN complexity Group Policy settings have m
 ## Review

 Before you continue with the deployment, validate your deployment progress by reviewing the following items:
-* Confirm you authored Group Policy settings using the latest ADMX/ADML files (from the Widows 10 Creators Editions)
+* Confirm you authored Group Policy settings using the latest ADMX/ADML files (from the Windows 10 Creators Editions)
 * Confirm you configured the Enable Windows Hello for Business to the scope that matches your deployment (Computer vs. User)
 * Confirm you configure the Use Certificate enrollment for on-premises authentication policy setting.
 * Confirm you configure automatic certificate enrollment to the scope that matches your deployment (Computer vs. User)
--- a/windows/security/identity-protection/hello-for-business/hello-key-trust-policy-settings.md
+++ b/windows/security/identity-protection/hello-for-business/hello-key-trust-policy-settings.md
@ -104,7 +104,7 @@ In the Windows 10, version 1703, the PIN complexity Group Policy settings have m
 ## Review

 Before you continue with the deployment, validate your deployment progress by reviewing the following items:
-* Confirm you authored Group Policy settings using the latest ADMX/ADML files (from the Widows 10 Creators Editions)
+* Confirm you authored Group Policy settings using the latest ADMX/ADML files (from the Windows 10 Creators Editions)
 * Confirm you configured the Enable Windows Hello for Business to the scope that matches your deployment (Computer vs. User)
 * Confirm you configure the Use Certificate enrollment for on-premises authentication policy setting.
 * Confirm you configure automatic certificate enrollment to the scope that matches your deployment (Computer vs. User)
--- a/windows/security/information-protection/tpm/how-windows-uses-the-tpm.md
+++ b/windows/security/information-protection/tpm/how-windows-uses-the-tpm.md
@ -75,7 +75,7 @@ The adoption of new authentication technology requires that identity providers a

 Identity providers have flexibility in how they provision credentials on client devices. For example, an organization might provision only those devices that have a TPM so that the organization knows that a TPM protects the credentials. The ability to distinguish a TPM from malware acting like a TPM requires the following TPM capabilities (see Figure 1):

-•	**Endorsement key**. The TPM manufacturer can create a special key in the TPM called an *endorsement key*. An endorsement key certificate, signed by the manufacturer, says that the endorsement key is present in a TPM that that manufacturer made. Solutions can use the certificate with the TPM containing the endorsement key to confirm a scenario really involves a TPM from a specific TPM manufacturer (instead of malware acting like a TPM.
+•	**Endorsement key**. The TPM manufacturer can create a special key in the TPM called an *endorsement key*. An endorsement key certificate, signed by the manufacturer, says that the endorsement key is present in a TPM that the manufacturer made. Solutions can use the certificate with the TPM containing the endorsement key to confirm a scenario really involves a TPM from a specific TPM manufacturer (instead of malware acting like a TPM.

 •	**Attestation identity key**. To protect privacy, most TPM scenarios do not directly use an actual endorsement key. Instead, they use attestation identity keys, and an identity certificate authority (CA) uses the endorsement key and its certificate to prove that one or more attestation identity keys actually exist in a real TPM. The identity CA issues attestation identity key certificates. More than one identity CA will generally see the same endorsement key certificate that can uniquely identify the TPM, but any number of attestation identity key certificates can be created to limit the information shared in other scenarios.

--- a/windows/security/threat-protection/intelligence/support-scams.md
+++ b/windows/security/threat-protection/intelligence/support-scams.md
@ -40,7 +40,7 @@ It is also important to keep the following in mind:

 * Use [Microsoft Edge](https://www.microsoft.com/windows/microsoft-edge) when browsing the internet. It blocks known support scam sites using Windows Defender SmartScreen (which is also used by Internet Explorer). Furthermore, Microsoft Edge can stop pop-up dialogue loops used by these sites.

-* Enable Enable [Windows Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10) in Windows 10. It detects and removes known support scam malware.
+* Enable [Windows Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10) in Windows 10. It detects and removes known support scam malware.

 ## What to do if information has been given to a tech support person

@ -60,4 +60,4 @@ Help Microsoft stop scammers, whether they claim to be from Microsoft or from an

 **www.microsoft.com/reportascam**

-You can also report any **unsafe website** that you suspect is a phishing website or contains malicious content directly to Microsoft by filling out a [Report an unsafe site form](https://www.microsoft.com/en-us/wdsi/support/report-unsafe-site) or using built in web browser functionality.
+You can also report any **unsafe website** that you suspect is a phishing website or contains malicious content directly to Microsoft by filling out a [Report an unsafe site form](https://www.microsoft.com/en-us/wdsi/support/report-unsafe-site) or using built in web browser functionality.
--- a/windows/security/threat-protection/security-policy-settings/increase-scheduling-priority.md
+++ b/windows/security/threat-protection/security-policy-settings/increase-scheduling-priority.md
@ -84,11 +84,11 @@ A user who is assigned this user right could increase the scheduling priority of

 ### Countermeasure

-Verify that only Administrators and and Window Manager/Window Manager Group have the **Increase scheduling priority** user right assigned to them.
+Verify that only Administrators and Window Manager/Window Manager Group have the **Increase scheduling priority** user right assigned to them.

 ### Potential impact

-None. Restricting the **Increase scheduling priority** user right to members of the Administrators group and and Window Manager/Window Manager Group is the default configuration.
+None. Restricting the **Increase scheduling priority** user right to members of the Administrators group and Window Manager/Window Manager Group is the default configuration.

 ## Related topics

--- a/windows/security/threat-protection/windows-defender-atp/configure-mssp-support-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/configure-mssp-support-windows-defender-advanced-threat-protection.md
@ -20,7 +20,7 @@ ms.date: 09/03/2018

 >Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-mssp-support-abovefoldlink)

-[!include[Prerelease information](prerelease.md)]
+[!include[Prerelease information](prerelease.md)]

 You'll need to take the following configuration steps to enable the managed security service provider (MSSP) integration.

@ -58,7 +58,7 @@ This action is taken by the MSSP. It allows MSSPs to fetch alerts using APIs.

 >[!NOTE] 
 > These set of steps are directed towards the MSSP customer. <br>
-> Access to the portal can can only be done by the MSSP customer.
+> Access to the portal can only be done by the MSSP customer.

 As a MSSP customer, you'll need to take the following configuration steps to grant the MSSP access to Windows Defender Security Center. 

@ -269,7 +269,7 @@ You'll need to have **Manage portal system settings** permission to whitelist th

 You can now download the relevant configuration file for your SIEM and connect to the Windows Defender ATP API. For more information see, [Pull alerts to your SIEM tools](configure-siem-windows-defender-advanced-threat-protection.md).

- In the ArcSight configuration file / Splunk Authentication Properties file – you will have to write your application key manually by settings the secret value.
+- In the ArcSight configuration file / Splunk Authentication Properties file  you will have to write your application key manually by settings the secret value.
 - Instead of acquiring a refresh token in the portal, use the script from the previous step to acquire a refresh token (or acquire it by other means).

 ## Fetch alerts from MSSP customer's tenant using APIs
--- a/windows/security/threat-protection/windows-defender-atp/get-cvekbmap-collection-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-cvekbmap-collection-windows-defender-advanced-threat-protection.md
@ -19,7 +19,7 @@ ms.date: 10/07/2018

 - Windows Defender Advanced Threat Protection (Windows Defender ATP)

-Retrieves a map of of CVE's to KB's and CVE details.
+Retrieves a map of CVE's to KB's and CVE details.

 ## Permissions
 User needs read permissions.
--- a/windows/security/threat-protection/windows-defender-atp/overview-endpoint-detection-response.md
+++ b/windows/security/threat-protection/windows-defender-atp/overview-endpoint-detection-response.md
@ -19,7 +19,7 @@ ms.date: 09/03/2018
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)


-The Widows Defender ATP endpoint detection and response capabilities provides near real-time actionable advance attacks detections, enables security analysts to effectively prioritize alerts, unfold the full scope of a breach and take response actions to remediate the threat.
+The Windows Defender ATP endpoint detection and response capabilities provides near real-time actionable advance attacks detections, enables security analysts to effectively prioritize alerts, unfold the full scope of a breach and take response actions to remediate the threat.


 When a threat is detected, alerts are be created in the system for an analyst to investigate. Alerts with the same attack techniques or attributed to the same attacker are aggregated into an entity called _incident_. Aggregating alerts in this manner makes it easy for analysts to collectively investigate and respond to threats.
--- a/windows/security/threat-protection/windows-platform-common-criteria.md
+++ b/windows/security/threat-protection/windows-platform-common-criteria.md
@ -1,14 +1,14 @@
 ---
-title: Windows Platform Common Criteria Certification
+title: Common Criteria Certifications
 description: This topic details how Microsoft supports the Common Criteria certification program.
 ms.prod: w10
 ms.localizationpriority: medium
 ms.author: daniha
 author: danihalfin
-ms.date: 04/03/2018
+ms.date: 10/8/2018
 ---

-# Windows Platform Common Criteria Certification
+# Common Criteria Certifications

 Microsoft is committed to optimizing the security of its products and services. As part of that commitment, Microsoft supports the Common Criteria certification program, continues to ensure that products incorporate the features and functions required by relevant Common Criteria protection profiles, and completes Common Criteria certifications of Microsoft Windows products.

@ -18,7 +18,8 @@ Microsoft is committed to optimizing the security of its products and services.

 The Security Target describes security functionality and assurance measures used to evaluate Windows.

-  - [Microsoft Window 10 (Creators Update)](http://download.microsoft.com/download/e/8/b/e8b8c42a-a0b6-4ba1-9bdc-e704e8289697/windows%2010%20version%201703%20gp%20os%20security%20target%20-%20public%20\(january%2016,%202018\)\(final\)\(clean\).pdf)
+  - [Microsoft Windows 10 (Fall Creators Update)](http://download.microsoft.com/download/B/6/A/B6A5EC2C-6351-4FB9-8FF1-643D4BD5BE6E/Windows%2010%201709%20GP%20OS%20Security%20Target.pdf)
+  - [Microsoft Windows 10 (Creators Update)](http://download.microsoft.com/download/e/8/b/e8b8c42a-a0b6-4ba1-9bdc-e704e8289697/windows%2010%20version%201703%20gp%20os%20security%20target%20-%20public%20\(january%2016,%202018\)\(final\)\(clean\).pdf)
  - [Microsoft Windows Server 2016, Microsoft Windows Server 2012 R2, and Microsoft Windows 10 Hyper-V](http://download.microsoft.com/download/1/c/3/1c3b5ab0-e064-4350-a31f-48312180d9b5/st_vid10823-st.pdf)
  - [Microsoft Windows 10 (Anniversary Update) and Windows 10 Mobile (Anniversary Update)](http://download.microsoft.com/download/1/5/e/15eee6d3-f2a8-4441-8cb1-ce8c2ab91c24/windows%2010%20anniversary%20update%20mdf%20security%20target%20-%20public%20\(april%203%202017\).docx)
  - [Microsoft Windows 10 (Anniversary Update) and Windows Server 2016](http://download.microsoft.com/download/f/8/c/f8c1c2a4-719c-48ae-942f-9fd3ce5b238f/windows%2010%20au%20and%20server%202016%20gp%20os%20security%20target%20-%20public%20\(december%202%202016\)%20\(clean\).docx)
@ -52,7 +53,9 @@ These documents describe how to configure Windows to replicate the configuration

 **Windows 10, Windows 10 Mobile, Windows Server 2016, Windows Server 2012 R2**

-  - [Microsoft Window 10 (Creators Update)](http://download.microsoft.com/download/e/9/7/e97f0c7f-e741-4657-8f79-2c0a7ca928e3/windows%2010%20cu%20gp%20os%20operational%20guidance%20\(jan%208%202017%20-%20public\).pdf)
+  
+  - [Microsoft Windows 10 (Fall Creators Update)](http://download.microsoft.com/download/5/D/2/5D26F473-0FCE-4AC4-9065-6AEC0FE5B693/Windows%2010%201709%20GP%20OS%20Administrative%20Guide.pdf)
+  - [Microsoft Windows 10 (Creators Update)](http://download.microsoft.com/download/e/9/7/e97f0c7f-e741-4657-8f79-2c0a7ca928e3/windows%2010%20cu%20gp%20os%20operational%20guidance%20\(jan%208%202017%20-%20public\).pdf)
  - [Microsoft Windows Server 2016, Microsoft Windows Server 2012 R2, and Microsoft Windows 10 Hyper-V](http://download.microsoft.com/download/d/c/4/dc40b5c8-49c2-4587-8a04-ab3b81eb6fc4/st_vid10823-agd.pdf)
  - [Microsoft Windows 10 (Anniversary Update) and Windows 10 Mobile (Anniversary Update)](http://download.microsoft.com/download/4/c/1/4c1f4ea4-2d66-4232-a0f5-925b2bc763bc/windows%2010%20au%20operational%20guidance%20\(16%20mar%202017\)\(clean\).docx)
  - [Microsoft Windows 10 (Anniversary Update) and Windows Server 2016](http://download.microsoft.com/download/b/5/2/b52e9081-05c6-4895-91a3-732bfa0eb4da/windows%2010%20au%20and%20server%202016%20gp%20os%20operational%20guidance%20\(final\).docx)
@ -127,7 +130,8 @@ These documents describe how to configure Windows to replicate the configuration

 An Evaluation Technical Report (ETR) is a report submitted to the Common Criteria certification authority for how Windows complies with the claims made in the Security Target. A Certification / Validation Report provides the results of the evaluation by the validation team.

-  - [Microsoft Window 10 (Creators Update)](http://download.microsoft.com/download/3/2/c/32cdf627-dd23-4266-90ff-2f9685fd15c0/2017-49%20inf-2218%20cr.pdf)
+  - [Microsoft Windows 10 (Fall Creators Update)](http://download.microsoft.com/download/2/C/2/2C20D013-0610-4047-B2FA-516819DFAE0A/Windows%2010%201709%20GP%20OS%20Certification%20Report.pdf) 
+  - [Microsoft Windows 10 (Creators Update)](http://download.microsoft.com/download/3/2/c/32cdf627-dd23-4266-90ff-2f9685fd15c0/2017-49%20inf-2218%20cr.pdf)
  - [Microsoft Windows Server 2016, Microsoft Windows Server 2012 R2, and Microsoft Windows 10 Hyper-V](http://download.microsoft.com/download/a/3/3/a336f881-4ac9-4c79-8202-95289f86bb7a/st_vid10823-vr.pdf)
  - [Microsoft Windows 10 (Anniversary Update) and Windows 10 Mobile (Anniversary Update)](http://download.microsoft.com/download/f/2/f/f2f7176e-34f4-4ab0-993c-6606d207bb3c/st_vid10752-vr.pdf)
  - [Microsoft Windows 10 (Anniversary Update) and Windows Server 2016](http://download.microsoft.com/download/5/4/8/548cc06e-c671-4502-bebf-20d38e49b731/2016-36-inf-1779.pdf)