diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index af5222988d..ef2e397e5b 100644
Binary files a/.openpublishing.redirection.json and b/.openpublishing.redirection.json differ
diff --git a/devices/hololens/hololens-release-notes.md b/devices/hololens/hololens-release-notes.md
index a41f581400..38e382a7b6 100644
--- a/devices/hololens/hololens-release-notes.md
+++ b/devices/hololens/hololens-release-notes.md
@@ -8,7 +8,7 @@ ms.prod: hololens
ms.sitesec: library
ms.topic: article
ms.localizationpriority: medium
-ms.date: 05/12/2020
+ms.date: 06/9/2020
ms.custom:
- CI 111456
- CSSTroubleshooting
@@ -20,6 +20,48 @@ appliesto:
# HoloLens 2 release notes
+## Windows Holographic, version 2004 - June 2020 Update
+- Build 19041.1106
+
+Improvements and fixes in the update:
+
+- Custom MRC recorders have new default values for certain properties if they aren't specified.
+ - On the MRC Video Effect:
+ - PreferredHologramPerspective (1 PhotoVideoCamera)
+ - GlobalOpacityCoefficient (0.9 (HoloLens) 1.0 (Immersive headset))
+ - On the MRC Audio Effect:
+ - LoopbackGain (the current "App Audio Gain" value on the Mixed Reality Capture page in Windows Device Portal)
+ - MicrophoneGain (the current "Mic Audio Gain" value on the Mixed Reality Capture page in Windows Device Portal)
+- This update contains a bug fix that improves audio quality in Mixed Reality Capture scenarios. Specifically, it should eliminate any audio glitching in the recording when the Start Menu is displayed.
+- Improved hologram stability in recorded videos.
+- Resolves an issue where mixed reality capture couldn't record video after device is left in standby state for multiple days.
+- The HolographicSpace.UserPresence API is generally disabled for Unity applications to avoid an issue which causes some apps to pause when the visor is flipped up, even if the setting to run in the background is enabled. The API is now enabled for Unity versions 2018.4.18 and higher, and 2019.3.4 and higher.
+- When accessing Device Portal over a WiFi connection, a web browser might prevent access to due to an invalid certificate, reporting an error such as "ERR_SSL_PROTOCOL_ERROR," even if the device certificate has previously been trusted. In this case, you would be unable to progress to Device Portal as options to ignore security warnings are not available. This update resolves the issue. If the device certificate was previously downloaded and trusted on a PC to remove browser security warnings and the SSL error has been encountered, the new certificate will need to be downloaded and trusted to address browser security warnings.
+- Enabled ability to create a runtime provisioning package which can install an app using MSIX packages.
+- New setting that users can find under Settings > System > Holograms, that allows users to automatically remove all holograms from the mixed reality home when the device shuts down.
+- Fixed an issue that caused HoloLens apps that change their pixel format to render black in the HoloLens emulator.
+- Fixed bug that caused a crash during Iris Login.
+- Fixes an issue around repeated store downloads for already current apps.
+- Fixed a bug to preventing immersive apps from launching Edge multiple times.
+- Fixes an issue around launches of the Photos app in initial boots after updating from the 1903 release.
+- Improved performance and reliability.
+
+## Windows Holographic, version 1903 - June 2020 Update
+- Build 18362.1064
+
+Improvements and fixes in the update:
+
+- Custom MRC recorders have new default values for certain properties if they aren't specified.
+ - On the MRC Video Effect:
+ - PreferredHologramPerspective (1 PhotoVideoCamera)
+ - GlobalOpacityCoefficient (0.9 (HoloLens) 1.0 (Immersive headset))
+ - On the MRC Audio Effect:
+ - LoopbackGain (the current "App Audio Gain" value on the Mixed Reality Capture page in Windows Device Portal)
+ - MicrophoneGain (the current "Mic Audio Gain" value on the Mixed Reality Capture page in Windows Device Portal)
+- The HolographicSpace.UserPresence API is generally disabled for Unity applications to avoid an issue which causes some apps to pause when the visor is flipped up, even if the setting to run in the background is enabled. The API is now enabled for Unity versions 2018.4.18 and higher, and 2019.3.4 and higher.
+- Fixed an issue that caused HoloLens apps that change their pixel format to render black in the HoloLens emulator.
+- Fixes an issue around launches of the Photos app in initial boots after updating from the 1903 release.
+
## Windows Holographic, version 2004
Build - 19041.1103
@@ -32,7 +74,7 @@ We are excited to announce our May 2020 major software update for HoloLens 2, **
| Improved provisioning | Seamlessly apply a provisioning package from a USB drive to your HoloLens |
| Application install status | Check install status for apps have been pushed to HoloLens 2 via MDM, in the Settings app |
| Configuration Service Providers (CSPs) | Added new Configuration Service Providers (CSPs) enhancing admin control capabilities. |
-| USB 5G/LTE support | Expanded USB Ethernet capability enables support for 5G/LTE dongles |
+| USB 5G/LTE support | Expanded USB Ethernet capability enables support for 5G/LTE |
| Dark App Mode | Dark App Mode for apps that support both dark and light modes, improving the viewing experience |
| Voice Commands | Support for additional system voice commands to control HoloLens, hands-free |
| Hand Tracking improvements | Hand Tracking improvements make buttons and 2D slate interactions more accurate |
diff --git a/devices/surface/get-started.yml b/devices/surface/get-started.yml
index 131d77a578..0c309e50b7 100644
--- a/devices/surface/get-started.yml
+++ b/devices/surface/get-started.yml
@@ -72,10 +72,10 @@ landingContent:
linkLists:
- linkListType: how-to-guide
links:
+ - text: Secure Surface Dock 2 ports with Surface Enterprise Management Mode (SEMM)
+ url: secure-surface-dock-ports-semm.md
- text: Intune management of Surface UEFI settings
url: surface-manage-dfci-guide.md
- - text: Surface Enterprise Management Mode (SEMM)
- url: surface-enterprise-management-mode.md
- text: Surface Data Eraser tool
url: microsoft-surface-data-eraser.md
diff --git a/devices/surface/secure-surface-dock-ports-semm.md b/devices/surface/secure-surface-dock-ports-semm.md
index 615ba03a3c..dfd2d40c11 100644
--- a/devices/surface/secure-surface-dock-ports-semm.md
+++ b/devices/surface/secure-surface-dock-ports-semm.md
@@ -30,13 +30,15 @@ Managing Surface Dock 2 with SEMM is available for docks connected to Surface Bo
>[!NOTE]
>You can manage Surface Dock 2 ports only when the dock is connected to one of the following compatible devices: Surface Book 3, Surface Laptop 3, and Surface Pro 7. Any device that doesn't receive the UEFI Authenticated policy settings is inherently an unauthenticated device.
-Restricting Surface Dock 2 to authorized persons signed into a corporate host device provides another layer of data protection. This ability to lock down Surface Dock 2 is critical for specific customers in highly secure environments who want the functionality and productivity benefits of the dock while maintaining compliance with strict security protocols. We anticipate SEMM used with Surface Dock 2 will be particularly useful in open offices and shared spaces especially for customers who want to lock USB ports for security reasons.
+### Scenarios
+
+Restricting Surface Dock 2 to authorized persons signed into a corporate host device provides another layer of data protection. This ability to lock down Surface Dock 2 is critical for specific customers in highly secure environments who want the functionality and productivity benefits of the dock while maintaining compliance with strict security protocols. We anticipate SEMM used with Surface Dock 2 will be particularly useful in open offices and shared spaces especially for customers who want to lock USB ports for security reasons. For a video demo, check out [SEMM for Surface Dock 2](https://youtu.be/VLV19ISvq_s).
## Configuring and deploying UEFI settings for Surface Dock 2
This section provides step-by-step guidance for the following tasks:
-1. Install **Surface UEFI Configurator**.
+1. Install [**Surface UEFI Configurator**](https://www.microsoft.com/en-us/download/details.aspx?id=46703).
1. Create or obtain public key certificates.
1. Create an .MSI configuration package.
1. Add your certificates.
@@ -91,7 +93,7 @@ Each host device must have the doc CA and two certificates as shown in Table 2.
|Provisioning administration certificate|ECC P256
SHA256|Enables you to change dock ownership and/or policy settings by allowing you to replace the CA that's currently installed on the dock.|1.3.6.1.4.1.311.76.9.21.3
1.3.6.1.4.1.311.76.9.21.4|
>[!NOTE]
- >The host authentication and provisioning certificates must be exported as.pfx files.
+ >The host authentication and provisioning certificates must be exported as .pfx files.
### Create configuration package
diff --git a/windows/deployment/index.yml b/windows/deployment/index.yml
index bf40abe0b9..70fa4b92c9 100644
--- a/windows/deployment/index.yml
+++ b/windows/deployment/index.yml
@@ -13,7 +13,7 @@ metadata:
ms.collection: windows-10
author: greg-lindsay #Required; your GitHub user alias, with correct capitalization.
ms.author: greglin #Required; microsoft alias of author; optional team alias.
- ms.date: 06/08/2020 #Required; mm/dd/yyyy format.
+ ms.date: 06/09/2020 #Required; mm/dd/yyyy format.
localization_priority: medium
# linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | video | whats-new
@@ -29,38 +29,12 @@ landingContent:
- text: Windows 10 deployment scenarios
url: windows-10-deployment-scenarios.md
- - linkListType: quickstart
+ - linkListType: get-started
links:
- text: Demonstrate Autopilot deployment
url: windows-autopilot/demonstrate-deployment-on-vm.md
- text: Deploy Windows 10 in a test lab
url: windows-10-poc.md
- - linkListType: architecture
- links:
- - text: Windows 10 deployment considerations
- url: planning/windows-10-deployment-considerations.md
- - text: Windows 10 infrastructure requirements
- url: planning/windows-10-infrastructure-requirements.md
- - text: Windows 10 features lifecycle
- url: planning/features-lifecycle.md
- - text: Plan for volume activation
- url: volume-activation/plan-for-volume-activation-client.md
- - linkListType: how-to-guide
- links:
- - text: Prepare for Zero Touch Installation with Configuration Manager
- url: deploy-windows-cm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md
- - text: Prepare to deploy Windows 10 with MDT
- url: deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md
- - linkListType: deploy
- links:
- - text: Windows Autopilot scenarios and capabilities
- url: windows-autopilot/windows-autopilot-scenarios.md
- - text: Deploy Windows 10 to a new device with Configuration Manager
- url: deploy-windows-cm/deploy-windows-10-using-pxe-and-configuration-manager.md
- - text: Deploy a Windows 10 image using MDT
- url: deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md
- - text: Resolve Windows 10 upgrade errors
- url: upgrade/resolve-windows-10-upgrade-errors.md
# Card (optional)
- title: Update Windows 10
@@ -75,6 +49,11 @@ landingContent:
links:
- text: Servicing the Windows 10 operating system
url: update/waas-servicing-strategy-windows-10-updates.md
+
+
+ # Card (optional)
+ - title: Deployment planning
+ linkLists:
- linkListType: architecture
links:
- text: Create a deployment plan
@@ -87,61 +66,52 @@ landingContent:
url: update/plan-determine-app-readiness.md
- text: Define your servicing strategy
url: update/waas-servicing-strategy-windows-10-updates.md
+
+ # Card
+ - title: Prepare to deploy Windows 10
+ linkLists:
- linkListType: how-to-guide
links:
+ - text: Prepare for Zero Touch Installation with Configuration Manager
+ url: deploy-windows-cm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md
+ - text: Prepare to deploy Windows 10 with MDT
+ url: deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md
- text: Evaluate and update infrastructure
url: update/update-policies.md
- text: Build a successful servicing strategy
url: update/waas-deployment-rings-windows-10-updates.md
+
+ # Card
+ - title: Deploy and update Windows 10
+ linkLists:
- linkListType: deploy
links:
+ - text: Windows Autopilot scenarios and capabilities
+ url: windows-autopilot/windows-autopilot-scenarios.md
+ - text: Deploy Windows 10 to a new device with Configuration Manager
+ url: deploy-windows-cm/deploy-windows-10-using-pxe-and-configuration-manager.md
+ - text: Deploy a Windows 10 image using MDT
+ url: deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md
- text: Assign devices to servicing channels
url: update/waas-servicing-channels-windows-10-updates.md
- text: Deploy Windows 10 updates
url: update/waas-servicing-channels-windows-10-updates.md
- - text: Troubleshoot Windows Update
- url: update/windows-update-troubleshooting.md
+ - text: Resolve Windows 10 upgrade errors
+ url: upgrade/resolve-windows-10-upgrade-errors.md
# Card (optional)
- - title: Resources
+ - title: Windows 10 resources
linkLists:
- - linkListType: reference
- links:
- - text: How does Windows Update work?
- url: update/how-windows-update-works.md
- - text: Unified Update Platform (UUP) architecture
- url: update/windows-update-overview.md#unified-update-platform-uup-architecture
- - text: Servicing stack updates
- url: update/servicing-stack-updates.md
- - text: Manage additional Windows Update setings
- url: update/waas-wu-settings.md
- - text: Delivery Optimization reference
- url: update/waas-delivery-optimization-reference.md
- - text: Convert an MBR partition to GPT
- url: mbr-to-gpt.md
- - text: VAMT technical reference
- url: volume-activation/volume-activation-management-tool.md
- - text: User State Migration Tool (USMT) overview
- url: usmt/usmt-overview.md
- linkListType: reference
links:
- text: Windows 10 release information
url: https://docs.microsoft.com/windows/release-information/
- text: What's new in Windows 10
url: https://docs.microsoft.com/windows/whats-new/
- - text: Microsoft 365 for enterprise documention
- url: https://docs.microsoft.com/microsoft-365/enterprise/
- - text: Microsoft Surface documentation
- url: https://docs.microsoft.com/surface/
- - text: Evaluate Windows 10 Enterprise
- url: https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise
- - text: Microsoft FastTrack cloud solutions
- url: https://www.microsoft.com/fasttrack/
- - text: Microsoft Intune documentation
- url: https://docs.microsoft.com/mem/intune/
- - text: Microsoft Endpoint Configuration Manager documentation
- url: https://docs.microsoft.com/mem/configmgr/
- text: Windows 10 Enterprise Security
url: https://docs.microsoft.com/windows/security/
- text: Desktop Deployment Center
url: https://docs.microsoft.com/microsoft-365/enterprise/desktop-deployment-center-home
+ - text: Microsoft 365 solution and architecture center
+ url: https://docs.microsoft.com/microsoft-365/solutions/?view=o365-worldwide
+
diff --git a/windows/privacy/index.yml b/windows/privacy/index.yml
index 43423ceb3e..2b8a276046 100644
--- a/windows/privacy/index.yml
+++ b/windows/privacy/index.yml
@@ -45,7 +45,7 @@ productDirectory:
# imageSrc should be square in ratio with no whitespace
imageSrc: https://docs.microsoft.com/media/common/i_extend.svg
summary: Learn more about basic Windows diagnostic data events and fields collected.
- url: basic-level-windows-diagnostic-events-and-fields.md
+ url: required-windows-diagnostic-data-events-and-fields-2004.md
# Card
- title: Enhanced level events and fields
imageSrc: https://docs.microsoft.com/media/common/i_delivery.svg
diff --git a/windows/privacy/manage-windows-2004-endpoints.md b/windows/privacy/manage-windows-2004-endpoints.md
index a8c5513c4e..75e9aa6738 100644
--- a/windows/privacy/manage-windows-2004-endpoints.md
+++ b/windows/privacy/manage-windows-2004-endpoints.md
@@ -12,7 +12,7 @@ ms.author: obezeajo
manager: robsize
ms.collection: M365-security-compliance
ms.topic: article
-ms.date: 5/11/2020
+ms.date: 6/9/2020
---
# Manage connection endpoints for Windows 10 Enterprise, version 2004
@@ -80,7 +80,7 @@ The following methodology was used to derive these network endpoints:
||The following endpoints are used to communicate with Microsoft Store. If you turn off traffic for these endpoints, apps cannot be installed or updated from the Microsoft Store. |HTTP|*.dl.delivery.mp.microsoft.com|
||The following endpoint is used to get Microsoft Store analytics.|TLSv1.2|manage.devcenter.microsoft.com|
|Network Connection Status Indicator (NCSI)|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-ncsi)|
-||Network Connection Status Indicator (NCSI) detects Internet connectivity and corporate network connectivity status. NCSI sends a DNS request and HTTP query to this endpoint to determine if the device can communicate with the Internet. If you turn off traffic for this endpoint, NCSI won't be able to determine if the device is connected to the Internet and the network status tray icon will show a warning.|HTTPS|www.msftconnecttest.com*|
+||Network Connection Status Indicator (NCSI) detects Internet connectivity and corporate network connectivity status. NCSI sends a DNS request and HTTP query to this endpoint to determine if the device can communicate with the Internet. If you turn off traffic for this endpoint, NCSI won't be able to determine if the device is connected to the Internet and the network status tray icon will show a warning.|HTTP|www.msftconnecttest.com*|
|Office|The following endpoints are used to connect to the Office 365 portal's shared infrastructure, including Office in a browser. For more info, see Office 365 URLs and IP address ranges. You can turn this off by removing all Microsoft Office apps and the Mail and Calendar apps. If you turn off traffic for these endpoints, users won't be able to save documents to the cloud or see their recently used documents.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#26-microsoft-store)|
|||HTTPS|*ow1.res.office365.com|
|||HTTPS|office.com|
diff --git a/windows/privacy/windows-endpoints-2004-non-enterprise-editions.md b/windows/privacy/windows-endpoints-2004-non-enterprise-editions.md
index a224c93fd2..d0be97841e 100644
--- a/windows/privacy/windows-endpoints-2004-non-enterprise-editions.md
+++ b/windows/privacy/windows-endpoints-2004-non-enterprise-editions.md
@@ -84,7 +84,7 @@ The following methodology was used to derive the network endpoints:
|watson.telemetry.microsoft.com|HTTPS|Diagnostic Data
|wdcp.microsoft.com|TLSv1.2|Used for Windows Defender when Cloud-based Protection is enabled
|www.bing.com|TLSv1.2|Used for updates for Cortana, apps, and Live Tiles
-|www.msftconnecttest.com|HTTPS|Network Connection (NCSI)
+|www.msftconnecttest.com|HTTP|Network Connection (NCSI)
|www.office.com|HTTPS|Microsoft Office
@@ -144,7 +144,7 @@ The following methodology was used to derive the network endpoints:
|watson.telemetry.microsoft.com|HTTPS|Diagnostic Data
|wdcp.microsoft.com|TLSv1.2|Used for Windows Defender when Cloud-based Protection is enabled
|www.bing.com|TLSv1.2|Used for updates for Cortana, apps, and Live Tiles
-|www.msftconnecttest.com|HTTPS|Network Connection (NCSI)
+|www.msftconnecttest.com|HTTP|Network Connection (NCSI)
|www.msn.com|HTTPS|Network Connection (NCSI)
|www.office.com|HTTPS|Microsoft Office
@@ -198,6 +198,6 @@ The following methodology was used to derive the network endpoints:
|wdcp.microsoft.com|TLSv1.2|Used for Windows Defender when Cloud-based Protection is enabled
|www.bing.com|TLSv1.2|Used for updates for Cortana, apps, and Live Tiles
|www.microsoft.com|HTTP|Connected User Experiences and Telemetry, Microsoft Data Management service
-|www.msftconnecttest.com|HTTPS|Network Connection (NCSI)
+|www.msftconnecttest.com|HTTP|Network Connection (NCSI)
|www.office.com|HTTPS|Microsoft Office
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data.md b/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data.md
index 6152f332d7..e366bb2066 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data.md
@@ -1,7 +1,7 @@
---
title: Collect diagnostic data of Microsoft Defender Antivirus
description: Use a tool to collect data to troubleshoot Microsoft Defender Antivirus
-keywords: troubleshoot, error, fix, update compliance, oms, monitor, report, Microsoft Defender AV
+keywords: troubleshoot, error, fix, update compliance, oms, monitor, report, Microsoft Defender av
search.product: eADQiWindows 10XVcnh
ms.pagetype: security
ms.prod: w10
@@ -12,7 +12,7 @@ ms.localizationpriority: medium
author: denisebmsft
ms.author: deniseb
ms.custom: nextgen
-ms.date: 06/01/2020
+ms.date: 06/10/2020
ms.reviewer:
manager: dansimp
---
@@ -35,10 +35,10 @@ On at least two devices that are experiencing the same issue, obtain the .cab di
c. Enter administrator credentials or approve the prompt.
-2. Navigate to the Windows Defender directory. By default, this is `C:\Program Files\Windows Defender`.
+2. Navigate to the Microsoft Defender directory. By default, this is `C:\Program Files\Windows Defender`.
> [!NOTE]
-> If you're running an updated Windows Defender Platform version, please run `MpCmdRun` from the following location: `C:\ProgramData\Microsoft\Windows Defender\Platform\`.
+> If you're running an updated Microsoft Defender Platform version, please run `MpCmdRun` from the following location: `C:\ProgramData\Microsoft\Windows Defender\Platform\`.
3. Type the following command, and then press **Enter**
@@ -46,7 +46,7 @@ On at least two devices that are experiencing the same issue, obtain the .cab di
mpcmdrun.exe -GetFiles
```
-4. A .cab file will be generated that contains various diagnostic logs. The location of the file will be specified in the output in the command prompt. By default, the location is `C:\ProgramData\Microsoft\Windows Defender\Support\MpSupportFiles.cab`.
+4. A .cab file will be generated that contains various diagnostic logs. The location of the file will be specified in the output in the command prompt. By default, the location is `C:\ProgramData\Microsoft\Microsoft Defender\Support\MpSupportFiles.cab`.
> [!NOTE]
> To redirect the cab file to a a different path or UNC share, use the following command: `mpcmdrun.exe -GetFiles -SupportLogLocation `
For more information see [Redirect diagnostic data to a UNC share](#redirect-diagnostic-data-to-a-unc-share).
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/command-line-arguments-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/command-line-arguments-microsoft-defender-antivirus.md
index cf81f65145..0286462e81 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/command-line-arguments-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/command-line-arguments-microsoft-defender-antivirus.md
@@ -27,7 +27,7 @@ You can perform various Microsoft Defender Antivirus functions with the dedicate
> [!NOTE]
> You might need to open an administrator-level version of the command prompt. Right-click the item in the Start menu, click **Run as administrator** and click **Yes** at the permissions prompt.
>
-> If you're running an updated Windows Defender Platform version, please run `MpCmdRun` from the following location: `C:\ProgramData\Microsoft\Windows Defender\Platform\`.
+> If you're running an updated Microsoft Defender Platform version, please run `MpCmdRun` from the following location: `C:\ProgramData\Microsoft\Windows Defender\Platform\`.
The utility has the following commands:
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
index 2c8c2b2f66..b640c52453 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
@@ -30,7 +30,14 @@ ms.date: 04/16/2020
## Onboard non-persistent virtual desktop infrastructure (VDI) machines
-Microsoft Defender ATP supports non-persistent VDI session onboarding. There might be associated challenges when onboarding VDIs. The following are typical challenges for this scenario:
+Microsoft Defender ATP supports non-persistent VDI session onboarding.
+
+>[!Note]
+>To onboard non-persistent VDI sessions, VDI machines must be on Windows 10.
+>
+>While other Windows versions might work, only Windows 10 is supported.
+
+There might be associated challenges when onboarding VDIs. The following are typical challenges for this scenario:
- Instant early onboarding of a short-lived sessions, which must be onboarded to Microsoft Defender ATP prior to the actual provisioning.
- The machine name is typically reused for new sessions.
diff --git a/windows/whats-new/whats-new-windows-10-version-2004.md b/windows/whats-new/whats-new-windows-10-version-2004.md
index a722dcf90c..0740a2c4fd 100644
--- a/windows/whats-new/whats-new-windows-10-version-2004.md
+++ b/windows/whats-new/whats-new-windows-10-version-2004.md
@@ -18,7 +18,7 @@ ms.topic: article
**Applies to**
- Windows 10, version 2004
-This article lists new and updated features and content that are of interest to IT Pros for Windows 10, version 2004, also known as the Windows 10 May 2020 Update. This update also contains all features and fixes included in previous cumulative updates to Windows 10, version 1909.
+This article lists new and updated features and content that are of interest to IT Pros for Windows 10, version 2004, also known as the Windows 10 May 2020 Update. This update also contains all features and fixes included in previous cumulative updates to Windows 10, version 1909. To download and install Windows 10, version 2004, use Windows Update (**Settings > Update & Security > Windows Update**). For more information, see this [video](https://aka.ms/Windows-10-May-2020-Update).
> [!NOTE]
> The month indicator for this release is 04 instead of 03 to avoid confusion with Windows releases in the year 2003.
@@ -207,7 +207,7 @@ The following items are added to Task Manager in this release:
### 2-in-1 PCs
-A [new tablet experience](https://docs.microsoft.com/windows-insider/at-work-pro/wip-4-biz-whats-new#new-tablet-experience-for-2-in-1-convertible-pcs-build-18970) for two-in-one convertible PCs is available. The screen will be optimized for touch When you detach your two-in-one's keyboard, but you'll still keep the familiar look of your desktop without interruption.
+A [new tablet experience](https://docs.microsoft.com/windows-insider/at-work-pro/wip-4-biz-whats-new#new-tablet-experience-for-2-in-1-convertible-pcs-build-18970) for two-in-one convertible PCs is available. The screen will be optimized for touch when you detach your two-in-one's keyboard, but you'll still keep the familiar look of your desktop without interruption.
### Specialized displays