From 8bebe48b9d860ac14d40802af2fc71e5ccbafbca Mon Sep 17 00:00:00 2001
From: ImranHabib <47118050+joinimran@users.noreply.github.com>
Date: Tue, 5 Mar 2019 20:32:14 +0500
Subject: [PATCH 01/22] Updated required windows version

Network protection works on Windows Pro and Enterprise. I have upgraded this information. Problem Link: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/2776
---
 .../network-protection-exploit-guard.md                         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md
index 78f14e5a59..3cca43c877 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md
@@ -37,7 +37,7 @@ You can also use [audit mode](audit-windows-defender-exploit-guard.md) to evalua
 
 ## Requirements
 
-Network protection requires Windows 10 Enterprise E3 and Windows Defender AV real-time protection.
+Network protection requires Windows 10 Pro, Enterprise E3, E5 and Windows Defender AV real-time protection.
 
 Windows 10 version | Windows Defender Antivirus
 - | -

From c1823521cae391a0f916a78de69dd631ac1427a2 Mon Sep 17 00:00:00 2001
From: arottem <amitai@amitairottem.com>
Date: Wed, 6 Mar 2019 14:24:04 -0800
Subject: [PATCH 02/22] Fixed half ball

---
 .../windows-defender-exploit-guard.md                           | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md
index bdf4311dfe..fa61cccc67 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md
@@ -60,7 +60,7 @@ This section covers requirements for each feature in Windows Defender EG.
 | Feature | Windows 10 Home | Windows 10 Professional | Windows 10 E3 | Windows 10 E5 |
 | ----------------- | :------------------------------------: | :---------------------------: | :-------------------------: | :--------------------------------------: |
 | Exploit protection | ![supported](./images/ball_50.png) | ![supported](./images/ball_50.png) | ![supported, enhanced](./images/ball_50.png) | ![supported, full reporting](./images/ball_full.png) |
-| Attack surface reduction rules | ![not supported](./images/ball_empty.png) | ![not supported](./images/ball_empty.png) | ![not supported](./images/ball_empty.png) | ![supported, full reporting](./images/ball_full.png) |
+| Attack surface reduction rules | ![not supported](./images/ball_empty.png) | ![not supported](./images/ball_empty.png) | ![not supported](./images/ball_50.png) | ![supported, full reporting](./images/ball_full.png) |
 | Network protection | ![not supported](./images/ball_empty.png) | ![not supported](./images/ball_empty.png) | ![supported, limited reporting](./images/ball_50.png) | ![supported, full reporting](./images/ball_full.png) |
 | Controlled folder access | ![supported, limited reporting](./images/ball_50.png) | ![supported, limited reporting](./images/ball_50.png) | ![supported, limited reporting](./images/ball_50.png) | ![supported, full reporting](./images/ball_full.png) |
 

From a3849af80948ee6be43afdaf0b963819683b3180 Mon Sep 17 00:00:00 2001
From: arottem <amitai@amitairottem.com>
Date: Wed, 6 Mar 2019 14:24:41 -0800
Subject: [PATCH 03/22] removed E5 as pre req

---
 .../windows-defender-exploit-guard/troubleshoot-asr.md          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/troubleshoot-asr.md b/windows/security/threat-protection/windows-defender-exploit-guard/troubleshoot-asr.md
index 46df2bf21d..a6e95cf704 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/troubleshoot-asr.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/troubleshoot-asr.md
@@ -36,7 +36,7 @@ There are four steps to troubleshooting these problems:
 Attack surface reduction rules will only work on devices with the following conditions:
 
 >[!div class="checklist"]
-> - Endpoints are running Windows 10 Enterprise E5, version 1709 (also known as the Fall Creators Update).
+> - Endpoints are running Windows 10 Enterprise, version 1709 (also known as the Fall Creators Update).
 > - Endpoints are using Windows Defender Antivirus as the sole antivirus protection app. [Using any other antivirus app will cause Windows Defender AV to disable itself](../windows-defender-antivirus/windows-defender-antivirus-compatibility.md).
 > - [Real-time protection](../windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md) is enabled.
 > - Audit mode is not enabled. Use Group Policy to set the rule to **Disabled** (value: **0**) as described in [Enable attack surface reduction rules](enable-attack-surface-reduction.md).

From 5683905cdd27df15b3d6320d4b616b7fc0fefab0 Mon Sep 17 00:00:00 2001
From: Deland-Han <delhan@microsoft.com>
Date: Tue, 19 Mar 2019 10:35:19 +0800
Subject: [PATCH 04/22] finish

---
 ...-configure-encryption-types-allowed-for-kerberos.md | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md b/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md
index 1fd68c4416..5201ac7cf1 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md
@@ -15,12 +15,12 @@ ms.topic: conceptual
 ms.date: 04/19/2017
 ---
 
-# Network security: Configure encryption types allowed for Kerberos Win7 only
+# Network security: Configure encryption types allowed for Kerberos
 
 **Applies to**
 -   Windows 10
 
-Describes the best practices, location, values and security considerations for the **Network security: Configure encryption types allowed for Kerberos Win7 only** security policy setting.
+Describes the best practices, location, values and security considerations for the **Network security: Configure encryption types allowed for Kerberos** security policy setting.
 
 ## Reference
 
@@ -67,9 +67,9 @@ Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Sec
 | Default domain policy| Not defined|
 | Default domain controller policy| Not defined|
 | Stand-alone server default settings | Not defined|
-| Domain controller effective default settings | None of these encryption types that are available in this policy are allowed.|
-| Member server effective default settings | None of these encryption types that are available in this policy are allowed.|
-| Effective GPO default settings on client computers | None of these encryption types that are available in this policy are allowed.|
+| Domain controller effective default settings | The default OS setting applies, DES suites are not supported by default.|
+| Member server effective default settings | The default OS setting applies, DES suites are not supported by default.|
+| Effective GPO default settings on client computers | The default OS setting applies, DES suites are not supported by default.|
  
 ## Security considerations
 

From 14b968120030c64b1562d52ab8b2784274a8d84f Mon Sep 17 00:00:00 2001
From: get-itips <andresg@capazero.net>
Date: Wed, 20 Mar 2019 22:33:45 -0300
Subject: [PATCH 05/22] Added second row of names

to support Dark mode
---
 .../images/upgrademdt-fig1-machines.png       | Bin 8240 -> 8605 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/windows/deployment/images/upgrademdt-fig1-machines.png b/windows/deployment/images/upgrademdt-fig1-machines.png
index 38129332e64c37bb002dc1f0513cd61e124b4d8a..ef553b6595cbc999bac4169a19fdb6417ce64b99 100644
GIT binary patch
literal 8605
zcmZviWl$Wj)`r{C7I$|qP@ILL3&mNqxa*<?irZqv-HR+*plH$J4huyW*P;b>af-Wr
z+<X6iKa%q%lSwi;&t%TYB<ho@JT?Xe#)}s(ut5qk8qc=wxyYfteXb*viu9k&Ya2-w
z$rmqb6EN@1-#oX`ofY)mUcA60_)mE`wGwdu+)3sxtLLuiWbN){?rQbI+1&1nJJ%O0
zcRGG9Uak)hs^~i}UeHs5WF)n`O%9Dwy|uL)a|Or#qA93Toe1+qZcdZqPrfA2Mds6~
z{1AL2Yp_F2Af=@6iito2q(Ju(a+I2wxJ)!f`C3Z;WAynd{nOHu>g5H(RXtmhnf~dj
z@+iA*T=*`#W3Fr7q;1(PP&WZ`A6`RLK)At)uzz<?V$1#GV799Rtrp0H5cExg%oyl3
zIzD|^^xBJM1K8wmc8P2zsEPZ4eu$#maaLc4O)5uD=jGW)6VI7~m8M+1n^h&#ahH;3
ztfX3x3m`i^imFGN)#;hGbM^Xwb4oreX*oZ(CTmR6-u}5N*NKUB+qrx4)2P*3Qbqx6
zH}ira8wF6kyyTbx!m3*GOED#1V+G9hr@HqIGR-f_mcC1I6cXBVx-a7CO&qg@s|hi8
zyKUZ=UElW-@l0kiX>|~`hH{4vo&P!YzDJblwFUI9m@~>1{LXt)?wBN>h!Q7K=yiW+
zMu7!asB8R9_*L+t_CnU>QI2S<O1@|Ay@kz>Mesj(knQp{Tj%Snn21Y)hSwa`$muvr
zn8mt+WsxX7OE2;6kZ1DDEF^!xXZhR$&G_gMMb?{_vi1aB4@nq~%?qk=Gfm)4DF$h9
zn|#J*nV(JVxILHcm5U<_xR=kb;8#w07gxIsAsAL-sIix)^8Av}AO8!@fgAgG;|AR~
z5*_?DRy91)0n8giU=mRq);qB8q%&!#7}tq=Abo_K{~wex5KcjXZ($@c(1!Z74rqy)
zhUXY23_xY=5YtM~jG4Io-PIo2lb7&OPKV?m+la?}QL2Jw73HVD^g1~SijpsBER{V2
z=<r|5WmQNF`(oFbn%E5@Z}|6vgs5doIJuzp*W>1wLd_B=sF%g&YyXH2RvOUTyxy7V
z`c%+)exvggYD{OfxWi<;MYC|iyYivq9g`)m;tJu^Jzq1q!My)qV3su@>tmO(@Yddd
z=ZJz+PiBGv>tG(*>O&<u4tP4+{BmtEV~Zdq?sYtrdo9Cae$$7pcZ(#giO08FkJ2Nh
zNzjj};BiN=#!>-DX!hq;YK`p@(oKEBAim#qOeu<cMIG^JHewmqwl;T?7^sB5CG?`Y
z9Ulg9P%W4AJ^~G2*9wBwWC=WvBIVyib#P)JlNacN4?y#{2Sd$CR7b<8ntSgTT#b#|
z%_>;ELQ8js7U}@%jb_BNoO&$|J;C;kW-TUzqplJ2ndH|yPmAgj=Tix9DEMuiE$fF~
zzYYtBjVz(kn<ou&k4kGm2rTMcd3r@L3xNPLLMY~VDU;A$s9E_g0~SH9-=hWQ^)0Ga
zrgA3MWRT^KWQjddno8D(mYtemst6p!#(5b~=;DFPFVGKFm1-#*yq5ZRXI)D2Kuq$W
z^4c@-9nOIgX`d>wTm{1iP{6sudW&@MIlqHNwx%&NAgfh61l3a>QZ9%Sn8og%_Q1%g
z=V4oH*P|$d*;vVRSvCHaeJ>)Xci`pWQpYR}VX<=WSTqJlotLbl0fwR%iFA5aJm(+7
z8euR%iZ7bi)k8#iE{2Ec9qxYEcH`N3#87Mt*@sj1>o;##E-x>7B}Co7|Jy0D|L$;I
z)5$uh)QyZ`aXx{mXG?gIZIAiI07|Yl&xe3QH~wLCp2G38oP>Q`{az86q1z;KVi}wr
zmr>v)ZnUKEB1yZ!&>d}$IJm=NyQy!307I`%jO%vove2V(nL|$}81u5S_|4K!gPQji
zKS><&oL@+(>0atE^-c!#Z^~F7ad%RMS$VS8G8;!+Jen^UB*ww-l@UbSbmGi3hM0Bv
zBa`$3_L#7`5uPcP2)0#2bJC=s3-u_y_9<*an@kuajFUjnv7AZ(!cXzx3tZ12oZ1+2
z>5WS)s^PNP&urA?Nuyhx-IF@P;u6&-ULEO=XQO)9Tb9!1a@sfco{@&L2(`;)3m!zt
zqIU3IH;pFC1Ul+q^v&3q;Y^vHw1UG1JU@n&Eqcc}mMcy-+;zob$U~e-y_om=%mxI}
zUZ>Vo^>r9ruD6?3a@)=-{852*S!It;MG&2x?C@iIFEKeaSf$mH=o^wzO#Bryl38Iy
zRT`p7GFS4Y_u~L(#%?-FL<UDQ>Ol9*;!A+aXku!PzgJnR!^)3{f2W>zx{0Zc(TH}>
zyGxJdcAqzbRi=FnpDj!~Wh`h1!p_##@Bc^(`EI@7LJKzSbl%`^I$u6tIG-6-h|L2t
zrp*)cH60y~Hx7=+5mwIes!yt+=hVCreRu9GLvUAOP?IviUX?ATP7f67<$)YTpOP&s
zsRS4eE<dH@0&C5p!q9j<d&YiaLR+8{$RfrjCe)-T^+Cc~Kra?#t36rFK~b&$GWu{s
zNZR{|%Dd#Kn<t$gemQCWyI)TkDnQG7f?nbwl4BB)3?DifDLQzcAnI~<%e>s;M%d(J
z+&fCC>zvcq3Bl2=$|gaGb1DQ}QUQg4g1`?zfw;acZSts`+#R0%R;ev6+V&?B*SZIn
z{VnYfl7pEJ&V^n7;00~YjD@a%b(mNB7#gnXxJtrk=UdU}*uq0c7I7}i_*?-m8V!vm
zIw6i%_WrVw>fbnlZX0PbyU;p}Ux|sCUkeVy6cm?2EABanzLC%|Grl4AeIMGyB|9{R
zp=`X1I*p{s5OMnu9ivobNDi?!q$KpapX`z;8GR|*D7&#RIrT7KmD>fm`bWLo;!oK0
zy4Go>J>cf@Fl*lS6Gd`v=4i#Lg70*gZWSMasBlt#nnyUi{Ng<unoyupy^%z{S$b@v
z8B-J8Z3{a?Ty7T4-9nPZA9YLAq!WOAK&SqfQ=!Bb{VZLRo@ghXjfwo;nqOBRVa2bB
zzKly7jFI%c8`uMH)mPe00aD;rqDn~>OR*OCt_Tw3I{XH}%EcL;qAOIKwbbo@Xy5=+
zl5YC4QYtOnRxUV$h(bA;Gjy!AU1xG&k4xv}?ZsG+!qL{zF$wL?5pDWW(&@K*_nvX6
z_{@aS#X*3<+a-tLEIF(YZ>J59`KD7>Hr8)_EQeBqw#n%MFLM&S*6eaqUvaEEuBcI0
z-6Q@sLWo?#4H1D;SkL;xbEID!$1?ZkCNk;x<Z58+0E@%bMb1bg7>k#IfPpD!7YefO
zhesJECvwA{i8`+oIasJeA!lF`_D0ZYXlj~&-hWdko2D>tWpr|K);p~xF^cm&G#5_v
z6lWcYQ7dzIdC23qCxp-PB?(a}RdhTd;cewO?USft6LvhjRNn4tJ|+_SCUc&RPgGP{
zw$0P28?tNprw93Ic~|o;VY%4_8OwC>?69L}4{la1u+(aYNyt`nY}mx#J2Qp!dQcT_
zzD}te-Dy?bvQ`6L%s^9rQhlnmC+%Mx4fZ*=<hXDN?I@A35d4i<u!omUz%rPnFM9wd
z!q*^T<fF$R_GP!ssI_^baae1i&RsRn_+>`SQBe`5tJ($TlMJ`JjbgDYtt8JyJIzXP
zs9ovM?BgcK=gE^mSzFNG9a0V<7tm;Urbi=HcS~8fw977s0l?mtK464Je$FcwFiA>d
zpN8qWH5~1K)^AnD7)<|10D{DXvBz9PO`wcq!|X>yCeXT&Y%%>Wz;dpXoBeQXO5@v7
zU$xjg{x{;C0jx`%)Invu*RZ*_gks6O<D6t%CP6Tik{DIfDyktfI6Pk%vQ^+Hn+zxA
z%8?H+7w6Eqv3S%F?du;{L+G6;aW@n^p4SCUeL5#nH&2@=@?jKPc#E`>2qlk(3&d)z
zxPOl8E7l~B!gP?j-=1aT8<69W^lW8xt(%K>eoqX9_{Hj)`V&u1N<#S7I(!X1@yI1K
zy{H;Dov9;sg?jq_NLJae|3II2;4r<lGG=m1e~V4=t?N<Fu%*-D^qf4S%ND&~E%(**
z8%#W6!kC=4t8M^4zI5dSucI*mJo~<8j0H{BDvUvVY;pjO1!&ZEAk6g<43>uRj4cyi
z#;Zog$934M&z@|;IDzLT+iksJ3TpZxi0jm26G0S8F&nVqkTqy)cv$pT9oY7Vv;m{G
zU=BY)oXPwk{50&^a7gtR20$@J^JFE-7{Uh#*c!x*I21A(Fc-lYKUwS`&O-bE>8pP?
z`k9o~LNUT2Kf}ydN4T}Jhy1X!x($fU64Fof=AHAdk_Ca#gQcW+2OK)HUm7*SNQSaB
zYp%NK^;%IamiJy~+&YBsDssOL!=yfBP3?6%c#+%TO!C|6ca0k^tm60O!p>$$_g}pB
zrykT9<2W`)Ae7C>-eqF}2Vr?j&tUs<qriw6DqLVbqj1NEz)H_g%FxYWbh9HPC`gk`
z-wQH(Vn#!+ArN7miXcx-^+Klo4|zfxRAK31P>QislTm1&0ELlpMx|T1l4YaABfKtM
zV)u_>vPUD7oWn7VUYs8Pcktj^g#oj|P7Dkt<#2r2!=VXK&JkAnw~Zu?T)3v&5=OPC
zGJUJuQBbp>E`v5X$y&`ikOY=b%*lxZVH&L;G?MVToak~?I8L<R)XD$MtCYv)8#m;C
zHLW7AfZ{BLIPM_;S$p0Kv3oyepA@HHepbW?)h$k%%GqOr>c6|h#-SOMwuq&Mp=|g1
zsp0~m!XE+;7ln-oh#xCDVQxBF-bmvi*El)-T3bao!9nJHcr{L9OJE2~p4e28y`XX~
zuO`Gq_e$XS{8Xw{HR3o@frGejWN@(i13ovm(Jz^?dn6KR-a&U-|HlmhObTu`s!r1X
z6ux^IphuR$B@$Iz<8mP_<;vIYC&e=cmxLe_j|a0*-r^Rm{?q@i9RfG*JP19X@_v0Q
zJQE2eN1bASGW!wynGwCZy<?c&?V;*)_*<)jb-0?#<mJ>RjYKQT%gz{~0{S61=p8au
z*iP!frSk2(ZO!j#2(l8!4(Kvaw!SHh^Ad6IW5OpK&j8?>W+`{0uC(@o4@JnOghbl9
zmvp~1eSh&76vP8CrR$BmzxNYrX=P9d#W+DncP6^iv>8p>oB(AdyZr5zWZF69ndL?M
zfd5DDFMhP$9HseoyQ()*X!qoaYvW|kt2Bth66d(#<C?m$x&e`42%Jh{RxoE+p<uT?
zFNxJ76;2)AB-^x3J1CTqV}^vXW%IAQKV2F9Wax06H6VsqRb^}%94%M8uU0NAvi$cn
zKgSKuL?aXeI(B+T-DBtN28Sho^M8vic@%(xM@yS9Q_ru*ZOCP@Yz9Kat*+MScS;dt
zhnjM>UuQPh_nd4n!$JUJ>j8?N-^bHPyc|z_t?U)kJ%ju*HFAggHiuT=%e}vcP6#~K
zNBDh@0Eq#gX$PcuSYdz`uJEl@aSIo<D@Hcn?TG&DVxJUYfZd=Y+ZLQ?udRsrfOz##
zDPq$R|Ctf`G*v!3i}YMOMlG!&=|db{b5y3AN2Lmoa5uoDFqL9+c+m6EH4^aqHaVz!
zF>ojGvCuJ7?)K-Ly6?j<^9k4Gy=7iY$+m{10CcKPx(kYwY8PDD7zzrQ%8Wm}HmeOG
zwFuMobl3MUkuC{Tw~-5+IsRz5Re$ghtEJ&w{ogZf)$)=F7g?3I9=pyFF#7q+9`L?V
zw^Dl@cHho%MIlliXZhvP0keO=i^|xjcB)6+{U24gX%LUHo?LQuO;{>jODf&X0w{&o
zd12d`fL`8O=YyZ@f_dGt4go+Vae18k#cBbVjDjY<<`@n1g(Zm_G&(HF-6=At?R_#D
zsixdMBzvopCD6rT(!0a0LK6vh5Rc<L(~{fZW~rAen9=5Q(@?-3wHt!t@CD8|OI6V!
z3{v@t5MezItG4hQAc5frQAV*o0`nlui~sI*;o9zgGY5xZ&Z7-JiAE~uCDc|$VlqvP
zGdAW*mGOf{WJ5_<rldb3A`1NU^&<jfyj>$Puht`j&c(r~{T!ZezV1wDE-z(KfCVCn
zJpS$8!vF^ereAS3)>IsvKSs>x#?@MJ{>T?HC-@5vFy)&z>re9;E(UCyR4e-|4;pE&
z|7`zdu=S^C-<PK$H!cW#SLiq(c-&)iw7ybB%>&W$V*0%}qsaI47{&5y>HdNC`Z$F~
z@7K(&oR%`2bKJv(!6cV65S?$yK^%fhWh7lZn!^r5Wsl9{!@mEMlDgA}+}dJL3?&G7
ze2IpJC1v&rPov49r&uM6$NPGl4B$erl>t>!ldxOFs=vvbpV-+gsgBhBD<2sv<;2Rx
zZ*VcHTxhv9x4<`U!KlLW+hzspe3vtDt^i9wf3Tu_#UKKe;Y_wxz-a5w?Q9pUf0QC0
zB<Z}`j3M2RBU6$f@;A`;9@BB{LG<lKx`acewk3%fVYM%^VSX}j#~IXGy0Ea1CA@kx
zN1ca55lbID1K1vo2ph%VsHuUS3!j;Fz;LQyF<CLHg+t%U^jba>i-mb@ZRBSx2r)6U
zfT5L~om4=%zUi16SO772e;>@E(lWc-%Vicrm+NcFKnNKZb3bO$t2d)k?#HdJ{Ty#;
zy{-1lioHwA_ehDN@ge8Q6d_(~ws&zyWu5r=tEV^b^y4T6nlBP`vy8GtFCMPSY4rEM
z&rc?YnXaY7sX_#ewm^KMm7ZZ|<xY5MM3EH*SVB(DU;j+`I4|u)qXUox69wf1Ga`DO
z#~Y?R3f_~|18R6k_qL>}=@sKnSK@x<%wYV&0rUDDG*{NR^}*XXN~-~<%6SO61sv)W
zj~+Y|B-v9#Y(BJe@{W(m1@FYeOkpR^gR-OA|8&>py41$0eWjK#*Lx!>W_G-T`#k)Y
zz6eQg#6@^S)|;)-99B|_GHo{-)qeu5@D$AGUsF_xnf0%LZC>5%js^wDysTx%2aP&W
z2B&(TGV`LMUHScT8f|-ekNPn%4hbe-0wq8p6fAj_*isIgH~J~X*Y@Q&EbL6q`*j4k
zs04K^TQmp(S1A?x6yIZt#Q-JM1{UiSjL=f@3r*FjnUZ59Hlu?;x>N2V6;~(HiIE{8
z($dHb*RN=dWOui>cO&b9V`#0F`i#=(kJ-`r7$s%Wy^LI^cW!wJ6mkDL?!FSsiERgo
z=T3K8joAFqMM73?iVKkt>tta~Qs&q?>11fk$j>yNDTVXlm#2l?MxXc{Pi?$Ux(xsR
zG^cj97$7?MBZ3u2@%XYs!spQW0`OUs33{WHoiE+mJ3B<gD1Y8%GfS1;w>Mw@?fJH%
zhf;U=;ir;C?aXl2oSpa79wpGd*FRszZ2Ug|HJ4w@@ri^Qv~}JZSxBnS^&Hz!{Z>#>
z>KfGV&REcsksYAZ=o_G7w=PMLcF#sfTmv?(0w8ogZo|I?U|_XeaYDvUnh?RIE|nFY
z*LRZ>FuchQi08M^%Rgp8_@?L5-@6Fse1-Rb0GkJ_be~&C{(-f{_ODHA4pGL2U9g5;
z%^J2Jv>ITznT<`@cCPO~gZ;Tmu<WCRej$y^4)6>S6~g1yxPy2G^7{+jjI8m#s%R;Y
zwd$FDx(~#M3nrSg8s70FS8?f{IzqJ~=)HMeR)`jbNn|e1^EQ50K13M3>`;WEmEU1z
z$963Ur6}T`sCQ|0`PkS{OS1qAY7_{hpr9aQ<kwD>8519c&y>(Vx4dll90mz;RyaK8
z{kI@5e!HpAeXf6Z#<8?0#QJhlB_$PUqlFP|aYosBnFNeO@Fc8Rck7~R>21~OO{9(r
z{?_A%FaHjsh`PM+_os3Haiv}F{jBEkyLKibB{pBIxAT6y+2-zeynW806UtK)E9Z-w
ztxnV5<>5XN1*|sm<OqVkIko4)SrU#Ws<qLvAKwxdXVNi=<6#;*@;a$7&E4IYK|2^#
z(fCBY|A6~q*Ln1XNK)X+6GgtH0V}0d-M{qDw$hc~sSxBYVwlF0vw$*_Qaw8A>(Ac>
zer*+Imc{8JCL%Fe`n$<E@RLO~H(ICC(5-$$;?bSl=`vtFjO5tF$$#ATE$RBSLLTmZ
zv<|m;oDVn)9C&J))OsSz1POd$7(<^S?kMsu>eczpx#sol?RWVE8rTH!AROMOsRq>6
zzsN9%f!@<x6kih$DqrE%o>_vn;IU->87}t=A0GJBAV~2Laao;QoHD}{v-M^?dj?G&
z%Snb^Xjg_f)yQ&X4I6+a#ag);07JMzc3NMb4xK_tIJs2t=p#A`>+W#?5)G+PXjq5u
z6$3M~cK=j77uU|jiE-LfexRgIfK8QV$)&SvJ#5`+gc;hD{x1Kl&FTBfK8&)>Q!dd^
z!oiv91@3&<&QuYmTrAm3dv^Bo-D&x;Q+O_rQq=38%*T)2hrHna2~oGX;>O<OLVo*s
zczPlEQWJB}Z=aS`fE#nZ!IqtfjgUyd#LJ_=QyKz~lO|khpz|#I0<|^!7R;v*#adsb
z_j09(^eUju&>M-%WA+0}aF2nhEbJixhg^hc?8_H4bZluI9TEb<6dvzmybJtv)B3gU
z7N<F)di$$)i;e!+aTEfrI<<ALaDM6-yWlsl2??R0yv6F?nJhH#a%C2OyavCHqOs3L
zyWZT`_;>v*pB^8~&CP?J)63Q5mbrkMU#4UeM_@~<&^fZv1^wK2Qi-`_KyxC<#gYC^
zNy(#oeiz;DD?`Aw{EY>8;dZ#<)k;{-UDJw??<2ozE-+|$s*+5?9?QhL44GSgu+Klp
zwqoei5oXc>If*Eh@8gxII{O*iP~1Ux7SP{=L@wczlSeVfq#Lal*cn4a!m(&#{qHX6
z1qD&*>FJwTRI?+;aztY?1v66rTAyu=8khenCrn(G8w?X%^`>rQ=fI~X4i|rbL?tqi
zyBHQAujpPC-cPj4p1G~ud4?2q$Rc0G+|(GgkdbodrT-FlrhaTv+O}uNGhO+f@Pg*E
z&`I57m9gl)O|DPz)XJza7Xkh%si&u>pkqa))8T4E%=+)czkkiJh(|$P0S^<utdx?Q
zKQ7<WzBx<a(c^+p#s{Sd`&3FPD_U9^e0e|Rs*$K)O33SCQFJCEFLt*KuqheM!a%k0
zCHgW_O(p)BtT*}=H{mJG`|06oslj$~V<yX~6Wz<pi=0+eR1}ODOww!f<WyEsnS2gE
zL`O3P?o5mx>-tgcg);>LT3yV#%>9KAbfC!{=(S}@Q<`pFHDa_6Z!egGgtdl_D;pCy
z=c(H-7wy4h;>Y%Us;a84tX1~&Rk0yl0*;IBeiv2=jIH-qO5BJRpB4sw@trRYpNR;j
z3I7t-u2)rt++UgiqiD73KhF-AJiog(vBAKoS}gO@p|sSZ9_`5)6bVzO7Uz2_XXOgM
z4&v`kvL-7Wmm0@)kLEW~OXC^9n`@1|nhB7ZLYj+GdElP<e<ei*`uao?!Q<_Eo)l5@
zIKPLuEZU^XpfLR+|C=qJ@1L9If{+$aWyB;d8AIr<m>R1;t2q?C*Ikj4-UDRn7pVQA
zvuQ)gjXqy$Mi`^#lpV)q1S~ZIERv8ys`<0|6E1I`%{*Lvg?j58D)KN|!$>z(;99;W
zLC~qc?eTZ~AA0Wezb{%+aS}nX(MyObnCmpk8OrDA!WFBPZZ|}K4v%@2;BlY~4fB1L
zd}PHrF)*Z`!S?8n{+KWBLwly}^C@qcrFne&G#B+9pocPpjrOyxmQ+XNtLj45V?Rf}
zc#`r<O(K_;BAR+T13to;!bbSA?)H9WXT9ZC+R@nX5FZ5r^sf)H!-pDu_)d$NE~DQK
zQQ(RJS4uLH{5kJy77O>&*Cy2JH((86C)-kAiY*L#pQZDMBa3hGVG!<K%x0TvGJjsg
z47ehG+2Vv{V9aJrw)YWPHk!pVQ>RmX)y<<h_iB!3j=+(y;Eg>rzr<V|qhVCYfYpi}
zXd5-inSd_MTz6j%VyaiHw!dXq*9(aLz%-Gjj#+FE1RQN&gy%wAtum+LPT>Z&7Z6<U
zLIwc0Me#5zJR539T-{BIh&c%|U?lv{l(s`Zv3?9!bC#sR#m2#V(mkJcpFI@5n(`?%
zZyQT8xV%O&Nn6`F&G_)AV*d4jfA2lkg#pSip5ir+b$NICR>+J`Y72vi?EasqMQbX~
zdP|+R8n+Y4pHg#R?$VnS?>o45N64V)$;mP^d*Ppuo4n)f{-0Y)MiXuTaaXJfRc590
z&urnm`U<_*jHms?Bx6e1Y?@O{2drE0By?3R)+%9(1aIkQiN(=ubm(&xgm2>yNS7zm
z1Kln<NzVEDr=mVc1*rQ+-PsRvqbCJM<AtF}F`4!?wj_Rf_g<@{?mk+2S#kV*qrpGW
z1HOgnGhStBiMuoOc{a;{7()1`wSy>s>ptac3qN#NjXuHyJ|lxxz1bN{`aA8a?qfp^
zJUmnrV=h^rTozy3K9NGPT0CIqmf-5)hnPd8*v;6lUoo6(#-512G$ez5gZcYuAlvL+
z`>GCFi)_xMz6RP}xJa@O8oi*^y-`PX^NpG1yK*P9Vn18#LIMVrPK68l1fQIM<@($E
zKxONsfrMf1mr2#-4@9y?#p+3m{8CCfd+Mgv|9+k=WBB}MS+N?jklOv&D0-R9G&ll%
zWH?PpMA9ee?d*2y)s_bn`%y~j*HYC@VFJ?zS0?`aam|DMi}DDCPZs|p@_bcJ@&_nH
zmv%KJV&SQ2h~wW~6T(~)Q8ZYg+qj_7Gi-as2soPVid>jw@3>u-o=tClw229>b(7G1
zM!%DZ?h1*5MK={i(TZnLiUKWJ)M1%#PRF~GP_Z86wMVfhvyW;-pTx*|Bdu2GXc6e5
z23DqdD<iJ>M-dmopi}acVWT6hxMyJ19Z|*Y^5DeAlpXxcZTd5}n3E9e)$x67AizUq
z?1XCihfP(dj1-kP5423nx_pDkTD273P=Gd$s>q0`zWu|6f1oS+o+x$&EJFls;l|eL
zK-M;9zaA;8Vl2g_`Ds7vGYq^f58%w5PSJOWizewGdm1iiFa4mR9gsU+tf`e<aaqQ#
z-xF4I@Yz%w!!>c<b&W@&Z2q&hmZX~oxl|DDbU&+~ow$OeRaK;_El?CGNMDzacAs8*
zo`=T?O$};B)-stt1E?&>U!~Q$wNTpmIv{XwrcC$uqf=FN9)16yGCdnehBKq;`Xj5_
zm^<fH{S9wm@D-0*s%lxj?w*>j2J@qC!_3!pj|&a%giJD(A7rovf&b`aG8L_Yu-dc#
zPg|gY=Vz2U#NJ!*tFs%BiJEd>oR&sT%1BSb7H%MA>GG1XEIQbuKzamjCO@!#e(t|x
z#cHGBfdr?~i8ek)IVLFKSF=io_%9cmlkgUsqVN{)5~Kp0WOf$5-RDC_&I4`u_DGY~
f9{za+UI%I~vVPX`6RCgxO7Q|Dt143^WfuH@GKbC0

literal 8240
zcmV-0AkW{4P)<h;3K|Lk000e1NJLTq006T9002A)1^@s7TJ^hV00001b5ch_0Itp)
z=>Px#1ZP1_K>z@;j|==^1poj532;bRa{vGf6951U69E94oEQKAAH_*TK~#9!?Og|0
zlvmcC=g+^%#tK=pF`JER%;t}~F~&rV>qfIgjV&hjl4xQ_QBiClf`Whwid0ch5Rl$`
zliqs~1S^Wh5*s2af+FvK&UFR`1lJPANaj4xJTn6`-`wwf=brD}bKdh_iR9Opq-O7a
zxp)Mpj>mysqOETv#<}2VNhn+o7~ye8j!lS#Sx6Rt#){vo?JzUKg`e{ud+?LTGjZ+e
zNo+Ho+vaCFb?RKb-p(6&hx736yS>Ec)NWj_KuMARV-J4mLNQJrJ%p`>vs?YlP76yc
z)K~^LHxHO>+urn<xY!W*?fDd%nwo7MTvKx~e8N4UuD7tw&*&Q(AtyJt=8=E&>eb8j
zzg?-wxNtn{RUSo;@;3gbE>+p%4le(HNM2sC*rkhe6<IicF1PY=pDRC+fW!G-k3H4?
zpA5jE<U^P_=O;+gk{wWc_a=%9eA@hyqy0Lt950J{?177li{T$00E1lzA<4~j!o~AN
zNKM$)=9khEEph$YX=J7DY4bB%&3546!GlOjPR7*l$^H{#cjL(6K<u$GZ1YQ=2la$I
z*lKS1*bx^N7S{FZ-TQXCUq3v7{Y|Hb&VR9amOSa_6eGP0a@@febDh?d=bb@@8OgSM
z443B}RA_hv7HDW<+=TC%jY;ijN!X>j+S|Bu`zk8QvQ8d5glC!h_v-H8_N^=8806OP
z^4v2wUHZ%lh>eR!MnM`P;v$e!n1h1SGUVqM+!cdfuRj}SPZ!`uWreWX>~x1`8uZCy
zvCv&R1~oO6`1x!uipUYPb<22+Oj@h60saAj(A&Hjnrqe~C8r1`wr+5Cb!|MBn*PQ`
z;Com3iA3aN>_=qC7W90pTk6vedb8d<@cr$=xqS5g;BQFHOU4o{^`{#2+wc4piAhNh
z<}cB}ey0OivU~+L=x@f?-+bHpaq{!>kd~H)%*+f-n>Ov4F6&1h^+jBI3{-olRvPZy
zgnz3It&u3@QJ=<ADfL<9Px*aSIsYm9{<9nlaz1mQ^mX3Lrp$S5{%7QfK`6*Mh^(}|
zjbZDvih<r7=x><$+|knbNmFnjBnq3h7^CIj4X<7~P9b#x&YVgSVa17~G0*yg6&2-a
z^!;cYDGESAw(D~ZytJ$gNtub5vpW%H4(@O{==Sh<G2z=#UtfosJC(RwbAtl0JPNeD
zpZdp!5Bo%X|K^SJxO({*u3b5S<E4?$Gw9%b2mKJ68jGleXp|i<gZ4K2hgOhI!Ch){
zfC%0yub%<mAfzVpRPyP7_c7;(?@(8JixhAjKUZX<D9_`W2fbKhIesuTL1KC$;!@*L
zReb}Y;o)`SpBylrJ)MDj_wEQ2DJk@QY!LalK}Uv|i9uh#dP<mBW{TZYA4hHEC^$Ge
zBAEivtgI{q1_wjWGZBuiKA1dh1{w#=vG?uj%i=jFecv+=I?&fr3|eMlPkWqYtF-D(
zcbdb9R)SX6HV6$1gRj3ocJH-E%pnmEsfZ5-`5EGHVK{~0<zn*i4|VDCI{x`Vx0<IN
zbXjq*7&M!h^{ySz*|PqrPk!FwB^1>y#{m~t*zem9Qwse(eSB*_9XzDjv5M^Xn25E-
z&>?*h>-ITj&6<V2ef#P@&5!l$`3BrvOvRvmy?0>!-auG5nnP{0TE){2Tt!v2dff(H
z9Eyzvuf-cR+=>hc3=G6{iaC}pT?$oIRhwstql1I|L^x?^ZqRV^){W=&)xDqSQ(d}r
zx&Le2#m0>vdq)`=wGdfA!of-GGbSrW$vvaR<7tJ1D_^+<Ct6F$=tv_p-{&~-QF4#x
zmAqCWPhaWa%R8jmSZz0+2YcJ)e1=88p>Y}hRtC~tMFrDm{|FtuO_(}k)>CC4Dzef%
z#NC{uOU@i0p*$^T*YYXK%t{kMR+WO!r}y9A|0@m`_|n5$g#4VE;h1j9#G!cX8linf
z>xa4XVYkm2+m<eYaY#P)`-fx3oVl>yzrX&y_uqfyo~TxKBu+%aw{Kk*(J-f4u24kG
z$pBg&)Ly=HL@W<DvQSX=R?En6jR=&lQdG_*1&%*C^~2*hbv&NmUuT1`+^P9OvdJ7|
znA`3X_kND}bBeN2P*Q-zj8sgqjE6-?DzuF)keZhEK(-E4<FM|NPx^^ak25w64GlNz
z>+j)K^)I-5sSLb+DkJO8&vsFWqB&gT1T87JipNn`cUu?&=iJy3*Z@wSOcF_6v#kpi
zuITS)&%vRzWQ0XUARr>3QPJ52S+rtFLULvb;^N|<qi+aTH@Bvg7%Mt4b}wA^ucGOB
zh!kB<O1_LMzZ^xy>2w@D5++;+r@a-WXdibYF@p;8<3y-?|K45PthzwTFTv?k$tXP>
zBwWZd<O!cuTt-j$meO;ZP*6|+&NXh`Zi*A-6<D-80@^zrQFNpbF-eDzUzCs4o6O<q
zEou{!nkm}jpaBZ=LWM=M^|0$WdnN<Nj)V)pn4V-MTRAC2(R@)y%^EJOmla)o^CEtc
zy0B8Z0C`yl#CY0M(SPgx9yV?^5I4IOtJh-u#L0+DNFW7z!`a0J**Q7by=Skm+BG^l
zh$Sm_@QJ{RZFX??^tvHwQC3ys6(U;)`#e^3)s3HV?o1|*l}4a2*Nv2HElx_&ie`(J
zDf;rIQgUIbP#gILrYxL<;op9N`Ey6NtD^h-<Db~P#kkgCzoRIljh`}2JT%v>!{X(d
zFf!SSpr9alczPi&J|5F%eNUFI3k}Ux=-jpIBlV^MtiTQ0^Ra&2Qo7+B!R24dL|&{g
z*8^NMdFL-ZaOuc$bnf)O3Yn&?=o!;TW6tbJ;L<iLTDY*1Fp;GXiX`9c;EJG_0F0YF
zRuN;e(l^{9s@#<6M^JExC{g(M`3dXx^7X}DN*T<aw*W1zxHXwHWXJ$=7bPezj6(mu
z-Qi_7k>Y4Q%$_|P6DCZ+nl)?S;o))rt+(E~)!t{uITyBQ8|!UC(MQRJX|J7yVPAiN
ziu2`nbhfX<Y9mdYICBh>=S)=O4N-;8|Gc%G9a2+MsZuhXe_QRDk2Y-Bu>K!^{IRI#
z&Y3d@+S=MsQBnEj1;wl?6K8&h*tBR-#>p+o=93G3t`k&>Qk3#5rNd;RE=`HaL<WE{
zl}lB%m&m8PV&zh6@?$Jl@VL~akLi-8`lv*jI-D;3pDY{ZAbpLt#-t<tr?1?>(aOmx
zLecU{l+R(RxA=WUjZ3{nYEfQ^d2)(XmwP=>0lHF(Qht3glspG8OXbgRc1L{FHmH5s
z@A+cHUsvY+hQ^{Yar#W~!^G6AK}Gcq)>H2%{c@6@m$9h1=Vv>M>T+_NxhU339#d;<
z?-T0Ur4v#Ut&kXF_M*qqsHf#xYp~1J4`zFugtDz{cQ<tE+`0O(tHDJJCW~wsSFbs@
zQCb{Ch*)1*e!GjrO=OtOi^%r|yEz*W{=rXr;a$Xq5Af3Gu~fV$4gY7vC}ij5!y`Bf
zTYmfjcK(rAt#5=m3l@T52a=Zfqwd|i-K;3j6lu^)7Y^e*K@-nXE}{HnB2`uniNrc5
za3aI36scsjX;Vg13Lvw^g%57L@P`XRA3RAep&ewv5=tU%HMd1!X+Gl9;^C8=4|S(h
zIFZuTSFMAar`P>~g9bg+*Vr*%ptiP}K(E&*?RbfBq-P0NbW&u-E}k#MwQJ?I1RNI#
zn6Mx-MJc)JXlXJbZ^|FJ@SNPQIF%}3M6C1|q2%t}yH^(!6~Wub7m1lkh)#+T*!6_8
z1USVVhL&3f_IQUtOIrt9jHqFRGhz$^tGioGN%R`rCD8nBLK)Z8T(4xMv$D^S6_=HS
zAlT1X5lU9eOmlzq!e4!O;j5~Cu4bk4EMsubi%|0Fb?f2n7l8D<G(^TnA~h!!dBwR%
z%}zyZax9gu3bA6R8&;6dHj*iM+0rS{*V7P|OD9*s;5Ak@*X7O=NSLQ8cPj*VZ&HYo
zH|xzMSmD7t_4T!)dcxfjwY9gd-XS0y&$4r5#UfSv5D=$mC2P65yF=f`8cA7+NJvjW
zcx*T+J4z_|$nhgMeeN{0O&uw1ntZ!!*RCZ($zE<7XzCGMe8VcCTv<Kv$}bP=fk&nF
zKwo!lg(#Wx-_xg#fc@TWqR7B<k7n7;s-}8iDb)jWGaVJJ<au9>9t&5(fqKS;V2OPU
zY#cq2Rgl@tlCyKOv0;mu3@@r8l*}0XnDCuA;IKw0xt3f9S5dgC%s79((PR^hz{h>P
zLX^zE7a3+DZg@YRJ1UgSc-Cu#j{Ny-4o;LsQ>5WZD9PQ5QgZKJ@Abi=rOU9_VIRE6
z7xRrT=1?pQ_jp3v^$@)LgGkv~xL$RgLOL(egD`CP@Q3<hC9~zM)Sith@_oW5-+EYZ
zJu5A^7UXcj)k<MX=JA{^&w{__24Tqz8m^WWT+eX9m1}{S2V^C)c2)ALuf2AT(4erT
znjcq9wiuh>Fg0oMP0xuymRx*g#PdpXH*9eYMMO*t7U@{P$3L)6A_MWrl>FV?k-{gl
zlKDo%uQ_z%_>?<V_%n)B@}OD$ge9|*1;&?9tQ=u*l*1sM%v8JfR`MiGt<})ov>DnP
z^)O-TbcBb8!+7g9QQ783Ot$2``}ScoDV~e2=PzEuO1l72x|+Laag(lON@mQ1OvzU-
z9~bc{he!oEO~qD4Dmf``Pot9ghSwP76o=5l$XUMl+b&90{ZkKE+Sp>pE(>hmu@fc)
z6)++NPnr2WQc}}M$)-r43b%{vLHPLxz=}S**~l2Xy=)O48Clm|MfFxQC40E)Hd8Xg
zh`GAWEx0)u`x;M3kxJ$ptxU-b8(`o!H?C<LuR*`TAK~+ngAf&J(r!xrpI2T<`||5C
z2nq?gw_^1gf(C48tZ3_RF@ic3T{AN?;pXlEPcJV-M@M79QVnr2`uyLAJgx!FlsseF
z*HB+Pt5L}eq2eY7UR7lz+Xw|~EEZK`|1O<hy|-?~urJzE$qZwVS28!+$xu&LyKUhY
z<q7Kp7O-;`?TPK#7-Tq=pa538?P|B}+=bcm7r~IA0#44(*yrekwFK|-^zz31#p<vi
z<o<qVmzuA}j>jvnymGVIQ5d|=aVf{iDM>*>$)`EcKOBJE3`b}#`xZaV9E9WPGco?_
z56>#Xl6i4tYo*;7!f|JdEXuKTJcwXwfxPg`IV9!8D<VUv(w8tAo5*_O5)yBQgoYxJ
z@ECs72EjK!#$}LizPW6r7Cs*EX>$vfKghVTgN3`$T(L+fnFIaQ#Qk`$S9jE%7>iKX
ziTLTKpTG@;R4T7-@4P^C*j9W$>l<jV*TB)TTwErQB1bt(R;WYI))Y=|uDEpNJZ7(&
z1q~f_MJ@FW)ipHm<AOy<PEEa=M3DyH01r^8wshGFNS+W5Tw!HtB$Pb#^N-+XI}`^j
zCqqq54aT%IWXM2iX(<*gSfGfLGTgU!1Bwqv2_--5Lh{4l;e!yF6n@{)dk?IgEl_-{
z@TS`6;fl@-8cv@v13tcfh>VOvr!HMeo@u&v?%erQNl7s_Z`yo2DKQZzPo9L2kI(&~
zLx+O?SEr~PGAD{mw;N)@#Bm6V4~A!u8%BRO3L6bJfLmLfJomGLwO-n~N{=2ruI$-E
z7GrIVeH07!>C>maEq~MA(xqz`PoFT)hS0b`0eqP_RrJpXOFD{hj}j@|<F_!D!9xb$
zE-cA^V*jTUr6@%yFR94TIx+-|JYt4XJu(QFjsnKf@-<p{-A6&=ij~ugYKz~OJ?qGg
zFILhV1=UCXU=DH$HI@6j>_et4-nW;OOPabi%Uk@W{Ch=>D^~8eD_e|HW{fh3n~Y~k
zRnml?Yg5Vct*rxJfRZbv&n=alC-;7!0+kG@(&Uv~DffS0Im^|NGzTd5Y0X`z${j?0
ziaIDz$udhQm;3$lRtBz!amBVUxR&lhwH0?!-j<S;qLkmK@bbFogTKEcgG$X)szfPI
zDTe(hH9TO*P%Ni1-{5}@#UEaKjWfIqZ|mLOKh6eQwN(9E#73Hn$`m*GGk;NX{4Q)W
znv3_|>nY3K^!}Y+C_ewB!Gk^!yk%0oBq{aMWJ{kBgA#*bw@~SHwXPo2SFRE77gKtE
zpVNT{GpXgh$DjW!OI1BLh?fsw*sWU^qC?g|NkM?9Q84m>k!Zz4=*0zk?rr5xZLTA8
z(TYI?QK4I*zHpq3S>yNOwYjyuV(yP)5Eo@3DwTQEbj_@q3=iT-9}#SXwOW&9dihl@
z(#tr}-}&pim_{tXRA+*jl?|3?>S6b+G1z_37Y=?QM2KaBISbW=aqn^1_rQYi00TZ7
zh}T~GBbQ0kp2njD5BjVh{C%vc<2_r{<QeJ5%ybNZU_ct9U${=sMM0(=;BqqaDKM6R
z5sJr3qwba;Pp*v#w^bB_$qTzx(qzB6Y2!jV?*M_o;c`Du`ZDRHFA<a8yZNLiFkdE7
zKRfPSg|Gh8|96!rfA!T@&&^j~A{y5n35w<87l`b_EJP(nAv84ut6Wks-ys<$fthd!
zih?z<4X)7E7ZlhVHW}ccyGH}#GKk-(S|Z1dAumO<sJ}TUD+0F&8_Y;bhHX_|J0k#p
zj4oo90mh{<2!;vn83f4m4i%@<grO7ivWn4{j6!0N3?q>uf_HT^V`fk4^5F-)5$Ly@
z&O1vWPA~pkC?-9F)R|YLanhfVP5Nk|580$YNl*vU)9n*wF|agW^+NF0FGyT|_;D__
zn(ah<ViKI({g9rMhLr3SWaMWEIC6S!8j>=S1lOm3S`p^hC1JTsI?Mu+;S>~!O*`$d
zR7)Gi1SpD(j&7Jcf4;1+E$(t^GI$&TifZoPzbhz%7>8X$#4ikfXO<mCP6==iA#527
z$bisWRhO>vGaEY_`8hd5W-lEYu&tvQ^MFAE`yo3sOtAYfb@{F8OX77^<vD?!|8JB2
z^2M^-Ob5kA&+RyD<lM|)Zno_AV$74i9y?YL=#-Wng_(^bQi$q_arK!683>FdBr<tu
z-a3JenNi8ni7_ZHE2j6!WbheqNj!p?HVIhcnuP7np;*3p146<ht}-M>rbA)OrY7nb
z@zuWs9Gme)7tR-+s=0IH&VvW_sJ~w)u<!Tk?%uk8zpjRPvDnDjxS5!YyE+(A$IR=;
z=r+r@S4P$a`Wki=V{V-A1vwr!?$Km#n)KDJPI~4IBcrcm{#`b9HgaZ^XOtf|jIfvH
zkZi{`_1}XrtMnnpJ;uvcRGfv8xjiDHBamC1g@lZFgvNw6dS-4IVPj_M=%P|7?G_Qr
zW#(n!+Kp?-FU*IPqd!*anqUusSK<k4J8IOZ#@5xw3&jt2XB`Cj7-GPH{sJ(Uof$9i
zTo0u|FgnW&`I?*|Gjj2GS)@QOvLWZv!pF~3w?i4TwZ#hb@Ba~uw=5GeF+)+WUO9EH
zw)XZlZoZ+3ez(5<e(eK#&386##$iL|h8*_N9FlQ}aa0(xui%k0HJRVhjalXO*I&Q3
zlfd6)M~`Bm8KLcimr<*NCCrJOJv2I;$oP^F78^#5I4Q!IV^g@TEFXapK`1*>CYp1O
zpE{1>(qcHc_+k0RT`(Ykczi-)z50@+%_uX)g<|D0UN|Yi1^(V96effV9JAn=lNvL7
zXXZiYn3`L_I9}v9k>f*N46;Y(mR(-pFngC2Ox|IPIW%Cipkd2Q-AA4^4r9iQzy}|E
zfZ$*+(Tc(H;K6;-o5)_8b;mt945Z|~9EJt+;*c{z%-GLaj%{0h?1;v!Mhm@?z901y
z8Hr^pSBZT|7B5>)Eh8HVa8GN8W5?m(8;Kdl?$F#H1sy9l?05A-UQsT2;fzMl%*>OA
z%MOz<A0r5}9~SA_!ramd!J(ly4UCK)A+~MinK?Ug>B13Yq_|Q4_(tjiwtd+4cmLsz
z1{^1He8_Pj$AhO&CW{3QFKoCYj5z?gD@?94qQe+-F(G>+g0@nti#@#EH^axnh;)$G
z*jLoh@IX9sOw9{uCYt2MAuo_Q1H^1?j1K0k2B$F7h<H-UJ=hV9*--V3Ki&G8nh>}%
zk4YoBVIe#s68Qx2-mz;Jb>tBVac-_)?O#pZ(krM~!mqQkbI1dq#(HZ{taD3-wqp=B
zS&~zw{S!*cN^tJNIk5+i#ztFM+wDV0Som!N>XTAc{nPn2<3WC?{Wt`P#AWO0X3@+u
zv$tVGzAk6T+;PY3%}nUPhMXs7$Q{v``JC7@hXtDpBfWV32r;GVbEqMuf30aWWZr&+
z^~c!_&T1TMVaPHD)tA_qIYv$TY|vn6kmp^sc0J}%%5C_l(PDcEZqBo$E*lqWEnsF;
zcTZ2~=x!9f3)$J(#2jJ^FQT3ekBERJy=F#Lj;W)fV^Cgx8WBlZSYhb}lYlgAwD*Ok
zu`|r9_md%qiAnO0kNUMr@zTtg*|T!Ez*z}-W4?3en#f`>3pIB&GL0<fRk?`5#S>;F
zk##tBbYuQ<+UL->Tqj~?4z*;S`R?5+k=>AGch0uR?l40wGp5M1)V_?y{MTN+?rfvI
zP>44O#?)2HRXjuEt)kJ9JDl_k46%^5KKqtBP!~{FDKFA^ry6_esb+#ye$CsWZP3#b
z+bH@61i+X6Zee9DHigmOvIU!nTs43?q?i)e=70w_SvZP~V=QfU*AE)<uQsXWpU9Yb
zmCkhTOhO_v<T7E%-l7n|MF4q2?#RZ>)jin)P~MoiZ=H9=x+Kz+Sr2y+%JPHG`uSM5
zW)9*HSyM5}kQT;zFSRju>e3be{A>_;RJ&UoCfL|fYmDt~(dBDFEixR_@}8eFXw!y=
zMBxwP<(c%}-Gj&p$e4E$%@BKVZs!XP3m3-h>*o(U>T{2Xj1(SxqiD<4$9i2|@x4t3
zh7Ci8efii8AQ~?ebCB%Xq1CD}^E2m2&&cIS*^u+ekh5AbWLIK?pD=!q{DoRZkJTO7
zm~YZ^W15n)JCvqm+GrCyWB5jSQTH6teJq@UAzux`zsLLw{XYK(rcN6AGKLvkph$ZE
z!@ihAyNhsFbWmvMUETz07=;<%Or3`5#1F2uegh0lwo_A^5mr(dV!Yi9wq*FalxtR}
z%_?_N9PK~`&D#ougoYuCh#0n-n&QX#3&?BhW4rk-_TYCHYAnAu<V!X1B$E7>9x`#E
zIFn(rWg%wG91nXt1HmuOoG-G}+_lRm9?6mNMP;y2YJvsf5w>IO=s|eDPfzsxbGHY*
z-&Nt}HS~G6Q-h)QSNl7HXWnnW7Mo}n(nSlV(jCm}5o6{s>|BfN4jZ%WfrBuxc80yT
zKXy9U<67k<#H7#`eB~vW_QO=ZK>9DUZvH?e>an!JE|b=CJR1=ebvuCy8BVTl@FH*P
zO{Hs&k3EPIfIaL%A|hgv3tkY~?cFN~?|H)#Cdub59DMx)ZZeYYd)g^x^!N$jU0bEz
z_=&JA!Q6~3Jn8`h%>H2_Jl(C}<Y?Jw%)IDhLp~~J$ZpQM_<NtX@#)7saWwrW)SO+8
zXrGCQ3(<iY?d$&Ln{U?i?%g|7^6~>}8jX3`(y0_O{Dd`H3*hBp3te3;(Z|fj%xO58
zAv2+pqk}#^8}cd4-JP-9!B%X^xaWWiE>aUYb&3)-f;Xltm?&fQ>j<DDHKKz&|J{@+
z!l=Ka9UPekCoLo6W_m^jBBP=ZLD`KkVshd5H#j7OHX8^=dS>Q5%23o97?}v89{KfX
zbnDiQGZmAb=hor!_S-$+;$-|tn88VZ&XImUb0m7b(-rF%s^V14-w@~g4kBHK!_;6p
zR%)(<26f&~_~sjGkawj#>=?SxWk^X$0VU2GUh)g2#rW;$@a;%Rv?mX}Ot2oLB!@J5
z=8F_!oRFp|*^nnp{RXL7gfmEwf`O$T_6Ejcy1u?J<{wth!qz=Th)xNI#;PUtv(>-v
zXn-t%x_qNYkLo1^3^KR07Pw`m<xELQ#fcLq5E~mOJhr8c4F(PVyj|hL^P~r-s@KQp
z*Y86n6{snrZO<)s?YeD41Mv3t!sN-5F`vL5<~w&{#E22_qFYHAadm`+h1I*!tz^=q
zNiZ-lK&MWf?sbrh#NMK6^28CeF|Tj4Fr&02fv7#kV*Zl37&mEb!yjM&W7Q<u?PH^<
z4%~wd!r9NMAvGtds`S+1+Uqy2;_~%N$Sh39;?)cA_PafgOFF)=O(lKu$tM^$ZXAfq
z@SNmD5kvIv-{1I+H{NL2LqR<APm#e=IAK<2Vr+cx7?moCuH?Qq?MpL*s5&N2oQR%1
zd)CoruQ`&Ai`!L^ULcO=imV)WAtW}iAt5u4FbA<n$t8-_l*k6_{g(LCn{Qm#T)%==
z`{u|!oZT>M?#!o(1C`Q_^5KUcE@1i>26<RnS&6NcM~)oHv#pvqa~J=PRipNoci+yk
zbF_tTxYvWwxFAF(M!+@Tzyni@ZNDYXd!@AHq5Adf_m)x(t;da058PX+4y7nXDN0d_
zQk0^UmtL4I#zF4AjA4qYWMs554y}BTX=T(UP1HEk<-YGLd3pD^lkFcE+v4vsek0jl
zgfiM4*>@@>%~`_ACC%w}I+DI(B~AMp`bwI3on(6-s<!yNgPaZVXH6wd3~K`=O;kpz
z(&NgGp(APHveJ>W%|1_R%(B7i$UV1q!OI_Wj6N^9G0P0kSMFk{OPW~PS{k$bBxuc;
zJDR@ajX73&E;_9^07)AYzq}16s@~$*t?9Y^NsYOWbSC7rxInELbfu(e`&apk+)<2K
zrW<*W+m<oQ$k3)gM(G_%Uo8zzB57jeYt5i#-dOfpN9v7bUUr~dG|-wimOQC3D@7?v
iQHoNOq7<e4it_)-+9~<2qcuwa0000<MNUMnLSTZKnjsAU


From bdce718e98140a034591b59d30a183d1639f25b6 Mon Sep 17 00:00:00 2001
From: ImranHabib <47118050+joinimran@users.noreply.github.com>
Date: Thu, 21 Mar 2019 15:17:24 +0500
Subject: [PATCH 06/22] Update
 manage-alerts-windows-defender-advanced-threat-protection.md

---
 ...-alerts-windows-defender-advanced-threat-protection.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md
index 56f599b483..4ee7568546 100644
--- a/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md
@@ -69,6 +69,14 @@ Create custom rules to control when alerts are suppressed, or resolved. You can
 
 2.  Select **Create a supression rule**.
 
+    You can create supression rule based on the following attributes.
+    
+    * File hash 
+    * File name - wild card supported
+    * File path - wild card supported
+    * IP
+    * URL - wild card supported
+
 3. Select the **Trigerring IOC**.
     
 4. Specify the action and scope on the alert. <br>

From 1ee42b188e993976cb7ef570ef10b151b3e7dc3a Mon Sep 17 00:00:00 2001
From: Justin Hall <Justinha@microsoft.com>
Date: Thu, 21 Mar 2019 10:46:06 -0700
Subject: [PATCH 07/22] Update windows-defender-exploit-guard.md

---
 .../windows-defender-exploit-guard.md                           | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md
index fa61cccc67..9769ee3e6a 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md
@@ -60,7 +60,7 @@ This section covers requirements for each feature in Windows Defender EG.
 | Feature | Windows 10 Home | Windows 10 Professional | Windows 10 E3 | Windows 10 E5 |
 | ----------------- | :------------------------------------: | :---------------------------: | :-------------------------: | :--------------------------------------: |
 | Exploit protection | ![supported](./images/ball_50.png) | ![supported](./images/ball_50.png) | ![supported, enhanced](./images/ball_50.png) | ![supported, full reporting](./images/ball_full.png) |
-| Attack surface reduction rules | ![not supported](./images/ball_empty.png) | ![not supported](./images/ball_empty.png) | ![not supported](./images/ball_50.png) | ![supported, full reporting](./images/ball_full.png) |
+| Attack surface reduction rules | ![not supported](./images/ball_empty.png) | ![not supported](./images/ball_empty.png) | ![supported, limited reporting](./images/ball_50.png) | ![supported, full reporting](./images/ball_full.png) |
 | Network protection | ![not supported](./images/ball_empty.png) | ![not supported](./images/ball_empty.png) | ![supported, limited reporting](./images/ball_50.png) | ![supported, full reporting](./images/ball_full.png) |
 | Controlled folder access | ![supported, limited reporting](./images/ball_50.png) | ![supported, limited reporting](./images/ball_50.png) | ![supported, limited reporting](./images/ball_50.png) | ![supported, full reporting](./images/ball_full.png) |
 

From 9ab0b41f01d9d871fafdeb8c2b8dfff3d4c9fea5 Mon Sep 17 00:00:00 2001
From: Joyce Y <47188252+mypil@users.noreply.github.com>
Date: Thu, 21 Mar 2019 23:02:55 +0500
Subject: [PATCH 08/22] Update
 windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md

Co-Authored-By: joinimran <47118050+joinimran@users.noreply.github.com>
---
 ...manage-alerts-windows-defender-advanced-threat-protection.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md
index 4ee7568546..def3b4e6b7 100644
--- a/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md
@@ -69,7 +69,7 @@ Create custom rules to control when alerts are suppressed, or resolved. You can
 
 2.  Select **Create a supression rule**.
 
-    You can create supression rule based on the following attributes.
+    You can create a suppression rule based on the following attributes:
     
     * File hash 
     * File name - wild card supported

From 9d0d0e6552a6f81f9072ba78aaa930516d519215 Mon Sep 17 00:00:00 2001
From: Joyce Y <47188252+mypil@users.noreply.github.com>
Date: Thu, 21 Mar 2019 23:03:09 +0500
Subject: [PATCH 09/22] Update
 windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md

Co-Authored-By: joinimran <47118050+joinimran@users.noreply.github.com>
---
 ...manage-alerts-windows-defender-advanced-threat-protection.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md
index def3b4e6b7..fe70b2cba7 100644
--- a/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md
@@ -67,7 +67,7 @@ Create custom rules to control when alerts are suppressed, or resolved. You can
 
 1. Select the alert you'd like to suppress. This brings up the **Alert management** pane.
 
-2.  Select **Create a supression rule**.
+2.  Select **Create a suppression rule**.
 
     You can create a suppression rule based on the following attributes:
     

From 6512e3e3a5d7773497ac46491ebc8b7f0a6c8730 Mon Sep 17 00:00:00 2001
From: ImranHabib <47118050+joinimran@users.noreply.github.com>
Date: Thu, 21 Mar 2019 23:48:06 +0500
Subject: [PATCH 10/22] Section header was missing

In the article, section header User Account Control: Virtualize file and registry write failures to per-user locations was not formated.
---
 .../user-account-control-security-policy-settings.md             | 1 +
 1 file changed, 1 insertion(+)

diff --git a/windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings.md b/windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings.md
index 4b0bf32fe5..3964a0f292 100644
--- a/windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings.md
+++ b/windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings.md
@@ -95,6 +95,7 @@ This policy setting controls whether the elevation request prompt is displayed o
 
 -   **Enabled** (Default) All elevation requests go to the secure desktop regardless of prompt behavior policy settings for administrators and standard users.
 -   **Disabled** All elevation requests go to the interactive user's desktop. Prompt behavior policy settings for administrators and standard users are used.
+
 ## User Account Control: Virtualize file and registry write failures to per-user locations
 
 This policy setting controls whether application write failures are redirected to defined registry and file system locations. This policy setting mitigates applications that run as administrator and write run-time application data to %ProgramFiles%, %Windir%, %Windir%\\system32, or HKLM\\Software.

From 2547d4c93b23392a7b511bb10170674a26a74c4c Mon Sep 17 00:00:00 2001
From: Ken Withee <kenwith@microsoft.com>
Date: Thu, 21 Mar 2019 12:33:01 -0700
Subject: [PATCH 11/22] Removes ms.date since format was MM/DD/YYYY which was
 interferring.

---
 .../threat-protection/windows-defender-atp/exposed-apis-list.md  | 1 -
 1 file changed, 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-atp/exposed-apis-list.md b/windows/security/threat-protection/windows-defender-atp/exposed-apis-list.md
index 55933fb093..2be8b96e04 100644
--- a/windows/security/threat-protection/windows-defender-atp/exposed-apis-list.md
+++ b/windows/security/threat-protection/windows-defender-atp/exposed-apis-list.md
@@ -14,7 +14,6 @@ manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
-ms.date: 30/07/2018
 ---
 
 # Supported Windows Defender ATP query APIs 

From c2faa8d11fd420335b408c7884f269f33a22b527 Mon Sep 17 00:00:00 2001
From: Ken Withee <kenwith@microsoft.com>
Date: Thu, 21 Mar 2019 12:34:24 -0700
Subject: [PATCH 12/22] Removes ms.date since format was MM/DD/YYYY which was
 interferring.

---
 .../run-advanced-query-sample-power-bi-app-token.md              | 1 -
 1 file changed, 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-power-bi-app-token.md b/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-power-bi-app-token.md
index dbbd0cd122..9282b0c321 100644
--- a/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-power-bi-app-token.md
+++ b/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-power-bi-app-token.md
@@ -14,7 +14,6 @@ manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
-ms.date: 30/07/2018
 ---
 
 # Create custom reports using Power BI (app authentication)

From c7c917278a4dbf58c59df26a68f5af305389d055 Mon Sep 17 00:00:00 2001
From: Ken Withee <kenwith@microsoft.com>
Date: Thu, 21 Mar 2019 12:34:49 -0700
Subject: [PATCH 13/22] Removes ms.date since format was MM/DD/YYYY which was
 interferring.

---
 .../run-advanced-query-sample-power-bi-user-token.md             | 1 -
 1 file changed, 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-power-bi-user-token.md b/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-power-bi-user-token.md
index f4b88a4481..336ac77edb 100644
--- a/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-power-bi-user-token.md
+++ b/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-power-bi-user-token.md
@@ -14,7 +14,6 @@ manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
-ms.date: 30/07/2018
 ---
 
 # Create custom reports using Power BI (user authentication)

From 361c4fff1e9866a394988119173d4e569a689640 Mon Sep 17 00:00:00 2001
From: Ken Withee <kenwith@microsoft.com>
Date: Thu, 21 Mar 2019 12:35:12 -0700
Subject: [PATCH 14/22] Removes ms.date since format was MM/DD/YYYY which was
 interferring.

---
 .../windows-defender-atp/run-advanced-query-sample-python.md     | 1 -
 1 file changed, 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-python.md b/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-python.md
index e823425018..07bb15a7cf 100644
--- a/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-python.md
+++ b/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-python.md
@@ -14,7 +14,6 @@ manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
-ms.date: 30/07/2018
 ---
 
 # Advanced Hunting using Python

From 3c5a03b17cb66ea6382a7d81f60a7be5cc3bd5dd Mon Sep 17 00:00:00 2001
From: ImranHabib <47118050+joinimran@users.noreply.github.com>
Date: Fri, 22 Mar 2019 11:00:32 +0500
Subject: [PATCH 15/22] One parameter was missing

One of the command parameter -p was missing in the document. So I have updated that parameter.
---
 .../using-the-sdbinstexe-command-line-tool.md        | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/windows/deployment/planning/using-the-sdbinstexe-command-line-tool.md b/windows/deployment/planning/using-the-sdbinstexe-command-line-tool.md
index 7bfbdc5b72..5ecbefe38b 100644
--- a/windows/deployment/planning/using-the-sdbinstexe-command-line-tool.md
+++ b/windows/deployment/planning/using-the-sdbinstexe-command-line-tool.md
@@ -25,14 +25,14 @@ ms.topic: article
 
 You must deploy your customized database (.sdb) files to other computers in your organization before your compatibility fixes, compatibility modes, and AppHelp messages are applied. You can deploy your customized database files in several ways, including by using a logon script, by using Group Policy, or by performing file copy operations.
 
-After you deploy and store the customized databases on each of your local computers, you must register the database files. Until you register the database files, the operating system is unable to identify the available compatibility fixes when starting an application.
+After you deploy and store the customized databases on each of your local computers, you must register the database files. Until you register the database files, the operating system is unable to identify the available compatibility fixes when starting an application. 
 
 ## Command-Line Options for Deploying Customized Database Files
 
 
 The command-line options use the following conventions.
 
-Sdbinst.exe \[-q\] \[-u filepath\] \[-g *GUID*\] \[-n *"name"*\] \[-?\]
+Sdbinst.exe \[-q\] \[-?\] \[-u\] \[-g\] \[-p\] \[-u filepath\] \[-g *GUID*\] \[-n *"name"*\]
 
 The following table describes the available command-line options.
 
@@ -78,8 +78,14 @@ The following table describes the available command-line options.
 <p>For example,</p>
 <p><code>sdbinst.exe -?</code></p></td>
 </tr>
+<tr class="even">
+<td align="left"><p>-p</p></td>
+<td align="left"><p>Allows SDBs installation with Patches</p>
+<p>For example,</p>
+<p><code>sdbinst.exe -p C:\Windows\AppPatch\Myapp.sdb</code></p></td>
+</tr>
 </tbody>
 </table>
 
 ## Related topics
-[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
\ No newline at end of file
+[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)

From ba7f27f2e8b2d21069edc57f01e20e7e1686464e Mon Sep 17 00:00:00 2001
From: illfated <illfated@users.noreply.github.com>
Date: Sat, 23 Mar 2019 10:52:57 +0100
Subject: [PATCH 16/22] Policy CSP/DeviceInstallation: add missing path folder
 DeviceInstallation

All the other SyncML samples contain the correct path, except for this one.
Even the section title for this sample states that the key sorts under "DeviceInstallation",
as well as the DeviceInstallation policies list on top of the page.

Resolves #2988
---
 windows/client-management/mdm/policy-csp-deviceinstallation.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/policy-csp-deviceinstallation.md b/windows/client-management/mdm/policy-csp-deviceinstallation.md
index 61f823bd03..a976e68696 100644
--- a/windows/client-management/mdm/policy-csp-deviceinstallation.md
+++ b/windows/client-management/mdm/policy-csp-deviceinstallation.md
@@ -422,7 +422,7 @@ To enable this policy, use the following SyncML. This example prevents Windows f
             <CmdID>$CmdID$</CmdID>
             <Item>
                 <Target>
-                    <LocURI>./Device/Vendor/MSFT/Policy/Config/PreventInstallationOfDevicesNotDescribedByOtherPolicySettings</LocURI>
+                    <LocURI>./Device/Vendor/MSFT/Policy/Config/DeviceInstallation/PreventInstallationOfDevicesNotDescribedByOtherPolicySettings</LocURI>
                 </Target>
                 <Meta>
                     <Format xmlns="syncml:metinf">string</Format>

From f6c83fedd84beb9039cb81c0fbfd9020d230138e Mon Sep 17 00:00:00 2001
From: Jose Ortega <jortega928@yahoo.com>
Date: Sat, 23 Mar 2019 10:52:25 -0600
Subject: [PATCH 17/22] Solving issue #3026

---
 ...ualization--ue-v--20-release-notesuevv2.md | 28 +++++++++----------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--20-release-notesuevv2.md b/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--20-release-notesuevv2.md
index 681806fa2d..d35bddc2c4 100644
--- a/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--20-release-notesuevv2.md
+++ b/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--20-release-notesuevv2.md
@@ -32,55 +32,55 @@ This section contains release notes for User Experience Virtualization.
 
 When a computer has an application that is installed through both Application Virtualization (App-V) and a locally with a Windows Installer (.msi) file, the registry-based settings do not synchronize between the technologies.
 
-WORKAROUND: To resolve this problem, run the application by selecting one of the two technologies, but not both.
+**WORKAROUND:** To resolve this problem, run the application by selecting one of the two technologies, but not both.
 
 ### <a href="" id="settings-do-not-synchronization-when-network-share-is-outside-user-s-domain"></a>Settings do not synchronization when network share is outside user’s domain
 
 When Windows® 8 attempts operating system settings synchronization, the synchronization fails with the following error message: **boost::filesystem::exists::Incorrect user name or password**. This error can indicate that the network share is outside the user’s domain or a domain with a trust relationship to that domain. To check for operational log events, open the **Event Viewer** and navigate to **Applications and Services Logs** / **Microsoft** / **User Experience Virtualization** / **Logging** / **Operational**. Network shares that are used for UE-V settings storage locations should reside in the same Active Directory domain as the user or a trusted domain of the user’s domain.
 
-WORKAROUND: Use network shares from the same Active Directory domain as the user.
+**WORKAROUND:** Use network shares from the same Active Directory domain as the user.
 
 ### Unpredictable results with both Office 2010 and Office 2013 installed
 
 When a user has both Office 2010 and Office 2013 installed, any common settings between the two versions of Office are roamed by UE-V. This could cause the Office 2010 package size to be quite large or result in unpredictable conflicts with 2013, particularly if Office 365 is used.
 
-WORKAROUND: Install only one version of Office or limit which settings are synchronized by UE-V.
+**WORKAROUND:** Install only one version of Office or limit which settings are synchronized by UE-V.
 
 ### Uninstall and re-install of Windows 8 app reverts settings to initial state
 
 While using UE-V settings synchronization for a Windows 8 app, if the user uninstalls the app and then reinstalls the app, the app’s settings revert to their default values.  This happens because the uninstall removes the local (cached) copy of the app’s settings but does not remove the local UE-V settings package.  When the app is reinstalled and launched, UE-V gather the app settings that were reset to the app defaults and then uploads the default settings to the central storage location.  Other computers running the app then download the default settings.  This behavior is identical to the behavior of desktop applications.
 
-WORKAROUND: None.
+**WORKAROUND:** None.
 
 ### Email signature roaming for Outlook 2010
 
 UE-V will roam the Outlook 2010 signature files between devices. However, the default signature options for new messages and replies or forwards are not synchronized. These two settings are stored in the Outlook profile, which UE-V does not roam.
 
-WORKAROUND: None.
+**WORKAROUND:** None.
 
 ### UE-V does not support roaming settings between 32-bit and 64-bit versions of Microsoft Office
 
-We recommend that you install the 32-bit version of Microsoft Office for both 32-bit and 64-bit operating systems. To choose the Microsoft Office version that you need, click here. ([http://office.microsoft.com/word-help/choose-the-32-bit-or-64-bit-version-of-microsoft-office-HA010369476.aspx](https://go.microsoft.com/fwlink/?LinkID=247623)). UE-V supports roaming settings between identical architecture versions of Office. For example, 32-bit Office settings will roam between all 32-bit Office instances. UE-V does not support roaming settings between 32-bit and 64-bit versions of Office.
+We recommend that you install the 64-bit version of Microsoft Office for modern computers. To determine which version you you need, [click here](https://support.office.com/en-us/article/choose-between-the-64-bit-or-32-bit-version-of-office-2dee7807-8f95-4d0c-b5fe-6c6f49b8d261?ui=en-US&rs=en-US&ad=US#32or64Bit=Newer_Versions).
 
-WORKAROUND: None
+**WORKAROUND:** None
 
 ### <a href="" id="msi-s-are-not-localized"></a>MSI’s are not localized
 
 UE-V 2.0 includes a localized setup program for both the UE-V Agent and UE-V generator. These MSI files are still available but the user interface is minimized and the MSI’s only display in English. Despite the file being in English, the setup program installs all supported languages during the installation.
 
-WORKAROUND: None
+**WORKAROUND:** None
 
 ### Favicons that are associated with Internet Explorer 9 favorites do not roam
 
 The favicons that are associated with Internet Explorer 9 favorites are not roamed by User Experience Virtualization and do not appear when the favorites first appear on a new computer.
 
-WORKAROUND: Favicons will appear with their associated favorites once the bookmark is used and cached in the Internet Explorer 9 browser.
+**WORKAROUND:** Favicons will appear with their associated favorites once the bookmark is used and cached in the Internet Explorer 9 browser.
 
 ### File settings paths are stored in registry
 
 Some application settings store the paths of their configuration and settings files as values in the registry. The files that are referenced as paths in the registry must be synchronized when settings are roamed between computers.
 
-WORKAROUND: Use folder redirection or some other technology to ensure that any files that are referenced as file settings paths are present and placed in the same location on all computers where settings roam.
+**WORKAROUND:** Use folder redirection or some other technology to ensure that any files that are referenced as file settings paths are present and placed in the same location on all computers where settings roam.
 
 ### Long Settings Storage Paths could cause an error
 
@@ -90,25 +90,25 @@ Keep settings storage paths as short as possible. Long paths could prevent resol
 
 To check the operational log events, open the Event Viewer and navigate to Applications and Services Logs / Microsoft / User Experience Virtualization / Logging / Operational.
 
-WORKAROUND: None.
+**WORKAROUND:** None.
 
 ### Some operating system settings only roam between like operating system versions
 
 Operating system settings for Narrator and currency characters specific to the locale (i.e. language and regional settings) will only roam across like operating system versions of Windows. For example, currency characters will not roam between Windows 7 and Windows 8.
 
-WORKAROUND: None
+**WORKAROUND:** None
 
 ### Windows 8 apps do not sync settings when the app restarts after closing unexpectedly
 
 If a Windows 8 app closes unexpectedly soon after startup, settings for the application may not be synchronized when the application is restarted.
 
-WORKAROUND: Close the Windows 8 app, close and restart the UevAppMonitor.exe application (can use TaskManager), and then restart the Windows 8 app.
+**WORKAROUND:** Close the Windows 8 app, close and restart the UevAppMonitor.exe application (can use TaskManager), and then restart the Windows 8 app.
 
 ### <a href="" id="ue-v-1-agent-generates-errors-when-running-ue-v-2-templates-"></a>UE-V 1 agent generates errors when running UE-V 2 templates
 
 If a UE-V 2 settings location template is distributed to a computer installed with a UE-V 1 agent, some settings fail to synchronize between computers and the agent reports errors in the event log.
 
-WORKAROUND: When migrating from UE-V 1 to UE-V 2 and it is likely you’ll have computers running the previous version of the agent, create a separate UE-V 2.0 catalog to support the UE-V 2.0 Agent and templates.
+**WORKAROUND:** When migrating from UE-V 1 to UE-V 2 and it is likely you’ll have computers running the previous version of the agent, create a separate UE-V 2.0 catalog to support the UE-V 2.0 Agent and templates.
 
 ## Hotfixes and Knowledge Base articles for UE-V 2.0
 

From 640a7510a5d76d3565d38891a8013ba7be739e3b Mon Sep 17 00:00:00 2001
From: Nicole Turner <39884432+nenonix@users.noreply.github.com>
Date: Mon, 25 Mar 2019 09:12:20 +0200
Subject: [PATCH 18/22] Update oma-dm-protocol-support.md

Grammar and formatting fixes https://github.com/MicrosoftDocs/windows-itpro-docs/issues/673
---
 windows/client-management/mdm/oma-dm-protocol-support.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/client-management/mdm/oma-dm-protocol-support.md b/windows/client-management/mdm/oma-dm-protocol-support.md
index 29344603d2..aab3c9d663 100644
--- a/windows/client-management/mdm/oma-dm-protocol-support.md
+++ b/windows/client-management/mdm/oma-dm-protocol-support.md
@@ -314,13 +314,13 @@ For more information about Basic or MD5 client authentication, MD5 server authen
 
 ## User targeted vs. Device targeted configuration
 
-For CSPs and policies that supports per user configuration, MDM server could send user targeted setting values to the device the user that enrolled MDM is actively logged in. The device notifies the server the login status via a device alert (1224) with Alert type = in DM pkg\#1.
+For CSPs and policies that support per user configuration, MDM server could send user targeted setting values to the device the user that enrolled MDM is actively logged in. The device notifies the server of the login status via a device alert (1224) with Alert type = in DM pkg\#1.
 
 The data part of this alert could be one of following strings:
 
--   user – the user that enrolled the device is actively login. The MDM server could send user specific configuration for CSPs/policies that support per user configuration
+-   user – the user that enrolled the device is actively logged in. The MDM server could send user specific configuration for CSPs/policies that support per user configuration
 -   others – another user login but that user does not have an MDM account. The server can only apply device wide configuration, e.g. configuration applies to all users in the device.
--   none – no active user login. The server can only apply device wide configuration and available configuration is restricted to the device environment (no active user login
+-   none – no active user login. The server can only apply device wide configuration and available configuration is restricted to the device environment (no active user login).
 
 Below is an alert example:
 

From ce9fedf6aaa9beac0b8cb16bbf10d9078ff10394 Mon Sep 17 00:00:00 2001
From: Nicole Turner <39884432+nenonix@users.noreply.github.com>
Date: Mon, 25 Mar 2019 11:26:05 +0200
Subject: [PATCH 19/22] Update windows-10-1803-removed-features.md

Line 54 broken link replaced - closes https://github.com/MicrosoftDocs/windows-itpro-docs/issues/1305
---
 windows/deployment/planning/windows-10-1803-removed-features.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/planning/windows-10-1803-removed-features.md b/windows/deployment/planning/windows-10-1803-removed-features.md
index f31922410d..8afb576298 100644
--- a/windows/deployment/planning/windows-10-1803-removed-features.md
+++ b/windows/deployment/planning/windows-10-1803-removed-features.md
@@ -51,4 +51,4 @@ If you have feedback about the proposed replacement of any of these features, yo
 |Phone Companion|Use the **Phone** page in the Settings app. In Windows 10, version 1709, we added the new **Phone** page to help you sync your mobile phone with your PC. It includes all the Phone Companion features.|
 |IPv4/6 Transition Technologies (6to4, ISATAP, and Direct Tunnels)|6to4 has been disabled by default since Windows 10, version 1607 (the Anniversary Update), ISATAP has been disabled by default since Windows 10, version 1703 (the Creators Update), and Direct Tunnels has always been disabled by default. Please use native IPv6 support instead.|
 |[Layered Service Providers](https://msdn.microsoft.com/library/windows/desktop/bb513664)|Layered Service Providers have been deprecated since Windows 8 and Windows Server 2012. Use the [Windows Filtering Platform](https://msdn.microsoft.com/library/windows/desktop/aa366510) instead. When you upgrade from an older version of Windows, any layered service providers you're using aren't migrated; you'll need to re-install them after upgrading.|
-|Business Scanning, also called Distributed Scan Management (DSM) **(Added 05/03/2018)**|The [Scan Management functionality](https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd759124\(vs.11\)) was introduced in Windows 7 and enabled secure scanning and the management of scanners in an enterprise. We're no longer investing in this feature, and there are no devices available that support it.|
+|Business Scanning, also called Distributed Scan Management (DSM) **(Added 05/03/2018)**|The [Scan Management functionality](https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd759124(v=ws.11)) was introduced in Windows 7 and enabled secure scanning and the management of scanners in an enterprise. We're no longer investing in this feature, and there are no devices available that support it.|

From d699172877a10b48ba3a790158aa0643fc49ed95 Mon Sep 17 00:00:00 2001
From: Nicole Turner <39884432+nenonix@users.noreply.github.com>
Date: Mon, 25 Mar 2019 13:24:07 +0200
Subject: [PATCH 20/22] Update oma-dm-protocol-support.md

further grammar fixes
---
 windows/client-management/mdm/oma-dm-protocol-support.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/oma-dm-protocol-support.md b/windows/client-management/mdm/oma-dm-protocol-support.md
index aab3c9d663..d2ec519a10 100644
--- a/windows/client-management/mdm/oma-dm-protocol-support.md
+++ b/windows/client-management/mdm/oma-dm-protocol-support.md
@@ -314,7 +314,7 @@ For more information about Basic or MD5 client authentication, MD5 server authen
 
 ## User targeted vs. Device targeted configuration
 
-For CSPs and policies that support per user configuration, MDM server could send user targeted setting values to the device the user that enrolled MDM is actively logged in. The device notifies the server of the login status via a device alert (1224) with Alert type = in DM pkg\#1.
+For CSPs and policies that support per user configuration, the MDM server can send user targeted setting values to the device that a user, who has enrolled with MDM, is actively logged into. The device notifies the server of the login status via a device alert (1224) with Alert type = in DM pkg\#1.
 
 The data part of this alert could be one of following strings:
 

From 2ea4649c7633c1401d2813e2c40ae31f49bcec11 Mon Sep 17 00:00:00 2001
From: Nicole Turner <39884432+nenonix@users.noreply.github.com>
Date: Mon, 25 Mar 2019 13:27:45 +0200
Subject: [PATCH 21/22] Update oma-dm-protocol-support.md

more improvements
---
 windows/client-management/mdm/oma-dm-protocol-support.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/oma-dm-protocol-support.md b/windows/client-management/mdm/oma-dm-protocol-support.md
index d2ec519a10..72df15b90d 100644
--- a/windows/client-management/mdm/oma-dm-protocol-support.md
+++ b/windows/client-management/mdm/oma-dm-protocol-support.md
@@ -314,7 +314,7 @@ For more information about Basic or MD5 client authentication, MD5 server authen
 
 ## User targeted vs. Device targeted configuration
 
-For CSPs and policies that support per user configuration, the MDM server can send user targeted setting values to the device that a user, who has enrolled with MDM, is actively logged into. The device notifies the server of the login status via a device alert (1224) with Alert type = in DM pkg\#1.
+For CSPs and policies that support per user configuration, the MDM server can send user targeted setting values to the device that a MDM-enrolled user is actively logged into. The device notifies the server of the login status via a device alert (1224) with Alert type = in DM pkg\#1.
 
 The data part of this alert could be one of following strings:
 

From c63d8a30b88e672dd8c3eaa93a6bb1fa75de8ead Mon Sep 17 00:00:00 2001
From: Jeanie Decker <jdecker@microsoft.com>
Date: Mon, 25 Mar 2019 05:46:07 -0700
Subject: [PATCH 22/22] Always remove en-us from doc/support/download URLs

---
 ...er-experience-virtualization--ue-v--20-release-notesuevv2.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--20-release-notesuevv2.md b/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--20-release-notesuevv2.md
index d35bddc2c4..9c23328285 100644
--- a/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--20-release-notesuevv2.md
+++ b/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--20-release-notesuevv2.md
@@ -60,7 +60,7 @@ UE-V will roam the Outlook 2010 signature files between devices. However, the de
 
 ### UE-V does not support roaming settings between 32-bit and 64-bit versions of Microsoft Office
 
-We recommend that you install the 64-bit version of Microsoft Office for modern computers. To determine which version you you need, [click here](https://support.office.com/en-us/article/choose-between-the-64-bit-or-32-bit-version-of-office-2dee7807-8f95-4d0c-b5fe-6c6f49b8d261?ui=en-US&rs=en-US&ad=US#32or64Bit=Newer_Versions).
+We recommend that you install the 64-bit version of Microsoft Office for modern computers. To determine which version you you need, [click here](https://support.office.com/article/choose-between-the-64-bit-or-32-bit-version-of-office-2dee7807-8f95-4d0c-b5fe-6c6f49b8d261?ui=en-US&rs=en-US&ad=US#32or64Bit=Newer_Versions).
 
 **WORKAROUND:** None