From 2bcb2c924de2e0669e0a404556cfae782b618da9 Mon Sep 17 00:00:00 2001
From: Meghan Stewart <33289333+mestew@users.noreply.github.com>
Date: Tue, 30 May 2023 10:10:22 -0700
Subject: [PATCH 01/23] vbscript deprecation MAXADO-7954828
---
windows/whats-new/deprecated-features-resources.md | 6 +++++-
windows/whats-new/deprecated-features.md | 1 +
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/windows/whats-new/deprecated-features-resources.md b/windows/whats-new/deprecated-features-resources.md
index 330293213d..d059f17d61 100644
--- a/windows/whats-new/deprecated-features-resources.md
+++ b/windows/whats-new/deprecated-features-resources.md
@@ -21,11 +21,15 @@ appliesto:
This article provides additional resources about [deprecated features for Windows client](deprecated-features.md) that may be needed by IT professionals. The following information is provided to help IT professionals plan for the removal of deprecated features:
+## VBScript
+
+VBScript will be available as a [feature on demand](/windows-hardware/manufacture/desktop/features-on-demand-v2--capabilities) before being fully retired in future Windows releases. Initially, the VBScript feature on demand will be preinstalled to allow for uninterrupted use while you prepare for the retirement of VBScript.
+
## Microsoft Support Diagnostic Tool resources
The [Microsoft Support Diagnostic Tool (MSDT)](/windows-server/administration/windows-commands/msdt) gathers diagnostic data for analysis by support professionals. MSDT is the engine used to run legacy Windows built-in troubleshooters. There are currently 28 built-in troubleshooters for MSDT. Half of the built-in troubleshooters have already been [redirected](#redirected-msdt-troubleshooters) to the Get Help platform, while the other half will be [retired](#retired-msdt-troubleshooters).
-If you're using MSDT to run [custom troubleshooting packages](/previous-versions/windows/desktop/wintt/package-schema), it will be available as a [Feature on Demand](/windows-hardware/manufacture/desktop/features-on-demand-v2--capabilities) before the tool is fully retired in 2025. This change will allow you to continue to use MSDT to run custom troubleshooting packages while transitioning to a new platform. [Contact Microsoft support](https://support.microsoft.com/contactus) for Windows if you require additional assistance.
+If you're using MSDT to run [custom troubleshooting packages](/previous-versions/windows/desktop/wintt/package-schema), it will be available as a [feature on demand](/windows-hardware/manufacture/desktop/features-on-demand-v2--capabilities) before the tool is fully retired in 2025. This change will allow you to continue to use MSDT to run custom troubleshooting packages while transitioning to a new platform. [Contact Microsoft support](https://support.microsoft.com/contactus) for Windows if you require additional assistance.
### Redirected MSDT troubleshooters
diff --git a/windows/whats-new/deprecated-features.md b/windows/whats-new/deprecated-features.md
index 073c3bf2f2..ae2d404644 100644
--- a/windows/whats-new/deprecated-features.md
+++ b/windows/whats-new/deprecated-features.md
@@ -36,6 +36,7 @@ The features in this article are no longer being actively developed, and might b
|Feature | Details and mitigation | Deprecation announced |
| ----------- | --------------------- | ---- |
+| VBScript | VBScript is deprecated. In future releases of Windows, VBScript will be available as a feature on demand before its removal from the operating system. For more information, see [Resources for deprecated features](deprecated-features-resources.md#vbscript) | **TBD** |
| Microsoft Support Diagnostic Tool (MSDT) | [MSDT](/windows-server/administration/windows-commands/msdt) is deprecated and will be removed in a future release of Windows. MSDT is used to gather diagnostic data for analysis by support professionals. For more information, see [Resources for deprecated features](deprecated-features-resources.md) | January 2023 |
| Universal Windows Platform (UWP) Applications for 32-bit Arm | This change is applicable only to devices with an Arm processor, for example Snapdragon processors from Qualcomm. If you have a PC built with a processor from Intel or AMD, this content is not applicable. If you are not sure which type of processor you have, check **Settings** > **System** > **About**. Support for 32-bit Arm versions of applications will be removed in a future release of Windows 11. After this change, for the small number of applications affected, app features might be different and you might notice a difference in performance. For more technical details about this change, see [Update app architecture from Arm32 to Arm64](/windows/arm/arm32-to-arm64). | January 2023 |
| Update Compliance | [Update Compliance](/windows/deployment/update/update-compliance-monitor), a cloud-based service for the Windows client, is no longer being developed. This service has been replaced with [Windows Update for Business reports](/windows/deployment/update/wufb-reports-overview), which provides reporting on client compliance with Microsoft updates from the Azure portal. | November 2022|
From 6fa3848a73ae96adcb4ee74a21074d809349e728 Mon Sep 17 00:00:00 2001
From: Meghan Stewart <33289333+mestew@users.noreply.github.com>
Date: Tue, 30 May 2023 10:16:58 -0700
Subject: [PATCH 02/23] vbscript deprecation MAXADO-7954828
---
windows/whats-new/deprecated-features-resources.md | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/windows/whats-new/deprecated-features-resources.md b/windows/whats-new/deprecated-features-resources.md
index d059f17d61..6383501d7e 100644
--- a/windows/whats-new/deprecated-features-resources.md
+++ b/windows/whats-new/deprecated-features-resources.md
@@ -29,11 +29,11 @@ VBScript will be available as a [feature on demand](/windows-hardware/manufactur
The [Microsoft Support Diagnostic Tool (MSDT)](/windows-server/administration/windows-commands/msdt) gathers diagnostic data for analysis by support professionals. MSDT is the engine used to run legacy Windows built-in troubleshooters. There are currently 28 built-in troubleshooters for MSDT. Half of the built-in troubleshooters have already been [redirected](#redirected-msdt-troubleshooters) to the Get Help platform, while the other half will be [retired](#retired-msdt-troubleshooters).
-If you're using MSDT to run [custom troubleshooting packages](/previous-versions/windows/desktop/wintt/package-schema), it will be available as a [feature on demand](/windows-hardware/manufacture/desktop/features-on-demand-v2--capabilities) before the tool is fully retired in 2025. This change will allow you to continue to use MSDT to run custom troubleshooting packages while transitioning to a new platform. [Contact Microsoft support](https://support.microsoft.com/contactus) for Windows if you require additional assistance.
+If you're using MSDT to run [custom troubleshooting packages](/previous-versions/windows/desktop/wintt/package-schema), it will be available as a [feature on demand](/windows-hardware/manufacture/desktop/features-on-demand-v2--capabilities) before the tool is fully retired in 2025. This change allows you to continue to use MSDT to run custom troubleshooting packages while transitioning to a new platform. [Contact Microsoft support](https://support.microsoft.com/contactus) for Windows if you require more assistance.
### Redirected MSDT troubleshooters
-The following troubleshooters will automatically be redirected when you access them from **Start** > **Settings** > **System** > **Troubleshoot**:
+The following troubleshooters are automatically redirected when you access them from **Start** > **Settings** > **System** > **Troubleshoot**:
- Background Intelligent Transfer Service (BITS)
- Bluetooth
From 31032b6cc302024d52b130f1a7bf1571ded162ea Mon Sep 17 00:00:00 2001
From: msarcletti <56821677+msarcletti@users.noreply.github.com>
Date: Fri, 6 Oct 2023 15:30:06 +0200
Subject: [PATCH 03/23] Update configure-the-windows-firewall-log.md
Adding information on how to handle log file creation failures. This is a quite common issue with an easy solution.
---
.../configure-the-windows-firewall-log.md | 29 +++++++++++++++++++
1 file changed, 29 insertions(+)
diff --git a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
index 2912122082..87cb6b97d1 100644
--- a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
@@ -41,5 +41,34 @@ To complete these procedures, you must be a member of the Domain Administrators
6. Click **OK** twice.
+### Troubleshooting if the log file is not created or written to
+
+Sometimes the log files are not created or no events are written the log files. This can be related to missing permissions for the Windows Defender Firewall Service (mpssvc) on the folder or the logfiles themselves. It can happen if you want to store the log files in a different folder or the permissions were removed or have not been set automatically.
+
+Verify if mpssvc has FullControl on the folder and the files.
+Open an elevated PowerShell and use these commands. Make sure to use the correct path.
+
+```
+$LogPath = Join-Path -path $env:windir -ChildPath "System32\LogFiles\Firewall"
+(Get-ACL -Path $LogPath).Access | Format-Table IdentityReference,FileSystemRights,AccessControlType,IsInherited,InheritanceFlags -AutoSize
+```
+The output should show NT SERVICE\mpssvc having FullControl:
+```
+IdentityReference FileSystemRights AccessControlType IsInherited InheritanceFlags
+----------------- ---------------- ----------------- ----------- ----------------
+NT AUTHORITY\SYSTEM FullControl Allow False ObjectInherit
+BUILTIN\Administrators FullControl Allow False ObjectInherit
+NT SERVICE\mpssvc FullControl Allow False ObjectInherit
+```
+If not, add FullControl permissions for mpssvc to the folder, subfolders and files. Make sure to use the correct path.
+```
+$LogPath = Join-Path -path $env:windir -ChildPath "System32\LogFiles\Firewall"
+$ACL = get-acl -Path $LogPath
+$ACL.SetAccessRuleProtection($true, $false)
+$RULE = New-Object System.Security.AccessControl.FileSystemAccessRule ("NT SERVICE\mpssvc","FullControl","ContainerInherit,ObjectInherit","None","Allow")
+$ACL.AddAccessRule($RULE)
+```
+Restart the Computer to restart the Windows Defender Firewall Service.
+
### Troubleshooting Slow Log Ingestion
If logs are slow to appear in Sentinel, you can turn down the log file size. Just beware that this downsizing will result in more resource usage due to the increased resource usage for log rotation.
From aafa943dfc2e07eeafbeb3c1721250d6d6e791df Mon Sep 17 00:00:00 2001
From: msarcletti <56821677+msarcletti@users.noreply.github.com>
Date: Mon, 9 Oct 2023 12:33:43 +0200
Subject: [PATCH 04/23] Update configure-the-windows-firewall-log.md
Added a paragraph related to the folder creation issue.
---
.../configure-the-windows-firewall-log.md | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
index 87cb6b97d1..5d7fd690df 100644
--- a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
@@ -43,7 +43,12 @@ To complete these procedures, you must be a member of the Domain Administrators
### Troubleshooting if the log file is not created or written to
-Sometimes the log files are not created or no events are written the log files. This can be related to missing permissions for the Windows Defender Firewall Service (mpssvc) on the folder or the logfiles themselves. It can happen if you want to store the log files in a different folder or the permissions were removed or have not been set automatically.
+Sometimes the log files are not created or no events are written the log files. This can be related to missing permissions for the Windows Defender Firewall Service (mpssvc) on the folder or the logfiles themselves. It can happen if you want to store the log files in a different folder or the permissions were removed or have not been set automatically.
+If firewall logging is configured via Group Policy only, it also can happen that the `firewall` folder is not created in the default location `%windir%\System32\LogFiles\`. The same can happen if a custom path to a non-existant folder is configered via Group Policy. In this case, create the folder manually or via script and add the permissions for MPSSVC.
+
+```
+New-Item -ItemType Directory -Path $env:windir\System32\LogFiles\Firewall
+```
Verify if mpssvc has FullControl on the folder and the files.
Open an elevated PowerShell and use these commands. Make sure to use the correct path.
@@ -70,5 +75,7 @@ $ACL.AddAccessRule($RULE)
```
Restart the Computer to restart the Windows Defender Firewall Service.
+
+
### Troubleshooting Slow Log Ingestion
If logs are slow to appear in Sentinel, you can turn down the log file size. Just beware that this downsizing will result in more resource usage due to the increased resource usage for log rotation.
From 87718f63599ae10f1509fe306283e2b31645943f Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Mon, 9 Oct 2023 09:32:20 -0400
Subject: [PATCH 05/23] WHFB requirements table update
---
.../hello-for-business/hello-identity-verification.md | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/windows/security/identity-protection/hello-for-business/hello-identity-verification.md b/windows/security/identity-protection/hello-for-business/hello-identity-verification.md
index 510a0584ba..537fc88652 100644
--- a/windows/security/identity-protection/hello-for-business/hello-identity-verification.md
+++ b/windows/security/identity-protection/hello-for-business/hello-identity-verification.md
@@ -1,5 +1,5 @@
---
-ms.date: 07/05/2023
+ms.date: 10/09/2023
title: Windows Hello for Business Deployment Prerequisite Overview
description: Overview of all the different infrastructure requirements for Windows Hello for Business deployment models
ms.topic: overview
@@ -37,7 +37,7 @@ The table shows the minimum requirements for each deployment. For key trust in a
| **Certificate Authority**| Not required |Any supported Windows Server versions | Any supported Windows Server versions | Any supported Windows Server versions |
| **AD FS Version** | Not required | Not required | Any supported Windows Server versions | Any supported Windows Server versions |
| **MFA Requirement** | Azure MFA, or
AD FS w/Azure MFA adapter, or
AD FS w/Azure MFA Server adapter, or
AD FS w/3rd Party MFA Adapter | Azure MFA tenant, or
AD FS w/Azure MFA adapter, or
AD FS w/Azure MFA Server adapter, or
AD FS w/3rd Party MFA Adapter | Azure MFA tenant, or
AD FS w/Azure MFA adapter, or
AD FS w/Azure MFA Server adapter, or
AD FS w/3rd Party MFA Adapter | Azure MFA tenant, or
AD FS w/Azure MFA adapter, or
AD FS w/Azure MFA Server adapter, or
AD FS w/3rd Party MFA Adapter |
-| **Azure AD Connect** | Not required | Required | Required | Required |
+| **Azure AD Connect** | Not required. It's recommended to use Microsoft Entra Connect cloud sync | Required | Required | Required |
| **Azure AD License** | Azure AD Premium, optional | Azure AD Premium, optional | Azure AD Premium, needed for device write-back | Azure AD Premium, optional. Intune license required |
## On-premises Deployments
From 2cf3cc7e1d9977df0fd4fdb13c782be88051f6fd Mon Sep 17 00:00:00 2001
From: msarcletti <56821677+msarcletti@users.noreply.github.com>
Date: Mon, 9 Oct 2023 15:34:13 +0200
Subject: [PATCH 06/23] Update
windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
Co-authored-by: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
---
.../windows-firewall/configure-the-windows-firewall-log.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
index 5d7fd690df..88935dbb98 100644
--- a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
@@ -41,7 +41,7 @@ To complete these procedures, you must be a member of the Domain Administrators
6. Click **OK** twice.
-### Troubleshooting if the log file is not created or written to
+### Troubleshooting if the log file is not created or modified
Sometimes the log files are not created or no events are written the log files. This can be related to missing permissions for the Windows Defender Firewall Service (mpssvc) on the folder or the logfiles themselves. It can happen if you want to store the log files in a different folder or the permissions were removed or have not been set automatically.
If firewall logging is configured via Group Policy only, it also can happen that the `firewall` folder is not created in the default location `%windir%\System32\LogFiles\`. The same can happen if a custom path to a non-existant folder is configered via Group Policy. In this case, create the folder manually or via script and add the permissions for MPSSVC.
From f5f96e85787645e9ac79c2761595f49971e99248 Mon Sep 17 00:00:00 2001
From: msarcletti <56821677+msarcletti@users.noreply.github.com>
Date: Mon, 9 Oct 2023 15:34:27 +0200
Subject: [PATCH 07/23] Update
windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
Co-authored-by: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
---
.../windows-firewall/configure-the-windows-firewall-log.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
index 88935dbb98..7f6679dd97 100644
--- a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
@@ -46,7 +46,7 @@ To complete these procedures, you must be a member of the Domain Administrators
Sometimes the log files are not created or no events are written the log files. This can be related to missing permissions for the Windows Defender Firewall Service (mpssvc) on the folder or the logfiles themselves. It can happen if you want to store the log files in a different folder or the permissions were removed or have not been set automatically.
If firewall logging is configured via Group Policy only, it also can happen that the `firewall` folder is not created in the default location `%windir%\System32\LogFiles\`. The same can happen if a custom path to a non-existant folder is configered via Group Policy. In this case, create the folder manually or via script and add the permissions for MPSSVC.
-```
+```PowerShell
New-Item -ItemType Directory -Path $env:windir\System32\LogFiles\Firewall
```
From 78b2e60ccae970c42eae1e1e8bfbe4fd6cdec8b1 Mon Sep 17 00:00:00 2001
From: msarcletti <56821677+msarcletti@users.noreply.github.com>
Date: Mon, 9 Oct 2023 15:34:47 +0200
Subject: [PATCH 08/23] Update
windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
Co-authored-by: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
---
.../windows-firewall/configure-the-windows-firewall-log.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
index 7f6679dd97..d875961d63 100644
--- a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
@@ -50,7 +50,7 @@ If firewall logging is configured via Group Policy only, it also can happen that
New-Item -ItemType Directory -Path $env:windir\System32\LogFiles\Firewall
```
-Verify if mpssvc has FullControl on the folder and the files.
+Verify if MpsSvc has *FullControl* on the folder and the files.
Open an elevated PowerShell and use these commands. Make sure to use the correct path.
```
From 164539542fd4585a42ef1bf8955903e1d367ed2c Mon Sep 17 00:00:00 2001
From: msarcletti <56821677+msarcletti@users.noreply.github.com>
Date: Mon, 9 Oct 2023 15:35:04 +0200
Subject: [PATCH 09/23] Update
windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
Co-authored-by: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
---
.../windows-firewall/configure-the-windows-firewall-log.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
index d875961d63..0ade81bb0a 100644
--- a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
@@ -51,7 +51,7 @@ New-Item -ItemType Directory -Path $env:windir\System32\LogFiles\Firewall
```
Verify if MpsSvc has *FullControl* on the folder and the files.
-Open an elevated PowerShell and use these commands. Make sure to use the correct path.
+From an elevated PowerShell session, use the following commands, ensuring to use the correct path:
```
$LogPath = Join-Path -path $env:windir -ChildPath "System32\LogFiles\Firewall"
From b578e93ceedb6582dbba9f0a0fbf3cc99d9153c4 Mon Sep 17 00:00:00 2001
From: msarcletti <56821677+msarcletti@users.noreply.github.com>
Date: Mon, 9 Oct 2023 15:35:11 +0200
Subject: [PATCH 10/23] Update
windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
Co-authored-by: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
---
.../windows-firewall/configure-the-windows-firewall-log.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
index 0ade81bb0a..1f55d3b115 100644
--- a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
@@ -53,7 +53,7 @@ New-Item -ItemType Directory -Path $env:windir\System32\LogFiles\Firewall
Verify if MpsSvc has *FullControl* on the folder and the files.
From an elevated PowerShell session, use the following commands, ensuring to use the correct path:
-```
+```PowerShell
$LogPath = Join-Path -path $env:windir -ChildPath "System32\LogFiles\Firewall"
(Get-ACL -Path $LogPath).Access | Format-Table IdentityReference,FileSystemRights,AccessControlType,IsInherited,InheritanceFlags -AutoSize
```
From ad72d997c3fd64ed604b1d8bfb51fd697703edbd Mon Sep 17 00:00:00 2001
From: msarcletti <56821677+msarcletti@users.noreply.github.com>
Date: Mon, 9 Oct 2023 15:35:23 +0200
Subject: [PATCH 11/23] Update
windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
Co-authored-by: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
---
.../windows-firewall/configure-the-windows-firewall-log.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
index 1f55d3b115..7e133b5be6 100644
--- a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
@@ -58,7 +58,7 @@ $LogPath = Join-Path -path $env:windir -ChildPath "System32\LogFiles\Firewall"
(Get-ACL -Path $LogPath).Access | Format-Table IdentityReference,FileSystemRights,AccessControlType,IsInherited,InheritanceFlags -AutoSize
```
The output should show NT SERVICE\mpssvc having FullControl:
-```
+```PowerShell
IdentityReference FileSystemRights AccessControlType IsInherited InheritanceFlags
----------------- ---------------- ----------------- ----------- ----------------
NT AUTHORITY\SYSTEM FullControl Allow False ObjectInherit
From 84b9178eaf6fbbbf3d941e5aa1c18e3358b8f2d4 Mon Sep 17 00:00:00 2001
From: msarcletti <56821677+msarcletti@users.noreply.github.com>
Date: Mon, 9 Oct 2023 15:35:32 +0200
Subject: [PATCH 12/23] Update
windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
Co-authored-by: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
---
.../windows-firewall/configure-the-windows-firewall-log.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
index 7e133b5be6..08afe5621e 100644
--- a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
@@ -66,7 +66,7 @@ BUILTIN\Administrators FullControl Allow False ObjectI
NT SERVICE\mpssvc FullControl Allow False ObjectInherit
```
If not, add FullControl permissions for mpssvc to the folder, subfolders and files. Make sure to use the correct path.
-```
+```PowerShell
$LogPath = Join-Path -path $env:windir -ChildPath "System32\LogFiles\Firewall"
$ACL = get-acl -Path $LogPath
$ACL.SetAccessRuleProtection($true, $false)
From 96fa42474b5aede18365240f7fca7e50c6c59f9f Mon Sep 17 00:00:00 2001
From: msarcletti <56821677+msarcletti@users.noreply.github.com>
Date: Mon, 9 Oct 2023 15:35:48 +0200
Subject: [PATCH 13/23] Update
windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
Co-authored-by: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
---
.../windows-firewall/configure-the-windows-firewall-log.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
index 08afe5621e..02ace74c40 100644
--- a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
@@ -57,7 +57,7 @@ From an elevated PowerShell session, use the following commands, ensuring to use
$LogPath = Join-Path -path $env:windir -ChildPath "System32\LogFiles\Firewall"
(Get-ACL -Path $LogPath).Access | Format-Table IdentityReference,FileSystemRights,AccessControlType,IsInherited,InheritanceFlags -AutoSize
```
-The output should show NT SERVICE\mpssvc having FullControl:
+The output should show `NT SERVICE\mpssvc` having *FullControl*:
```PowerShell
IdentityReference FileSystemRights AccessControlType IsInherited InheritanceFlags
----------------- ---------------- ----------------- ----------- ----------------
From 7709fcf3b57727addbabc0236dc7772c965f2658 Mon Sep 17 00:00:00 2001
From: msarcletti <56821677+msarcletti@users.noreply.github.com>
Date: Mon, 9 Oct 2023 15:36:01 +0200
Subject: [PATCH 14/23] Update
windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
Co-authored-by: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
---
.../windows-firewall/configure-the-windows-firewall-log.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
index 02ace74c40..9abc0d4784 100644
--- a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
@@ -73,7 +73,7 @@ $ACL.SetAccessRuleProtection($true, $false)
$RULE = New-Object System.Security.AccessControl.FileSystemAccessRule ("NT SERVICE\mpssvc","FullControl","ContainerInherit,ObjectInherit","None","Allow")
$ACL.AddAccessRule($RULE)
```
-Restart the Computer to restart the Windows Defender Firewall Service.
+Restart the device to restart the Windows Defender Firewall Service.
From 3d516fb0e3f35da7c2461e6ff7bf37fbf178caf8 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Mon, 9 Oct 2023 09:51:35 -0400
Subject: [PATCH 15/23] WHFB requirements table update
---
.../hello-for-business/hello-identity-verification.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/identity-protection/hello-for-business/hello-identity-verification.md b/windows/security/identity-protection/hello-for-business/hello-identity-verification.md
index 537fc88652..663d6662dc 100644
--- a/windows/security/identity-protection/hello-for-business/hello-identity-verification.md
+++ b/windows/security/identity-protection/hello-for-business/hello-identity-verification.md
@@ -37,7 +37,7 @@ The table shows the minimum requirements for each deployment. For key trust in a
| **Certificate Authority**| Not required |Any supported Windows Server versions | Any supported Windows Server versions | Any supported Windows Server versions |
| **AD FS Version** | Not required | Not required | Any supported Windows Server versions | Any supported Windows Server versions |
| **MFA Requirement** | Azure MFA, or
AD FS w/Azure MFA adapter, or
AD FS w/Azure MFA Server adapter, or
AD FS w/3rd Party MFA Adapter | Azure MFA tenant, or
AD FS w/Azure MFA adapter, or
AD FS w/Azure MFA Server adapter, or
AD FS w/3rd Party MFA Adapter | Azure MFA tenant, or
AD FS w/Azure MFA adapter, or
AD FS w/Azure MFA Server adapter, or
AD FS w/3rd Party MFA Adapter | Azure MFA tenant, or
AD FS w/Azure MFA adapter, or
AD FS w/Azure MFA Server adapter, or
AD FS w/3rd Party MFA Adapter |
-| **Azure AD Connect** | Not required. It's recommended to use Microsoft Entra Connect cloud sync | Required | Required | Required |
+| **Azure AD Connect** | Not required. It's recommended to use [Microsoft Entra Connect cloud sync](/azure/active-directory/hybrid/cloud-sync/what-is-cloud-sync) | Required | Required | Required |
| **Azure AD License** | Azure AD Premium, optional | Azure AD Premium, optional | Azure AD Premium, needed for device write-back | Azure AD Premium, optional. Intune license required |
## On-premises Deployments
From a1e5ab3d70a032aa8f5f992c04a0dcd20e156169 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Mon, 9 Oct 2023 10:01:55 -0400
Subject: [PATCH 16/23] Update
windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
---
.../windows-firewall/configure-the-windows-firewall-log.md | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
index 9abc0d4784..bb5da1d87c 100644
--- a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
@@ -43,7 +43,12 @@ To complete these procedures, you must be a member of the Domain Administrators
### Troubleshooting if the log file is not created or modified
-Sometimes the log files are not created or no events are written the log files. This can be related to missing permissions for the Windows Defender Firewall Service (mpssvc) on the folder or the logfiles themselves. It can happen if you want to store the log files in a different folder or the permissions were removed or have not been set automatically.
+Sometimes the Windows Firewall log files aren't created, or the events aren't written to the log files. Some examples when this condition may occur include:
+
+- missing permissions for the Windows Defender Firewall Service (MpsSvc) on the folder or on the log files
+- you want to store the log files in a different folder and the permissions were removed, or haven't been set automatically
+- if firewall logging is configured via Group Policy only, it can happen that the log folder isn't created in the default location `%windir%\System32\LogFiles\firewall`
+- if a custom path to a non-existent folder is configured via Group Policy. In this case, you must create the folder manually or via script, and add the permissions for MpsSvc
If firewall logging is configured via Group Policy only, it also can happen that the `firewall` folder is not created in the default location `%windir%\System32\LogFiles\`. The same can happen if a custom path to a non-existant folder is configered via Group Policy. In this case, create the folder manually or via script and add the permissions for MPSSVC.
```PowerShell
From 8c46a4a0681bfaad5994095a66910d1f27a99835 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Mon, 9 Oct 2023 10:08:13 -0400
Subject: [PATCH 17/23] Update configure-the-windows-firewall-log.md
---
.../configure-the-windows-firewall-log.md | 19 +++++++++++++------
1 file changed, 13 insertions(+), 6 deletions(-)
diff --git a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
index bb5da1d87c..b6d0f091f4 100644
--- a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
@@ -41,14 +41,17 @@ To complete these procedures, you must be a member of the Domain Administrators
6. Click **OK** twice.
-### Troubleshooting if the log file is not created or modified
+### Troubleshoot if the log file is not created or modified
Sometimes the Windows Firewall log files aren't created, or the events aren't written to the log files. Some examples when this condition may occur include:
- missing permissions for the Windows Defender Firewall Service (MpsSvc) on the folder or on the log files
- you want to store the log files in a different folder and the permissions were removed, or haven't been set automatically
-- if firewall logging is configured via Group Policy only, it can happen that the log folder isn't created in the default location `%windir%\System32\LogFiles\firewall`
-- if a custom path to a non-existent folder is configured via Group Policy. In this case, you must create the folder manually or via script, and add the permissions for MpsSvc
+- if firewall logging is configured via policy settings, it can happen that
+ - the log folder in the default location `%windir%\System32\LogFiles\firewall` doesn't exist
+ - the log folder in a custom path doesn't exist
+ In both cases, you must create the folder manually or via script, and add the permissions for MpsSvc
+
If firewall logging is configured via Group Policy only, it also can happen that the `firewall` folder is not created in the default location `%windir%\System32\LogFiles\`. The same can happen if a custom path to a non-existant folder is configered via Group Policy. In this case, create the folder manually or via script and add the permissions for MPSSVC.
```PowerShell
@@ -62,7 +65,9 @@ From an elevated PowerShell session, use the following commands, ensuring to use
$LogPath = Join-Path -path $env:windir -ChildPath "System32\LogFiles\Firewall"
(Get-ACL -Path $LogPath).Access | Format-Table IdentityReference,FileSystemRights,AccessControlType,IsInherited,InheritanceFlags -AutoSize
```
+
The output should show `NT SERVICE\mpssvc` having *FullControl*:
+
```PowerShell
IdentityReference FileSystemRights AccessControlType IsInherited InheritanceFlags
----------------- ---------------- ----------------- ----------- ----------------
@@ -70,7 +75,9 @@ NT AUTHORITY\SYSTEM FullControl Allow False ObjectI
BUILTIN\Administrators FullControl Allow False ObjectInherit
NT SERVICE\mpssvc FullControl Allow False ObjectInherit
```
-If not, add FullControl permissions for mpssvc to the folder, subfolders and files. Make sure to use the correct path.
+
+If not, add *FullControl* permissions for mpssvc to the folder, subfolders and files. Make sure to use the correct path.
+
```PowerShell
$LogPath = Join-Path -path $env:windir -ChildPath "System32\LogFiles\Firewall"
$ACL = get-acl -Path $LogPath
@@ -78,9 +85,9 @@ $ACL.SetAccessRuleProtection($true, $false)
$RULE = New-Object System.Security.AccessControl.FileSystemAccessRule ("NT SERVICE\mpssvc","FullControl","ContainerInherit,ObjectInherit","None","Allow")
$ACL.AddAccessRule($RULE)
```
+
Restart the device to restart the Windows Defender Firewall Service.
+### Troubleshoot Slow Log Ingestion
-
-### Troubleshooting Slow Log Ingestion
If logs are slow to appear in Sentinel, you can turn down the log file size. Just beware that this downsizing will result in more resource usage due to the increased resource usage for log rotation.
From 1ecd193386af9e7d5ceade788ebdf4393bbed5c0 Mon Sep 17 00:00:00 2001
From: Stephanie Savell <101299710+v-stsavell@users.noreply.github.com>
Date: Mon, 9 Oct 2023 10:23:34 -0500
Subject: [PATCH 18/23] Update
windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
---
.../windows-firewall/configure-the-windows-firewall-log.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
index b6d0f091f4..daa952247d 100644
--- a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
@@ -52,7 +52,7 @@ Sometimes the Windows Firewall log files aren't created, or the events aren't wr
- the log folder in a custom path doesn't exist
In both cases, you must create the folder manually or via script, and add the permissions for MpsSvc
-If firewall logging is configured via Group Policy only, it also can happen that the `firewall` folder is not created in the default location `%windir%\System32\LogFiles\`. The same can happen if a custom path to a non-existant folder is configered via Group Policy. In this case, create the folder manually or via script and add the permissions for MPSSVC.
+If firewall logging is configured via Group Policy only, it also can happen that the `firewall` folder is not created in the default location `%windir%\System32\LogFiles\`. The same can happen if a custom path to a non-existent folder is configured via Group Policy. In this case, create the folder manually or via script and add the permissions for MPSSVC.
```PowerShell
New-Item -ItemType Directory -Path $env:windir\System32\LogFiles\Firewall
From 9131ec75f49abafee75aaba363ff8dad2ddee5db Mon Sep 17 00:00:00 2001
From: Stephanie Savell <101299710+v-stsavell@users.noreply.github.com>
Date: Mon, 9 Oct 2023 10:26:13 -0500
Subject: [PATCH 19/23] Update
windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
---
.../windows-firewall/configure-the-windows-firewall-log.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
index daa952247d..49182f30f0 100644
--- a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
@@ -43,7 +43,7 @@ To complete these procedures, you must be a member of the Domain Administrators
### Troubleshoot if the log file is not created or modified
-Sometimes the Windows Firewall log files aren't created, or the events aren't written to the log files. Some examples when this condition may occur include:
+Sometimes the Windows Firewall log files aren't created, or the events aren't written to the log files. Some examples when this condition might occur include:
- missing permissions for the Windows Defender Firewall Service (MpsSvc) on the folder or on the log files
- you want to store the log files in a different folder and the permissions were removed, or haven't been set automatically
From d1a29a220b00f0bfe67720917946ed9d0cfd765b Mon Sep 17 00:00:00 2001
From: Stephanie Savell <101299710+v-stsavell@users.noreply.github.com>
Date: Mon, 9 Oct 2023 10:39:07 -0500
Subject: [PATCH 20/23] Update configure-the-windows-firewall-log.md
---
.../configure-the-windows-firewall-log.md | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
index 49182f30f0..e60bc7b3ec 100644
--- a/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
+++ b/windows/security/operating-system-security/network-security/windows-firewall/configure-the-windows-firewall-log.md
@@ -29,17 +29,18 @@ To complete these procedures, you must be a member of the Domain Administrators
3. The default path for the log is **%windir%\\system32\\logfiles\\firewall\\pfirewall.log**. If you want to change this path, clear the **Not configured** check box and type the path to the new location, or click **Browse** to select a file location.
- >**Important:** The location you specify must have permissions assigned that permit the Windows Defender Firewall service to write to the log file.
+ > [!IMPORTANT]
+ > The location you specify must have permissions assigned that permit the Windows Defender Firewall service to write to the log file.
- 4. The default maximum file size for the log is 4,096 kilobytes (KB). If you want to change this size, clear the **Not configured** check box, and type in the new size in KB, or use the up and down arrows to select a size. The file won't grow beyond this size; when the limit is reached, old log entries are deleted to make room for the newly created ones.
+ 5. The default maximum file size for the log is 4,096 kilobytes (KB). If you want to change this size, clear the **Not configured** check box, and type in the new size in KB, or use the up and down arrows to select a size. The file won't grow beyond this size; when the limit is reached, old log entries are deleted to make room for the newly created ones.
- 5. No logging occurs until you set one of following two options:
+ 6. No logging occurs until you set one of following two options:
- To create a log entry when Windows Defender Firewall drops an incoming network packet, change **Log dropped packets** to **Yes**.
- To create a log entry when Windows Defender Firewall allows an inbound connection, change **Log successful connections** to **Yes**.
- 6. Click **OK** twice.
+ 7. Click **OK** twice.
### Troubleshoot if the log file is not created or modified
From 42e3d2c8bbc582514b34748b123f1980e5e09d9a Mon Sep 17 00:00:00 2001
From: Meghan Stewart <33289333+mestew@users.noreply.github.com>
Date: Mon, 9 Oct 2023 08:40:45 -0700
Subject: [PATCH 21/23] update date
---
windows/whats-new/deprecated-features.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/whats-new/deprecated-features.md b/windows/whats-new/deprecated-features.md
index d3ef319ee9..9ad7dcd065 100644
--- a/windows/whats-new/deprecated-features.md
+++ b/windows/whats-new/deprecated-features.md
@@ -36,7 +36,7 @@ The features in this article are no longer being actively developed, and might b
|Feature | Details and mitigation | Deprecation announced |
| ----------- | --------------------- | ---- |
-| VBScript | VBScript is being deprecated. In future releases of Windows, VBScript will be available as a feature on demand before its removal from the operating system. For more information, see [Resources for deprecated features](deprecated-features-resources.md#vbscript) | September 2023 |
+| VBScript | VBScript is being deprecated. In future releases of Windows, VBScript will be available as a feature on demand before its removal from the operating system. For more information, see [Resources for deprecated features](deprecated-features-resources.md#vbscript) | October 2023 |
| WordPad | WordPad is no longer being updated and will be removed in a future release of Windows. We recommend Microsoft Word for rich text documents like .doc and .rtf and Windows Notepad for plain text documents like .txt. | September 1, 2023 |
| AllJoyn | Microsoft's implementation of AllJoyn which included the [Windows.Devices.AllJoyn API namespace](/uwp/api/windows.devices.alljoyn), a [Win32 API](/windows/win32/api/_alljoyn/), a [management configuration service provider (CSP)](/windows/client-management/mdm/alljoynmanagement-csp), and an [Alljoyn Router Service](/windows-server/security/windows-services/security-guidelines-for-disabling-system-services-in-windows-server#alljoyn-router-service) has been deprecated. [AllJoyn](https://openconnectivity.org/technology/reference-implementation/alljoyn/), sponsored by AllSeen Alliance, was an open source discovery and communication protocol for Internet of Things scenarios such as turning on/off lights or reading temperatures.AllSeen Alliance promoted the AllJoyn project from 2013 until 2016 when it merged with the Open Connectivity Foundation (OCF), the sponsors of [Iotivity.org](https://iotivity.org/), another protocol for Internet of Things scenarios. Customers should refer to the [Iotivity.org](https://iotivity.org/) website for alternatives such as [Iotivity Lite](https://github.com/iotivity/iotivity-lite) or [Iotivity](https://github.com/iotivity/iotivity). | August 17, 2023 |
| TLS 1.0 and 1.1 | Over the past several years, internet standards and regulatory bodies have [deprecated or disallowed](https://www.ietf.org/rfc/rfc8996.html) TLS versions 1.0 and 1.1 due to various security issues. Starting in Windows 11 Insider Preview builds for September 2023 and continuing in future Windows OS releases, TLS 1.0 and 1.1 will be disabled by default. This change increases the security posture of Windows customers and encourages modern protocol adoption. For organizations that need to use these versions, there's an option to re-enable TLS 1.0 or TLS 1.1. For more information, see [Resources for deprecated features](deprecated-features-resources.md). | August 1, 2023|
From 7ffebc3e06e335b7c4eddf54404df161ebd1c1ac Mon Sep 17 00:00:00 2001
From: Meghan Stewart <33289333+mestew@users.noreply.github.com>
Date: Mon, 9 Oct 2023 08:41:27 -0700
Subject: [PATCH 22/23] update date
---
windows/whats-new/deprecated-features-resources.md | 2 +-
windows/whats-new/deprecated-features.md | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/windows/whats-new/deprecated-features-resources.md b/windows/whats-new/deprecated-features-resources.md
index 9919114fdb..6b07079c0f 100644
--- a/windows/whats-new/deprecated-features-resources.md
+++ b/windows/whats-new/deprecated-features-resources.md
@@ -1,7 +1,7 @@
---
title: Resources for deprecated features in the Windows client
description: Resources and details for deprecated features in the Windows client.
-ms.date: 09/23/2023
+ms.date: 10/09/2023
ms.prod: windows-client
ms.technology: itpro-fundamentals
ms.localizationpriority: medium
diff --git a/windows/whats-new/deprecated-features.md b/windows/whats-new/deprecated-features.md
index 9ad7dcd065..b1d6876954 100644
--- a/windows/whats-new/deprecated-features.md
+++ b/windows/whats-new/deprecated-features.md
@@ -1,7 +1,7 @@
---
title: Deprecated features in the Windows client
description: Review the list of features that Microsoft is no longer actively developing in Windows 10 and Windows 11.
-ms.date: 09/23/2023
+ms.date: 10/09/2023
ms.prod: windows-client
ms.technology: itpro-fundamentals
ms.localizationpriority: medium
From cf4bf0ae8f69caf5a884d55658be710493c85c65 Mon Sep 17 00:00:00 2001
From: Meghan Stewart <33289333+mestew@users.noreply.github.com>
Date: Mon, 9 Oct 2023 08:46:36 -0700
Subject: [PATCH 23/23] edit
---
windows/whats-new/deprecated-features.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/whats-new/deprecated-features.md b/windows/whats-new/deprecated-features.md
index b1d6876954..881e004c0c 100644
--- a/windows/whats-new/deprecated-features.md
+++ b/windows/whats-new/deprecated-features.md
@@ -36,7 +36,7 @@ The features in this article are no longer being actively developed, and might b
|Feature | Details and mitigation | Deprecation announced |
| ----------- | --------------------- | ---- |
-| VBScript | VBScript is being deprecated. In future releases of Windows, VBScript will be available as a feature on demand before its removal from the operating system. For more information, see [Resources for deprecated features](deprecated-features-resources.md#vbscript) | October 2023 |
+| VBScript | VBScript is being deprecated. In future releases of Windows, VBScript will be available as a feature on demand before its removal from the operating system. For more information, see [Resources for deprecated features](deprecated-features-resources.md#vbscript). | October 2023 |
| WordPad | WordPad is no longer being updated and will be removed in a future release of Windows. We recommend Microsoft Word for rich text documents like .doc and .rtf and Windows Notepad for plain text documents like .txt. | September 1, 2023 |
| AllJoyn | Microsoft's implementation of AllJoyn which included the [Windows.Devices.AllJoyn API namespace](/uwp/api/windows.devices.alljoyn), a [Win32 API](/windows/win32/api/_alljoyn/), a [management configuration service provider (CSP)](/windows/client-management/mdm/alljoynmanagement-csp), and an [Alljoyn Router Service](/windows-server/security/windows-services/security-guidelines-for-disabling-system-services-in-windows-server#alljoyn-router-service) has been deprecated. [AllJoyn](https://openconnectivity.org/technology/reference-implementation/alljoyn/), sponsored by AllSeen Alliance, was an open source discovery and communication protocol for Internet of Things scenarios such as turning on/off lights or reading temperatures.AllSeen Alliance promoted the AllJoyn project from 2013 until 2016 when it merged with the Open Connectivity Foundation (OCF), the sponsors of [Iotivity.org](https://iotivity.org/), another protocol for Internet of Things scenarios. Customers should refer to the [Iotivity.org](https://iotivity.org/) website for alternatives such as [Iotivity Lite](https://github.com/iotivity/iotivity-lite) or [Iotivity](https://github.com/iotivity/iotivity). | August 17, 2023 |
| TLS 1.0 and 1.1 | Over the past several years, internet standards and regulatory bodies have [deprecated or disallowed](https://www.ietf.org/rfc/rfc8996.html) TLS versions 1.0 and 1.1 due to various security issues. Starting in Windows 11 Insider Preview builds for September 2023 and continuing in future Windows OS releases, TLS 1.0 and 1.1 will be disabled by default. This change increases the security posture of Windows customers and encourages modern protocol adoption. For organizations that need to use these versions, there's an option to re-enable TLS 1.0 or TLS 1.1. For more information, see [Resources for deprecated features](deprecated-features-resources.md). | August 1, 2023|