Merge branch 'master' of https://cpubwin.visualstudio.com/_git/it-client into microsoft-edge-rs5

windows/client-management/manage-settings-app-with-group-policy.md

@@ -8,9 +8,20 @@ author: brianlic-msft
 ms.date: 04/19/2017
 ---
 
+**Applies to**
+
+-   Windows 10, Windows Server 2016
+
+
 # Manage the Settings app with Group Policy
 
-Starting in Windows 10, version 1703, you can now manage the pages that are shown in the Settings app by using Group Policy. This lets you hide specific pages from users. Before Windows 10, version 1703, you could either show everything in the Settings app or hide it completely.
+You can now manage the pages that are shown in the Settings app by using Group Policy. This lets you hide specific pages from users. Before Windows 10, version 1703, you could either show everything in the Settings app or hide it completely.
+To make use of the Settings App group polices on Windows server 2016, install fix [4457127](https://support.microsoft.com/help/4457127/windows-10-update-kb4457127) or a later cumulative update. 
+
+>[!Note]
+>Each server that you want to manage access to the Settings App must be patched.
+
+To centrally manage the new policies copy the ControlPanel.admx and ControlPanel.adml file to [Central Store](https://support.microsoft.com/help/3087759/how-to-create-and-manage-the-central-store-for-group-policy-administra) if your company uses one or the PolicyDefinitions folder of the Domain Controllers used for Group Policy management.
 
 This policy is available at **Computer Configuration** > **Administrative Templates** > **Control Panel** > **Settings Page Visibility**.
 

windows/client-management/mdm/dynamicmanagement-csp.md

@@ -93,8 +93,8 @@ Disable Cortana based on Geo location and time, From 9am-5pm, when in the 100 me
           <Type xmlns="syncml:metinf">text/plain</Type>
           <Format xmlns="syncml:metinf">chr</Format>
         </Meta>
-        <Data>&lt;SyncML&gt;
+        <Data><SyncML>
-  &lt;SyncBody&gt;&lt;Replace&gt;&lt;CmdID&gt;1001&lt;/CmdID&gt;&lt;Item&gt;&lt;Target&gt;&lt;LocURI&gt;./Vendor/MSFT/Policy/Config/Experience/AllowCortana&lt;/LocURI&gt;&lt;/Target&gt;&lt;Meta&gt;&lt;Format xmlns=&quot;syncml:metinf&quot;&gt;int&lt;/Format&gt;&lt;/Meta&gt;&lt;Data&gt;0&lt;/Data&gt;&lt;/Item&gt;&lt;/Replace&gt;&lt;Final/&gt;&lt;/SyncBody&gt;&lt;/SyncML&gt;</Data>
+  <SyncBody><Replace><CmdID>1001</CmdID><Item><Target><LocURI>./Vendor/MSFT/Policy/Config/Experience/AllowCortana</LocURI></Target><Meta><Format xmlns="syncml:metinf">int</Format></Meta><Data>0</Data></Item></Replace><Final/></SyncBody></SyncML></Data>
       </Item>
     </Replace>
     <Replace>
@@ -108,15 +108,15 @@ Disable Cortana based on Geo location and time, From 9am-5pm, when in the 100 me
           <Format xmlns="syncml:metinf">chr</Format>
         </Meta>
         <Data>
-          &lt;rule schemaVersion=&quot;1.0&quot;&gt;
+          <rule schemaVersion="1.0">
           
-           &lt;and&gt;
+           <and>
-                    &lt;signal type="geoloc" latitude="47.6375" longitude="-122.1402" radiusInMeters="100"/&gt;        
+                    <signal type="geoloc" latitude="47.6375" longitude="-122.1402" radiusInMeters="100"/>        
-                    &lt;signal type=&quot;time&quot;&gt;
+                    <signal type="time">
-                              &lt;daily startTime=&quot;09:00:00&quot; endTime=&quot;17:00:00&quot;/&gt;
+                              <daily startTime="09:00:00" endTime="17:00:00"/>
-                    &lt;/signal&gt;           
+                    </signal>           
-           &lt;/and&gt;
+           </and>
-          &lt;/rule&gt;
+          </rule>
         </Data>
       </Item>
     </Replace>
@@ -147,31 +147,31 @@ Disable camera using network trigger with time trigger, from 9-5, when ip4 gatew
           <Type xmlns="syncml:metinf">text/plain</Type>
           <Format xmlns="syncml:metinf">chr</Format>
         </Meta>
-        <Data>&lt;SyncML&gt;
+        <Data><SyncML>
-  &lt;SyncBody&gt;&lt;Replace&gt;&lt;CmdID&gt;1002&lt;/CmdID&gt;&lt;Item&gt;&lt;Target&gt;&lt;LocURI&gt;./Vendor/MSFT/Policy/Config/Camera/AllowCamera&lt;/LocURI&gt;&lt;/Target&gt;&lt;Meta&gt;&lt;Format xmlns=&quot;syncml:metinf&quot;&gt;int&lt;/Format&gt;&lt;/Meta&gt;&lt;Data&gt;0&lt;/Data&gt;&lt;/Item&gt;&lt;/Replace&gt; &lt;Final/&gt;&lt;/SyncBody&gt;&lt;/SyncML&gt;</Data>
+  <SyncBody><Replace><CmdID>1002</CmdID><Item><Target><LocURI>./Vendor/MSFT/Policy/Config/Camera/AllowCamera</LocURI></Target><Meta><Format xmlns="syncml:metinf">int</Format></Meta><Data>0</Data></Item></Replace> <Final/></SyncBody></SyncML></Data>
       </Item>
     </Replace>
     <Replace>
       <CmdID>301</CmdID>
       <Item>
         <Target>
-          <LocURI>./Vendor/MSFT/DynamicManagement/Contexts/ NetworkWithTime /SignalDefinition</LocURI>
+          <LocURI>./Vendor/MSFT/DynamicManagement/Contexts/NetworkWithTime/SignalDefinition</LocURI>
         </Target>
         <Meta>
           <Type xmlns="syncml:metinf">text/plain</Type>
           <Format xmlns="syncml:metinf">chr</Format>
         </Meta>
         <Data>
-          &lt;rule schemaVersion=&quot;1.0&quot;&gt;          
+          <rule schemaVersion="1.0">          
-           &lt;and&gt;
+           <and>
-             &lt;signal type="ipConfig"&gt; 
+             <signal type="ipConfig"> 
-                   &lt;ipv4Gateway&gt;192.168.0.1&lt;/ipv4Gateway&gt; 
+                   <ipv4Gateway>192.168.0.1</ipv4Gateway> 
-             &lt;/signal&gt; 
+             </signal> 
-                    &lt;signal type=&quot;time&quot;&gt;
+                    <signal type="time">
-                              &lt;daily startTime=&quot;09:00:00&quot; endTime=&quot;17:00:00&quot;/&gt;
+                              <daily startTime="09:00:00" endTime="17:00:00"/>
-                    &lt;/signal&gt;  
+                    </signal>  
-           &lt;/and&gt;
+           </and>
-          &lt;/rule&gt;
+          </rule>
         </Data>
       </Item>
     </Replace>
@@ -179,7 +179,7 @@ Disable camera using network trigger with time trigger, from 9-5, when ip4 gatew
       <CmdID>302</CmdID>
       <Item>
         <Target>
-          <LocURI>./Vendor/MSFT/DynamicManagement/Contexts/ NetworkWithTime /Altitude</LocURI>
+          <LocURI>./Vendor/MSFT/DynamicManagement/Contexts/NetworkWithTime/Altitude</LocURI>
         </Target>
         <Meta>
           <Format xmlns="syncml:metinf">int</Format>

windows/hub/index.md

@@ -8,7 +8,7 @@ author: greg-lindsay
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
-ms.date: 04/30/2018
+ms.date: 10/02/2018
 ---
 
 # Windows 10 and Windows 10 Mobile
@@ -18,15 +18,16 @@ Find the latest how to and support content that IT pros need to evaluate, plan,
 
  
 
-> [!video https://www.microsoft.com/en-us/videoplayer/embed/RE21ada?autoplay=false]
+
+> [!video https://www.youtube.com/embed/hAva4B-wsVA]
 
 
-## Check out [what's new in Windows 10, version 1803](/windows/whats-new/whats-new-windows-10-version-1803).
+## Check out [what's new in Windows 10, version 1809](/windows/whats-new/whats-new-windows-10-version-1809).
 <br>
 <table border="0" width="100%" align="center">
   <tr style="text-align:center;">
     <td align="center" style="width:25%; border:0;">
-      <a href="/windows/whats-new/whats-new-windows-10-version-1803"> 
+      <a href="/windows/whats-new/whats-new-windows-10-version-1809"> 
         <img src="images/whatsnew.png" alt="Read what's new in Windows 10" title="Whats new" />
       <br/>What's New? </a><br>
     </td>

windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-devreg.md

@@ -19,7 +19,7 @@ ms.date: 08/18/2018
 -  Certificate trust
 
  
-You're environment is federated and you are ready to configure device registration for your hybrid environment. Hybrid Windows Hello for Business deployment needs device registration and device write-back to enable proper device authentication.  
+Your environment is federated and you are ready to configure device registration for your hybrid environment. Hybrid Windows Hello for Business deployment needs device registration and device write-back to enable proper device authentication.  
   
 > [!IMPORTANT]
 > If your environment is not federated, review the [New Installation baseline](hello-hybrid-cert-new-install.md) section of this deployment document to learn how to federate your environment for your Windows Hello for Business deployment. 
@@ -514,4 +514,4 @@ For your reference, below is a comprehensive list of the AD DS devices, containe
 3. [New Installation Baseline](hello-hybrid-cert-new-install.md)
 4. Configure Azure Device Registration (*You are here*)
 5. [Configure Windows Hello for Business settings](hello-hybrid-cert-whfb-settings.md)
-6. [Sign-in and Provision](hello-hybrid-cert-whfb-provision.md)
+6. [Sign-in and Provision](hello-hybrid-cert-whfb-provision.md)

windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-pki.md

@@ -24,7 +24,7 @@ Windows Hello for Business deployments rely on certificates.  Hybrid deployments
 
 All deployments use enterprise issued certificates for domain controllers as a root of trust.  Hybrid certificate trust deployments issue users sign-in certificate that enables them to authenticate using Windows Hello for Business credentials to non-Windows Server 2016 domain controllers.  Additionally, hybrid certificate trust deployments issue certificate to registration authorities to provide defense-in-depth security for issuing user authentication certificates. 
 
-## Certifcate Templates
+## Certificate Templates
 
 This section has you configure certificate templates on your Windows Server 2012 or later issuing certificate authority. 
 
@@ -146,7 +146,8 @@ Sign-in to an **AD FS Windows Server 2016** computer with _Enterprise Admin_ equ
 
 >[!NOTE]
 >If you gave your Windows Hello for Business Authentication certificate template a different name, then replace **WHFBAuthentication** in the above command with the name of your certificate template. It's important that you use the template name rather than the template display name. You can view the template name on the **General** tab of the certificate template using the Certificate Template management console (certtmpl.msc).  Or, you can view the template name using the **Get-CATemplate** ADCS Administration Windows PowerShell cmdlet on our Windows Server 2012 or later certificate authority.
-Publish Templates
+
+## Publish Templates
 
 ### Publish Certificate Templates to a Certificate Authority
 

windows/security/information-protection/tpm/tpm-recommendations.md

@@ -104,8 +104,8 @@ The following table defines which Windows features require TPM support.
 | BitLocker               | Yes           | Yes                | Yes                | TPM 1.2 or 2.0 is required  |
 | Device Encryption       | Yes          | N/A                | Yes                | Device Encryption requires Modern Standby/Connected Standby certification, which requires TPM 2.0. |
 | Windows Defender Application Control (Device Guard)            | No           | Yes                | Yes                |          |
-| Windows Defender Exploit Guard | Yes   | Yes                | Yes                |           |
+| Windows Defender Exploit Guard | No   | N/A                | N/A                |           |
-| Windows Defender System Guard | Yes   | Yes                | Yes                |           |
+| Windows Defender System Guard | Yes   | No                | Yes                |           |
 | Credential Guard        | No           | Yes                | Yes                | Windows 10, version 1507 (End of Life as of May 2017) only supported TPM 2.0 for Credential Guard. Beginning with Windows 10, version 1511, TPM 1.2 and 2.0 are supported.   |
 | Device Health Attestation| Yes         | Yes                | Yes                |          |
 | Windows Hello/Windows Hello for Business| No | Yes          | Yes                | Azure AD join supports both versions of TPM, but requires TPM with keyed-hash message authentication code (HMAC) and Endorsement Key (EK) certificate for key attestation support.         |

windows/security/threat-protection/auditing/audit-ipsec-driver.md

@@ -8,7 +8,7 @@ ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
 author: Mir0sh
-ms.date: 04/19/2017
+ms.date: 10/02/2018
 ---
 
 # Audit IPsec Driver
@@ -56,7 +56,7 @@ This subcategory is outside the scope of this document.
 
 ## 5478(S): IPsec Services has started successfully.
 
-## 5479(): IPsec Services has been shut down successfully. The shutdown of IPsec Services can put the computer at greater risk of network attack or expose the computer to potential security risks.
+## 5479(S): IPsec Services has been shut down successfully. The shutdown of IPsec Services can put the computer at greater risk of network attack or expose the computer to potential security risks.
 
 ## 5480(F): IPsec Services failed to get the complete list of network interfaces on the computer. This poses a potential security risk because some of the network interfaces may not get the protection provided by the applied IPsec filters. Use the IP Security Monitor snap-in to diagnose the problem.
 

windows/security/threat-protection/auditing/audit-ipsec-extended-mode.md

@@ -8,7 +8,7 @@ ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
 author: Mir0sh
-ms.date: 04/19/2017
+ms.date: 10/02/2018
 ---
 
 # Audit IPsec Extended Mode
@@ -28,17 +28,17 @@ Audit IPsec Extended Mode subcategory is out of scope of this document, because
 | Member Server     | IF              | IF              | IF               | IF               | IF - This subcategory is mainly used for IPsec Extended Mode troubleshooting, or for tracing or monitoring IPsec Extended Mode operations. |
 | Workstation       | IF              | IF              | IF               | IF               | IF - This subcategory is mainly used for IPsec Extended Mode troubleshooting, or for tracing or monitoring IPsec Extended Mode operations. |
 
-## 4978: During Extended Mode negotiation, IPsec received an invalid negotiation packet. If this problem persists, it could indicate a network issue or an attempt to modify or replay this negotiation.
+## 4978(S): During Extended Mode negotiation, IPsec received an invalid negotiation packet. If this problem persists, it could indicate a network issue or an attempt to modify or replay this negotiation.
 
-## 4979: IPsec Main Mode and Extended Mode security associations were established.
+## 4979(S): IPsec Main Mode and Extended Mode security associations were established.
 
-## 4980: IPsec Main Mode and Extended Mode security associations were established.
+## 4980(S): IPsec Main Mode and Extended Mode security associations were established.
 
-## 4981: IPsec Main Mode and Extended Mode security associations were established.
+## 4981(S): IPsec Main Mode and Extended Mode security associations were established.
 
-## 4982: IPsec Main Mode and Extended Mode security associations were established.
+## 4982(S): IPsec Main Mode and Extended Mode security associations were established.
 
-## 4983: An IPsec Extended Mode negotiation failed. The corresponding Main Mode security association has been deleted.
+## 4983(S): An IPsec Extended Mode negotiation failed. The corresponding Main Mode security association has been deleted.
 
-## 4984: An IPsec Extended Mode negotiation failed. The corresponding Main Mode security association has been deleted.
+## 4984(S): An IPsec Extended Mode negotiation failed. The corresponding Main Mode security association has been deleted.
 

windows/security/threat-protection/auditing/audit-ipsec-main-mode.md

@@ -8,7 +8,7 @@ ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
 author: Mir0sh
-ms.date: 04/19/2017
+ms.date: 10/02/2018
 ---
 
 # Audit IPsec Main Mode
@@ -28,21 +28,21 @@ Audit IPsec Main Mode subcategory is out of scope of this document, because this
 | Member Server     | IF              | IF              | IF               | IF               | IF - This subcategory is mainly used for IPsec Main Mode troubleshooting, or for tracing or monitoring IPsec Main Mode operations. |
 | Workstation       | IF              | IF              | IF               | IF               | IF - This subcategory is mainly used for IPsec Main Mode troubleshooting, or for tracing or monitoring IPsec Main Mode operations. |
 
-## 4646: Security ID: %1
+## 4646(S): Security ID: %1
 
-## 4650: An IPsec Main Mode security association was established. Extended Mode was not enabled. Certificate authentication was not used.
+## 4650(S): An IPsec Main Mode security association was established. Extended Mode was not enabled. Certificate authentication was not used.
 
-## 4651: An IPsec Main Mode security association was established. Extended Mode was not enabled. A certificate was used for authentication.
+## 4651(S): An IPsec Main Mode security association was established. Extended Mode was not enabled. A certificate was used for authentication.
 
-## 4652: An IPsec Main Mode negotiation failed.
+## 4652(F): An IPsec Main Mode negotiation failed.
 
-## 4653: An IPsec Main Mode negotiation failed.
+## 4653(F): An IPsec Main Mode negotiation failed.
 
-## 4655: An IPsec Main Mode security association ended.
+## 4655(S): An IPsec Main Mode security association ended.
 
-## 4976: During Main Mode negotiation, IPsec received an invalid negotiation packet. If this problem persists, it could indicate a network issue or an attempt to modify or replay this negotiation.
+## 4976(S): During Main Mode negotiation, IPsec received an invalid negotiation packet. If this problem persists, it could indicate a network issue or an attempt to modify or replay this negotiation.
 
-## 5049: An IPsec Security Association was deleted.
+## 5049(S): An IPsec Security Association was deleted.
 
-## 5453: An IPsec negotiation with a remote computer failed because the IKE and AuthIP IPsec Keying Modules (IKEEXT) service is not started.
+## 5453(S): An IPsec negotiation with a remote computer failed because the IKE and AuthIP IPsec Keying Modules (IKEEXT) service is not started.
 

windows/security/threat-protection/auditing/audit-ipsec-quick-mode.md

@@ -8,7 +8,7 @@ ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.localizationpriority: none
 author: Mir0sh
-ms.date: 04/19/2017
+ms.date: 10/02/2018
 ---
 
 # Audit IPsec Quick Mode
@@ -28,9 +28,9 @@ Audit IPsec Quick Mode subcategory is out of scope of this document, because thi
 | Member Server     | IF              | IF              | IF               | IF               | IF - This subcategory is mainly used for IPsec Quick Mode troubleshooting, or for tracing or monitoring IPsec Quick Mode operations. |
 | Workstation       | IF              | IF              | IF               | IF               | IF - This subcategory is mainly used for IPsec Quick Mode troubleshooting, or for tracing or monitoring IPsec Quick Mode operations. |
 
-## 4977: During Quick Mode negotiation, IPsec received an invalid negotiation packet. If this problem persists, it could indicate a network issue or an attempt to modify or replay this negotiation.
+## 4977(S): During Quick Mode negotiation, IPsec received an invalid negotiation packet. If this problem persists, it could indicate a network issue or an attempt to modify or replay this negotiation.
 
-## 5451: An IPsec Quick Mode security association was established.
+## 5451(S): An IPsec Quick Mode security association was established.
 
-## 5452: An IPsec Quick Mode security association ended.
+## 5452(S): An IPsec Quick Mode security association ended.
 

windows/security/threat-protection/windows-defender-exploit-guard/customize-controlled-folders-exploit-guard.md

@@ -54,9 +54,7 @@ You can use the Windows Security app or Group Policy to add and remove additiona
 3. Under the **Controlled folder access** section, click **Protected folders**
 
 4. Click **Add a protected folder** and follow the prompts to add apps.
-
+ 
-   ![Screenshot of the Virus and threat protection settings button](images/cfa-prot-folders.png)
-
 ### Use Group Policy to protect additional folders
 
 1.  On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.

windows/security/threat-protection/windows-defender-exploit-guard/customize-exploit-protection.md

@@ -11,7 +11,7 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 08/08/2018
+ms.date: 10/02/2018
 ---
 
 # Customize exploit protection
@@ -39,8 +39,6 @@ You can set each of the mitigations to on, off, or to their default value. Some
 
 Default values are always specified in brackets at the **Use default** option for each mitigation. In the following example, the default for Data Execution Prevention is "On". 
 
-![Screenshot showing the drop down menu for DEP which shows the default for DEP as On](images/ep-default.png)
-
 The **Use default** configuration for each of the mitigation settings indicates our recommendation for a base level of protection for everyday usage for home users. Enterprise deployments should consider the protection required for their individual needs and may need to modify configuration away from the defaults.
 
 For the associated PowerShell cmdlets for each mitigation, see the [PowerShell reference table](#cmdlets-table) at the bottom of this topic.
@@ -116,9 +114,7 @@ Validate stack integrity (StackPivot) | Ensures that the stack has not been redi
     >[!NOTE]
     >You may see a User Account Control window when changing some settings. Enter administrator credentials to apply the setting.
 
-    Changing some settings may required a restart, which will be indicated in red text underneath the setting.
+    Changing some settings may required a restart, which will be indicated in red text underneath the setting.	  
-
-    ![Screenshot showing the DEP drop down menu where you can select On, Off, or Default](images/wdsc-exp-prot-sys-settings.png)
 
 4. Repeat this for all the system-level mitigations you want to configure.
 
@@ -138,15 +134,11 @@ Exporting the configuration as an XML file allows you to copy the configuration
     2. If the app is not listed, at the top of the list click **Add program to customize** and then choose how you want to add the app:
         - Use **Add by program name** to have the mitigation applied to any running process with that name. You must specify a file with an extension. You can enter a full path to limit the mitigation to only the app with that name in that location.
         - Use **Choose exact file path** to use a standard Windows Explorer file picker window to find and select the file you want.
-
+		        
-        ![Screenshot showing the add file or folder button](images/wdsc-exp-prot-app-settings.png)
-
 4. After selecting the app, you'll see a list of all the mitigations that can be applied. To enable the mitigation, click the check box and then change the slider to **On**. Select any additional options. Choosing **Audit** will apply the mitigation in audit mode only. You will be notified if you need to restart the process or app, or if you need to restart Windows.
 
 5. Repeat this for all the apps and mitigations you want to configure. Click **Apply** when you're done setting up your configuration.
-
+    
-    ![Screenshot showing some of the options available for an added program](images/wdsc-exp-prot-app-settings-options.png)
-
 You can now [export these settings as an XML file](import-export-exploit-protection-emet-xml.md) or return to configure system-level mitigations. 
 
 Exporting the configuration as an XML file allows you to copy the configuration from one machine onto other machines.

windows/whats-new/index.md

@@ -16,6 +16,7 @@ Windows 10 provides IT professionals with advanced protection against modern sec
 
 ## In this section
 
+- [What's new in Windows 10, version 1809](whats-new-windows-10-version-1809.md)
 - [What's new in Windows 10, version 1803](whats-new-windows-10-version-1803.md)
 - [What's new in Windows 10, version 1709](whats-new-windows-10-version-1709.md)
 - [What's new in Windows 10, version 1703](whats-new-windows-10-version-1703.md)

windows/whats-new/whats-new-windows-10-version-1809.md

@@ -189,8 +189,6 @@ Windows Defender Credential Guard has always been an optional feature, but Windo
 
 A network connection is now required to set up a new device. As a result, we removed the “skip for now” option in the network setup page in Out Of Box Experience (OOBE). 
 
-<<<<<<< HEAD
-=======
 ### Windows Defender ATP
 
 [Windows Defender ATP](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection) has been enhanced with many new capabilities. For more information, see the following topics:
@@ -220,7 +218,6 @@ Windows Defender ATP now adds support for Windows Server 2019. You'll be able to
 - [Onboard previous versions of Windows](https://docs.microsoft.com/windows/security/threat-protection/onboard-downlevel-windows-defender-advanced-threat-protection)<br>
 Onboard supported versions of Windows machines so that they can send sensor data to the Windows Defender ATP sensor
 
->>>>>>> 951a08abdd8a55231838c35a12890ed68af95f88
 ## Faster sign-in to a Windows 10 shared pc
 
 Do you have shared devices deployed in your work place? **Fast sign-in** enables users to sign in to a shared Windows 10 PC in a flash!