Merged PR 7723: fixed Windows 10 references

windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md

@@ -63,6 +63,14 @@ When a rule is triggered, a notification will be displayed from the Action Cente
 
 You can also use [audit mode](audit-windows-defender-exploit-guard.md) to evaluate how Attack surface reduction would impact your organization if it were enabled.
 
+## Requirements
+
+Attack surface reduction requires Windows 10 Enterprise E5 and Windows Defender AV real-time protection.
+
+Windows 10 version | Windows Defender Antivirus
+- | -
+Windows 10 version 1709 or later | [Windows Defender AV real-time protection](../windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md) must be enabled
+
 ## Attack surface reduction rules
 
 Windows 10, version 1803 has five new Attack surface reduction rules:
@@ -192,17 +200,6 @@ With this rule, admins can prevent unsigned or untrusted executable files from r
 - Executable files (such as .exe, .dll, or .scr) 
 - Script files (such as a PowerShell .ps, VisualBasic .vbs, or JavaScript .js file)
 
-## Requirements
-
-The following requirements must be met before Attack surface reduction will work:
-
-Windows 10 version | Windows Defender Antivirus
-- | -
-Insider Preview build 16232 or later (dated July 1, 2017 or later) | [Windows Defender AV real-time protection](../windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md) must be enabled
-
-
-
-
 ## Review Attack surface reduction events in Windows Event Viewer
 
 You can review the Windows event log to see events that are created when an Attack surface reduction rule is triggered (or audited):

windows/security/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard.md

@@ -61,11 +61,9 @@ As with other features of Windows Defender Exploit Guard, you can use [audit mod
 
 ## Requirements
 
-The following requirements must be met before Controlled folder access will work:
-
 Windows 10 version | Windows Defender Antivirus
 -|-
-Insider Preview build 16232 or later (dated July 1, 2017 or later) | [Windows Defender AV real-time protection](../windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md) must be enabled
+Windows 10 version 1709 or later | [Windows Defender AV real-time protection](../windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md) must be enabled
 
 
 ## Review Controlled folder access events in Windows Event Viewer

windows/security/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard.md

@@ -63,11 +63,11 @@ Exploit protection works best with [Windows Defender Advanced Threat Protection]
 
 ## Requirements
 
-The following requirements must be met before Exploit protection will work:
+Exploit protection requires Windows 10 Enterprise E3 and Windows Defender AV real-time protection.
 
 Windows 10 version | Windows Defender Advanced Threat Protection
 -|-
-Insider Preview build 16232 or later (dated July 1, 2017 or later) | For full reporting you need a license for [Windows Defender ATP](../windows-defender-atp/windows-defender-advanced-threat-protection.md)
+Windows 10 version 1709 or later | For full reporting you need a license for [Windows Defender ATP](../windows-defender-atp/windows-defender-advanced-threat-protection.md)
 
 
  ## Review Exploit protection events in Windows Event Viewer

windows/security/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md

@@ -56,11 +56,11 @@ You can also use [audit mode](audit-windows-defender-exploit-guard.md) to evalua
 
 ## Requirements
 
-The following requirements must be met before Network protection will work:
+Network protection requires Windows 10 Enterprise E3 and Windows Defender AV real-time protection.
 
 Windows 10 version | Windows Defender Antivirus
 - | -
-Insider Preview build 16232 or later (dated July 1, 2017 or later) | [Windows Defender AV real-time protection](../windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md) and [cloud-delivered protection](../windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md) must be enabled
+Windows 10 version 1709 or later | [Windows Defender AV real-time protection](../windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md) and [cloud-delivered protection](../windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md) must be enabled
 
 
 ## Review Network protection events in Windows Event Viewer

windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md

@@ -63,7 +63,15 @@ You can use the Windows Defender ATP console to obtain detailed reporting into e
 
 ## Requirements
 
-Each of the features in Windows Defender EG have slightly different requirements:
+This section covers requirements for each feature in Windows Defender EG. 
+
+| Symbol | Support |
+|--------|---------|
+| ![not supported](./images/ball_empty.png) | Not supported |
+| ![supported](./images/ball_50.png) | Supported |
+| ![supported, enhanced](./images/ball_75.png) | Includes advanced exploit protection for the kernel mode via [HVCI](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity) |
+| ![supported, full reporting](./images/ball_full.png) | Includes automated reporting into the Windows Defender ATP console|
+
 
 | Feature | Windows 10 Home | Windows 10 Professional | Windows 10 E3 | Windows 10 E5 |
 | ----------------- | :------------------------------------: | :---------------------------: | :-------------------------: | :--------------------------------------: |
@@ -72,20 +80,14 @@ Each of the features in Windows Defender EG have slightly different requirements
 | Network protection | ![not supported](./images/ball_empty.png) | ![not supported](./images/ball_empty.png) | ![supported, limited reporting](./images/ball_50.png) | ![supported, full reporting](./images/ball_full.png) |
 | Controlled folder access | ![supported, limited reporting](./images/ball_50.png) | ![supported, limited reporting](./images/ball_50.png) | ![supported, limited reporting](./images/ball_50.png) | ![supported, full reporting](./images/ball_full.png) |
 
-> [!NOTE]
-> ![supported, enhanced](./images/ball_75.png) Exploit Protection - On Windows 10 E3, includes advanced exploit protection for the kernel mode via [HVCI] (https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity).<br/>
-> ![supported, full reporting](./images/ball_full.png) On Windows 10 E5, includes automated reporting into the Windows Defender ATP console.
+The following table lists which features in Windows Defender EG require enabling [real-time protection](../windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md) from Windows Defender Antivirus. 
 
-
-| Feature | [Windows Defender Antivirus](../windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md)
+| Feature | Real-time protection |
 |-----------------| ------------------------------------ |
 | Exploit protection | No requirement |
-| Attack surface reduction | [Real-time protection](../windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md) must be enabled |
-| Network protection | [Real-time protection](../windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md) must be enabled |
-| Controlled folder access | [Real-time protection](../windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md) must be enabled |
-
-> [!NOTE]
-> Each feature's requirements are further described in the individual topics in this library.
+| Attack surface reduction | Must be enabled |
+| Network protection | Must be enabled |
+| Controlled folder access | Must be enabled |
 
  ## In this library