From 7fb30e049f398b9758183369b97712f97e937f60 Mon Sep 17 00:00:00 2001 From: Iaan D'Souza-Wiltshire Date: Mon, 28 Aug 2017 14:48:10 -0700 Subject: [PATCH 1/5] fix seo meta and titles --- .../audit-windows-defender-exploit-guard.md | 2 +- .../controlled-folders-exploit-guard.md | 4 ++-- .../customize-attack-surface-reduction.md | 2 +- .../evaluate-attack-surface-reduction.md | 2 +- .../evaluate-controlled-folder-access.md | 2 +- .../evaluate-windows-defender-exploit-guard.md | 2 +- .../event-views-exploit-guard.md | 2 +- .../exploit-protection-exploit-guard.md | 2 +- .../network-protection-exploit-guard.md | 2 +- .../windows-defender-exploit-guard.md | 4 ++-- 10 files changed, 12 insertions(+), 12 deletions(-) diff --git a/windows/threat-protection/windows-defender-exploit-guard/audit-windows-defender-exploit-guard.md b/windows/threat-protection/windows-defender-exploit-guard/audit-windows-defender-exploit-guard.md index e2f11fc337..8ca8c4120a 100644 --- a/windows/threat-protection/windows-defender-exploit-guard/audit-windows-defender-exploit-guard.md +++ b/windows/threat-protection/windows-defender-exploit-guard/audit-windows-defender-exploit-guard.md @@ -1,5 +1,5 @@ --- -title: Test how Windows Defender EG features will work in your organization +title: Test how Windows Defender EG features work description: Audit mode lets you use the event log to see how Windows Defender Exploit Guard would protect your devices if it were enabled keywords: exploit guard, audit, auditing, mode, enabled, disabled, test, demo, evaluate, lab search.product: eADQiWindows 10XVcnh diff --git a/windows/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard.md b/windows/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard.md index c64d76ea70..2cda929649 100644 --- a/windows/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard.md +++ b/windows/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard.md @@ -1,6 +1,6 @@ --- -title: Prevent ransomware and other threats from encrypting and changing important files -description: Files in default folders, such as Documents and Desktop, can be protected from being changed by malicious apps. This can help prevent ransomware encrypting your files. +title: Help prevent ransomware and threats from encrypting and changing files +description: Files in default folders can be protected from being changed by malicious apps. This can help prevent ransomware encrypting your files. keywords: controlled folder access, windows 10, windows defender, ransomware, protect, files, folders search.product: eADQiWindows 10XVcnh ms.pagetype: security diff --git a/windows/threat-protection/windows-defender-exploit-guard/customize-attack-surface-reduction.md b/windows/threat-protection/windows-defender-exploit-guard/customize-attack-surface-reduction.md index 72256aa36b..71db423dcf 100644 --- a/windows/threat-protection/windows-defender-exploit-guard/customize-attack-surface-reduction.md +++ b/windows/threat-protection/windows-defender-exploit-guard/customize-attack-surface-reduction.md @@ -1,5 +1,5 @@ --- -title: Configure how ASR works so you can finetune the protection in your network +title: Configure how ASR works to finetune protection in your network description: You can individually set rules in audit, block, or disabled modes, and add files and folders that should be excluded from ASR keywords: Attack Surface Reduction, hips, host intrusion prevention system, protection rules, anti-exploit, antiexploit, exploit, infection prevention, customize, configure, exclude search.product: eADQiWindows 10XVcnh diff --git a/windows/threat-protection/windows-defender-exploit-guard/evaluate-attack-surface-reduction.md b/windows/threat-protection/windows-defender-exploit-guard/evaluate-attack-surface-reduction.md index e8476084c9..1e5a5acdee 100644 --- a/windows/threat-protection/windows-defender-exploit-guard/evaluate-attack-surface-reduction.md +++ b/windows/threat-protection/windows-defender-exploit-guard/evaluate-attack-surface-reduction.md @@ -1,5 +1,5 @@ --- -title: Use a demo tool to see how ASR could help protect your organization's devices +title: Use a demo to see how ASR can help protect your devices description: The custom demo tool lets you create sample malware infection scenarios so you can see how ASR would block and prevent attacks keywords: Attack Surface Reduction, hips, host intrusion prevention system, protection rules, anti-exploit, antiexploit, exploit, infection prevention, evaluate, test, demo search.product: eADQiWindows 10XVcnh diff --git a/windows/threat-protection/windows-defender-exploit-guard/evaluate-controlled-folder-access.md b/windows/threat-protection/windows-defender-exploit-guard/evaluate-controlled-folder-access.md index 151c74bdb2..3b7019e217 100644 --- a/windows/threat-protection/windows-defender-exploit-guard/evaluate-controlled-folder-access.md +++ b/windows/threat-protection/windows-defender-exploit-guard/evaluate-controlled-folder-access.md @@ -1,5 +1,5 @@ --- -title: See how Windows 10 can protect your files from being changed by malicious apps +title: See how CFA can help protect files from being changed by malicious apps description: Use a custom tool to see how Controlled Folder Access works in Windows 10. keywords: controlled folder access, windows 10, windows defender, ransomware, protect, evaluate, test, demo, try search.product: eADQiWindows 10XVcnh diff --git a/windows/threat-protection/windows-defender-exploit-guard/evaluate-windows-defender-exploit-guard.md b/windows/threat-protection/windows-defender-exploit-guard/evaluate-windows-defender-exploit-guard.md index bdeca98d57..7f93a40671 100644 --- a/windows/threat-protection/windows-defender-exploit-guard/evaluate-windows-defender-exploit-guard.md +++ b/windows/threat-protection/windows-defender-exploit-guard/evaluate-windows-defender-exploit-guard.md @@ -1,5 +1,5 @@ --- -title: Evaluate the impact of each of the four features in Windows Defender Exploit Guard +title: Evaluate the impact of Windows Defender Exploit Guard description: Use our evaluation guides to quickly enable and configure features, and test them against common attack scenarios keywords: evaluate, guides, evaluation, exploit guard, controlled folder access, attack surface reduction, exploit protection, network protection, test, demo search.product: eADQiWindows 10XVcnh diff --git a/windows/threat-protection/windows-defender-exploit-guard/event-views-exploit-guard.md b/windows/threat-protection/windows-defender-exploit-guard/event-views-exploit-guard.md index 54066d6d43..2e4142e7ae 100644 --- a/windows/threat-protection/windows-defender-exploit-guard/event-views-exploit-guard.md +++ b/windows/threat-protection/windows-defender-exploit-guard/event-views-exploit-guard.md @@ -1,5 +1,5 @@ --- -title: Import custom views in XML to see Windows Defender Exploit Guard events +title: Import custom views to see Windows Defender Exploit Guard events description: Use Windows Event Viewer to import individual views for each of the features. keywords: event view, exploit guard, audit, review, events search.product: eADQiWindows 10XVcnh diff --git a/windows/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard.md b/windows/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard.md index e2d88d19db..cc5ba5334b 100644 --- a/windows/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard.md +++ b/windows/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard.md @@ -1,5 +1,5 @@ --- -title: Apply mitigations that help prevent attacks that use vulnerabilities in software +title: Apply mitigations to help prevent attacks through vulnerabilities keywords: mitigations, vulnerabilities, vulnerability, mitigation, exploit, exploits, emet description: Exploit Protection in Windows 10 provides advanced configuration over the settings offered in EMET. search.product: eADQiWindows 10XVcnh diff --git a/windows/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md b/windows/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md index 23953b3eb1..2f1e023d45 100644 --- a/windows/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md +++ b/windows/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md @@ -1,5 +1,5 @@ --- -title: Use Network Protection to prevent connections to suspicious domains +title: Use Network Protection to help prevent connections to bad sites description: Protect your network by preventing users from accessing known malicious and suspicious network addresses keywords: Network Protection, exploits, malicious website, ip, domain, domains search.product: eADQiWindows 10XVcnh diff --git a/windows/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md b/windows/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md index 7685caabc8..efab74fbdb 100644 --- a/windows/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md +++ b/windows/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md @@ -1,6 +1,6 @@ --- -title: Use Windows Defender Exploit Guard to protect your corporate network -description: Windows Defender Exploit Guard consists of features that can protect your network from malware and threat infection, including helping to prevent ransomware encryption and exploit attacks +title: Use Windows Defender Exploit Guard to protect your network +description: Windows Defender EG employs features that help protect your network from threats, including helping prevent ransomware encryption and exploit attacks keywords: emet, exploit guard, Controlled Folder Access, Network Protection, Exploit Protection, Attack Surface Reduction, hips, host intrusion prevention system search.product: eADQiWindows 10XVcnh ms.pagetype: security From fee43d97b9ca1d4c8e0f61d362ca3d000487a3af Mon Sep 17 00:00:00 2001 From: Brian Lich Date: Mon, 28 Aug 2017 22:10:09 +0000 Subject: [PATCH 2/5] Updated manage-connections-from-windows-operating-system-components-to-microsoft-services.md --- ...windows-operating-system-components-to-microsoft-services.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/configuration/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/configuration/manage-connections-from-windows-operating-system-components-to-microsoft-services.md index 2f2bd2b989..dbc3503cbe 100644 --- a/windows/configuration/manage-connections-from-windows-operating-system-components-to-microsoft-services.md +++ b/windows/configuration/manage-connections-from-windows-operating-system-components-to-microsoft-services.md @@ -1261,7 +1261,7 @@ To turn off **Let apps read or send messages (text or MMS)**: -or- -- Create a REG\_DWORD registry setting in **HKEY\_LOCAL\_MACHINE\\Policies\\Microsoft\\Windows\\AppPrivacy!LetAppsAccessMessaging**, with a value of 2 (two). +- Create a REG\_DWORD registry setting in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy!LetAppsAccessMessaging**, with a value of 2 (two). To turn off **Choose apps that can read or send messages**: From 4786b86bdbc5a16c80ec5afc372aa3d8e9bcceb6 Mon Sep 17 00:00:00 2001 From: Brian Lich Date: Mon, 28 Aug 2017 22:45:06 +0000 Subject: [PATCH 3/5] Updated manage-connections-from-windows-operating-system-components-to-microsoft-services.md --- ...windows-operating-system-components-to-microsoft-services.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/configuration/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/configuration/manage-connections-from-windows-operating-system-components-to-microsoft-services.md index dbc3503cbe..e5ebed0c80 100644 --- a/windows/configuration/manage-connections-from-windows-operating-system-components-to-microsoft-services.md +++ b/windows/configuration/manage-connections-from-windows-operating-system-components-to-microsoft-services.md @@ -457,7 +457,7 @@ To turn off Live Tiles: - Create a REG\_DWORD registry setting called **HKEY\_CURRENT\_USER\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\PushNotifications!NoCloudApplicationNotification**, with a value of 1 (one). -You must also unpin all tiles that are pinned to Start. +In Windows 10 Mobile, you must also unpin all tiles that are pinned to Start. ### 10. Mail synchronization From 6d8fb7b428d5db6fbfefcf2ce3b8005d89e0f2b4 Mon Sep 17 00:00:00 2001 From: Nicholas Brower Date: Tue, 29 Aug 2017 17:43:29 +0000 Subject: [PATCH 4/5] Merged PR 2912: add missing automation tag; and fix a few sku supports --- .../mdm/policy-configuration-service-provider.md | 6 ++---- windows/client-management/mdm/policy-csp-browser.md | 1 + 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md index 750dc3fc1a..cf20c306d2 100644 --- a/windows/client-management/mdm/policy-configuration-service-provider.md +++ b/windows/client-management/mdm/policy-configuration-service-provider.md @@ -3365,7 +3365,6 @@ The following diagram shows the Policy configuration service provider in tree fo - [CredentialProviders/AllowPINLogon](#credentialproviders-allowpinlogon) - [CredentialProviders/BlockPicturePassword](#credentialproviders-blockpicturepassword) - [DataProtection/AllowDirectMemoryAccess](#dataprotection-allowdirectmemoryaccess) -- [Privacy/EnableActivityFeed](#privacy-enableactivityfeed) - [Privacy/LetAppsGetDiagnosticInfo](#privacy-letappsgetdiagnosticinfo) - [Privacy/LetAppsGetDiagnosticInfo_ForceAllowTheseApps](#privacy-letappsgetdiagnosticinfo-forceallowtheseapps) - [Privacy/LetAppsGetDiagnosticInfo_ForceDenyTheseApps](#privacy-letappsgetdiagnosticinfo-forcedenytheseapps) @@ -3374,7 +3373,6 @@ The following diagram shows the Policy configuration service provider in tree fo - [Privacy/LetAppsRunInBackground_ForceAllowTheseApps](#privacy-letappsruninbackground-forceallowtheseapps) - [Privacy/LetAppsRunInBackground_ForceDenyTheseApps](#privacy-letappsruninbackground-forcedenytheseapps) - [Privacy/LetAppsRunInBackground_UserInControlOfTheseApps](#privacy-letappsruninbackground-userincontroloftheseapps) -- [Privacy/PublishUserActivities](#privacy-publishuseractivities) - [Security/AllowAddProvisioningPackage](#security-allowaddprovisioningpackage) - [Security/AllowRemoveProvisioningPackage](#security-allowremoveprovisioningpackage) - [Security/RequireDeviceEncryption](#security-requiredeviceencryption) @@ -3420,7 +3418,6 @@ The following diagram shows the Policy configuration service provider in tree fo - [Experience/AllowCortana](#experience-allowcortana) - [Experience/AllowManualMDMUnenrollment](#experience-allowmanualmdmunenrollment) - [Privacy/AllowInputPersonalization](#privacy-allowinputpersonalization) -- [Privacy/EnableActivityFeed](#privacy-enableactivityfeed) - [Privacy/LetAppsGetDiagnosticInfo](#privacy-letappsgetdiagnosticinfo) - [Privacy/LetAppsGetDiagnosticInfo_ForceAllowTheseApps](#privacy-letappsgetdiagnosticinfo-forceallowtheseapps) - [Privacy/LetAppsGetDiagnosticInfo_ForceDenyTheseApps](#privacy-letappsgetdiagnosticinfo-forcedenytheseapps) @@ -3429,7 +3426,6 @@ The following diagram shows the Policy configuration service provider in tree fo - [Privacy/LetAppsRunInBackground_ForceAllowTheseApps](#privacy-letappsruninbackground-forceallowtheseapps) - [Privacy/LetAppsRunInBackground_ForceDenyTheseApps](#privacy-letappsruninbackground-forcedenytheseapps) - [Privacy/LetAppsRunInBackground_UserInControlOfTheseApps](#privacy-letappsruninbackground-userincontroloftheseapps) -- [Privacy/PublishUserActivities](#privacy-publishuseractivities) - [Search/AllowSearchToUseLocation](#search-allowsearchtouselocation) - [Security/RequireDeviceEncryption](#security-requiredeviceencryption) - [Settings/AllowDateTime](#settings-allowdatetime) @@ -3520,6 +3516,7 @@ The following diagram shows the Policy configuration service provider in tree fo - [DeliveryOptimization/DOPercentageMaxDownloadBandwidth](#deliveryoptimization-dopercentagemaxdownloadbandwidth) - [Desktop/PreventUserRedirectionOfProfileFolders](#desktop-preventuserredirectionofprofilefolders) - [DeviceGuard/AllowKernelControlFlowGuard](#deviceguard-allowkernelcontrolflowguard) +- [Privacy/EnableActivityFeed](#privacy-enableactivityfeed) - [Privacy/LetAppsGetDiagnosticInfo](#privacy-letappsgetdiagnosticinfo) - [Privacy/LetAppsGetDiagnosticInfo_ForceAllowTheseApps](#privacy-letappsgetdiagnosticinfo-forceallowtheseapps) - [Privacy/LetAppsGetDiagnosticInfo_ForceDenyTheseApps](#privacy-letappsgetdiagnosticinfo-forcedenytheseapps) @@ -3528,6 +3525,7 @@ The following diagram shows the Policy configuration service provider in tree fo - [Privacy/LetAppsRunInBackground_ForceAllowTheseApps](#privacy-letappsruninbackground-forceallowtheseapps) - [Privacy/LetAppsRunInBackground_ForceDenyTheseApps](#privacy-letappsruninbackground-forcedenytheseapps) - [Privacy/LetAppsRunInBackground_UserInControlOfTheseApps](#privacy-letappsruninbackground-userincontroloftheseapps) +- [Privacy/PublishUserActivities](#privacy-publishuseractivities) - [Security/RequireProvisioningPackageSignature](#security-requireprovisioningpackagesignature) - [Security/RequireRetrieveHealthCertificateOnBoot](#security-requireretrievehealthcertificateonboot) - [System/AllowFontProviders](#system-allowfontproviders) diff --git a/windows/client-management/mdm/policy-csp-browser.md b/windows/client-management/mdm/policy-csp-browser.md index 687dbaf959..263cff9d57 100644 --- a/windows/client-management/mdm/policy-csp-browser.md +++ b/windows/client-management/mdm/policy-csp-browser.md @@ -1314,6 +1314,7 @@ Employees cannot remove these search engines, but they can set any one as the de

Data type is string. Supported operations are Add, Get, Replace, and Delete. + **Browser/SendIntranetTraffictoInternetExplorer** From 39e8da095708055981bcd07bd6f9aa65f22c26d2 Mon Sep 17 00:00:00 2001 From: Iaan D'Souza-Wiltshire Date: Tue, 29 Aug 2017 11:55:01 -0700 Subject: [PATCH 5/5] gp image indentation --- .../enable-controlled-folders-exploit-guard.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/windows/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md b/windows/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md index e105482635..3471eba455 100644 --- a/windows/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md +++ b/windows/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md @@ -77,8 +77,7 @@ For further details on how audit mode works, and when you might want to use it, - **Disable (Default)** - The Controlled Folder Access feature will not work. All apps can make changes to files in protected folders. - **Audit Mode** - If a malicious or suspicious app attempts to make a change to a file in a protected folder, the change will be allowed but will be recorded in the Windows event log. This allows you to assess the impact of this feature on your organization. - - ![](images/cfa-gp-enable.png) + ![](images/cfa-gp-enable.png) >[!IMPORTANT] >To fully enable the Controlled Folder Access feature, you must set the Group Policy option to **Enabled** and also select **Enable** in the options drop-down menu.