From 4b77589e2e212efcb1282930a11f261d98c30b33 Mon Sep 17 00:00:00 2001
From: Meghan Stewart <33289333+mestew@users.noreply.github.com>
Date: Wed, 16 Apr 2025 15:51:58 -0700
Subject: [PATCH 01/17] dep-device-meta-9364071

---
 windows/whats-new/deprecated-features.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/windows/whats-new/deprecated-features.md b/windows/whats-new/deprecated-features.md
index b7488294a0..b2b17236c7 100644
--- a/windows/whats-new/deprecated-features.md
+++ b/windows/whats-new/deprecated-features.md
@@ -47,6 +47,7 @@ The features in this article are no longer being actively developed, and might b
 
 | Feature | Details and mitigation  | Deprecation announced |
 |---|---|---|
+| Device metadata <!--9364071-->| Device metadata is deprecated and will be removed in a future release of Windows. For more information about the replacement for this functionality, see [**Placeholder link**](https://learn.microsoft.com/windows-hardware/drivers/). | April 2025 |
 | VBS enclaves for Windows 11, version 23H2 and earlier <!--9693593-->| [VBS enclaves](/windows/win32/trusted-execution/vbs-enclaves) are being deprecated on Windows 11, version 23H2 and earlier versions of Windows. Support for VBS enclaves will continue for Windows 11, version 24H2 and later. </br> </br> VBS enclaves are being [deprecated on Windows Server 2022](/windows-server/get-started/removed-deprecated-features-windows-server) and earlier versions of Windows Server. Support for VBS enclaves will continue for Windows Server 2025 and later. | April 2025 |
 | Windows UWP Map control and Windows Maps platform APIs <!--9853556--> | The [Windows UWP Map control](/uwp/api/windows.ui.xaml.controls.maps) and [Windows Maps platform APIs](/uwp/api/windows.services.maps) within Windows have been deprecated as of April 8, 2025. The Maps UWP Control and Maps platform support within Windows will continue to function but will not be updated. For more information, see [Resources for deprecated features](deprecated-features-resources.md#windows-uwp-map-control-and-windows-maps-platform-apis). | April 8, 2025 |
 | Line printer daemon (LPR/LPD) <!--9787121--> | Deprecation reminder: [The line printer daemon protocol (LPR/LPD) was deprecated](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831568(v=ws.11)#printing) starting in Windows Server 2012. As removal of the line printer daemon protocol nears, we'd like to remind customers to ensure their environments are prepared for removal. When these features are eventually removed, clients that print to a server using this protocol, such as UNIX clients, will not be able to connect or print. Instead, UNIX clients should use IPP. Windows clients can connect to UNIX shared printers using the [Windows Standard Port Monitor](/troubleshoot/windows-server/printing/standard-port-monitor-for-tcpip).  | [Original announcement: Windows Server 2012](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831568(v=ws.11)#printing) </br> <br> Courtesy reminder: February 2025 |

From 9a3d1591cba0598d4444be28af3664a0a04cc38e Mon Sep 17 00:00:00 2001
From: Meghan Stewart <33289333+mestew@users.noreply.github.com>
Date: Wed, 23 Apr 2025 15:45:01 -0700
Subject: [PATCH 02/17] dep-device-meta-9364071

---
 windows/whats-new/deprecated-features.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/whats-new/deprecated-features.md b/windows/whats-new/deprecated-features.md
index b2b17236c7..6b0d6e9d27 100644
--- a/windows/whats-new/deprecated-features.md
+++ b/windows/whats-new/deprecated-features.md
@@ -47,7 +47,7 @@ The features in this article are no longer being actively developed, and might b
 
 | Feature | Details and mitigation  | Deprecation announced |
 |---|---|---|
-| Device metadata <!--9364071-->| Device metadata is deprecated and will be removed in a future release of Windows. For more information about the replacement for this functionality, see [**Placeholder link**](https://learn.microsoft.com/windows-hardware/drivers/). | April 2025 |
+| Device metadata <!--9364071-->| Device metadata is deprecated and will be removed in a future release of Windows. For more information about the replacement for this functionality, see [Driver Package Container Metadata](/windows-hardware/drivers/install/driver-package-container-metadata). | April 2025 |
 | VBS enclaves for Windows 11, version 23H2 and earlier <!--9693593-->| [VBS enclaves](/windows/win32/trusted-execution/vbs-enclaves) are being deprecated on Windows 11, version 23H2 and earlier versions of Windows. Support for VBS enclaves will continue for Windows 11, version 24H2 and later. </br> </br> VBS enclaves are being [deprecated on Windows Server 2022](/windows-server/get-started/removed-deprecated-features-windows-server) and earlier versions of Windows Server. Support for VBS enclaves will continue for Windows Server 2025 and later. | April 2025 |
 | Windows UWP Map control and Windows Maps platform APIs <!--9853556--> | The [Windows UWP Map control](/uwp/api/windows.ui.xaml.controls.maps) and [Windows Maps platform APIs](/uwp/api/windows.services.maps) within Windows have been deprecated as of April 8, 2025. The Maps UWP Control and Maps platform support within Windows will continue to function but will not be updated. For more information, see [Resources for deprecated features](deprecated-features-resources.md#windows-uwp-map-control-and-windows-maps-platform-apis). | April 8, 2025 |
 | Line printer daemon (LPR/LPD) <!--9787121--> | Deprecation reminder: [The line printer daemon protocol (LPR/LPD) was deprecated](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831568(v=ws.11)#printing) starting in Windows Server 2012. As removal of the line printer daemon protocol nears, we'd like to remind customers to ensure their environments are prepared for removal. When these features are eventually removed, clients that print to a server using this protocol, such as UNIX clients, will not be able to connect or print. Instead, UNIX clients should use IPP. Windows clients can connect to UNIX shared printers using the [Windows Standard Port Monitor](/troubleshoot/windows-server/printing/standard-port-monitor-for-tcpip).  | [Original announcement: Windows Server 2012](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831568(v=ws.11)#printing) </br> <br> Courtesy reminder: February 2025 |

From 51ec8f308fd32b88f8bcb250675e585c26c4b9ec Mon Sep 17 00:00:00 2001
From: "Vinay Pamnani (from Dev Box)" <vinpa@microsoft.com>
Date: Wed, 30 Apr 2025 09:27:31 -0600
Subject: [PATCH 03/17] Draft for Manage Notepad

---
 images/icons/csp.svg                        | 10 +++++
 images/icons/group-policy.svg               | 14 +++++++
 images/icons/intune.svg                     | 23 +++++++++++
 images/icons/registry.svg                   |  9 +++++
 windows/client-management/manage-notepad.md | 45 +++++++++++++++++++++
 windows/client-management/toc.yml           | 21 ++++++----
 6 files changed, 114 insertions(+), 8 deletions(-)
 create mode 100644 images/icons/csp.svg
 create mode 100644 images/icons/group-policy.svg
 create mode 100644 images/icons/intune.svg
 create mode 100644 images/icons/registry.svg
 create mode 100644 windows/client-management/manage-notepad.md

diff --git a/images/icons/csp.svg b/images/icons/csp.svg
new file mode 100644
index 0000000000..6baa611d0f
--- /dev/null
+++ b/images/icons/csp.svg
@@ -0,0 +1,10 @@
+<svg width="18" height="18" viewBox="0 0 18 18" fill="none" xmlns="http://www.w3.org/2000/svg">
+<g clip-path="url(#clip0_461_479)">
+<path d="M9.01098 0.225006C9.67158 0.23262 10.3296 0.30894 10.9743 0.452742C11.2558 0.515517 11.4663 0.750165 11.4982 1.03677L11.6514 2.41094C11.7208 3.04188 12.2535 3.51976 12.8885 3.52043C13.0593 3.5207 13.2281 3.48515 13.3859 3.41535L14.6464 2.86161C14.9086 2.74644 15.215 2.80923 15.4106 3.01826C16.3216 3.99118 17 5.15804 17.3949 6.43103C17.4801 6.70553 17.3821 7.00383 17.1508 7.17436L16.0334 7.99795C15.7146 8.23213 15.5264 8.60401 15.5264 8.99956C15.5264 9.39502 15.7146 9.7669 16.0341 10.0016L17.1524 10.8255C17.3838 10.9959 17.4819 11.2943 17.3967 11.5689C17.002 12.8417 16.3239 14.0084 15.4135 14.9815C15.218 15.1905 14.9119 15.2535 14.6498 15.1385L13.3841 14.5841C13.0219 14.4256 12.6061 14.4488 12.2639 14.6466C11.9217 14.8443 11.694 15.1931 11.6505 15.5859L11.4983 16.96C11.4669 17.2433 11.261 17.4764 10.9836 17.5424C9.68004 17.8525 8.32185 17.8525 7.01823 17.5424C6.74092 17.4764 6.53495 17.2433 6.50356 16.96L6.35162 15.588C6.30699 15.1959 6.07891 14.8482 5.73698 14.6511C5.39506 14.454 4.97988 14.4309 4.61898 14.5885L3.35301 15.143C3.0908 15.258 2.78463 15.195 2.5891 14.9858C1.67816 14.0117 1.00007 12.8435 0.605881 11.5693C0.520975 11.2949 0.619075 10.9967 0.850366 10.8264L1.96936 10.002C2.28809 9.7678 2.47632 9.39592 2.47632 9.00046C2.47632 8.60491 2.28809 8.23303 1.96894 7.99858L0.850645 7.17557C0.619021 7.00511 0.520831 6.70661 0.606034 6.43193C1.00091 5.15894 1.67935 3.99208 2.59032 3.01916C2.78603 2.81013 3.09235 2.74734 3.35452 2.86251L4.61486 3.41615C4.97751 3.57531 5.39442 3.55127 5.73819 3.35043C6.08048 3.15189 6.30836 2.8028 6.35235 2.40988L6.50542 1.03677C6.53739 0.750021 6.74807 0.515292 7.02972 0.452652C7.67529 0.309084 8.334 0.232791 9.01098 0.225006ZM8.99973 6.29996C7.50852 6.29996 6.29973 7.5088 6.29973 9.00001C6.29973 10.4911 7.50852 11.7 8.99973 11.7C10.4909 11.7 11.6997 10.4911 11.6997 9.00001C11.6997 7.5088 10.4909 6.29996 8.99973 6.29996Z" fill="#0883D9"/>
+</g>
+<defs>
+<clipPath id="clip0_461_479">
+<rect width="18" height="18" fill="white"/>
+</clipPath>
+</defs>
+</svg>
diff --git a/images/icons/group-policy.svg b/images/icons/group-policy.svg
new file mode 100644
index 0000000000..e6ec2d2c2e
--- /dev/null
+++ b/images/icons/group-policy.svg
@@ -0,0 +1,14 @@
+<svg width="18" height="18" viewBox="0 0 18 18" fill="none" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
+<g clip-path="url(#clip0_116_430)">
+<rect width="17.1" height="18" fill="url(#pattern0)"/>
+</g>
+<defs>
+<pattern id="pattern0" patternContentUnits="objectBoundingBox" width="1" height="1">
+<use xlink:href="#image0_116_430" transform="matrix(0.0227273 0 0 0.0222924 -0.0454545 -0.0891697)"/>
+</pattern>
+<clipPath id="clip0_116_430">
+<rect width="18" height="18" fill="white"/>
+</clipPath>
+<image id="image0_116_430" width="47" height="52" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAC8AAAA0CAYAAAAaNmH0AAAACXBIWXMAABYlAAAWJQFJUiTwAAAAB3RJTUUH6AEEFgALC7iL4gAABVhJREFUaAXtWb+LJEUUfruMSzde0CMbzIiBAwZusMEazV4gOMcli4IuCIoayIogmohmF8sGsoEYKfgfCCbeRWKmqaCg4WU3EwzbDQ50sze4fq+660f3dFdV98zurWDBbr+pevXe976qelVdvXV5eUlN5eLiQjTt7Ow0qTzR+u0n6n1N5/+DX5PAzt17Hj2fPju999PJe6+Os2Xqob5hlSVRukyE0TAIaPD80Zb0sOVYsPtff/Xlt5NXDsZ7LwyJYIgok32v/JnBFf+lyyl8xfCf0G9/nNPx21+IAFzM/378xoSGuxEh6KIoQVZczRNEMU3pIqEQKFNEkS3O6WD/WeXPBZ76twIAB2CnprK5ESFbhrADtklP1YwDQjCyWCH9eP97Oro7uXbgRAGmS0zxPKFk+hcl9EiAniYxiOzTwTiHbwU/OTzMWZehXuMzTjKazaeUJo8w12cIJqV4gbo/H9LRmx7g8wV6jYgNVwmmRxzHgvGgx9M2ohCPe6dnKttYmTdsXbvITB+9dgKgJ42+W4PPeNXDcG0RqbS2pbEyirAwmdkOxQEeyYoBGVrJPKbpTK94bueURo85H1eCcgUThPTS/oCiqA68sGoNyYBl1VONUdRHMoAzAYwdSMccaKT0WKiEUmrjH5wMAwTQtbQGHyDvD/B3pYWJcY0aVG7oqdI9ZZi81swn2Cg4B5dKwVK2rK8v6Zo/MP1Gz/U77yWe4DWoPNvgtwkU4IWGMdTV3yZmKQecuQY4fsiKlk9P8NrqYDdoyA5ap40UtEagrbfv2gtpHYfa9fpSa/BigzKmh4TAJ77VoqfbahvXYBRv4QFCupTW4BOc9KZzA1QBWoB/rDO7kGoD0jDDMKS9F3mT0nVtJA/wBlBY5jw/rFtiAJpW6x3gOdfpl5w2sHNdD/CaTe4itvJGprrmjbIP3zBu6CbF8MsjXheQB/Plbgk2qAwvBbx9r/BVnSb4bYPAWWvIeb7jcaM1eAbOO6zKLgZgcTWC06V3eSqkPvaNrpOtNXj7JlVZDEZgtQHBe/2CtY2XttQCfGEQNHVlSrutSn5gq708wcO41IS4cgCrWpW/vZgHFdI293P1kbbxNLsZ1c3iDBtUXGxSat6zOpyuXAc65n8gNimMZO2bVDMG2dIaPM/RfjG10ypL4qJImuZgtFwniTNSawTakn/XAki+SW141q8E6bcG/MAL434GNS9dJX9irODr4CYJpgNf3XIxGPM5iOWdjP/wPsR8D/hkuVLqvJeVrOCFqnxjKjR5k5oiAJLXHEUAwpW4/jAcGMEZtUrkGzBxkatqWHCDlupO8GwK155SnyLeEQVTHsPrAN98qtT+lOMawQHeMFIA4QxRP8w11n2rzCAdiEyTdlXTqMG+aeBK5JLfZg928Kofj8DKGVK1blRQwN3+rOBTLNYIl6o4QwKfMYU2ijY3plYQEOWvlG5/VvDEwDNOLTAks0sX4KYXxaxhqHgBZ9D5zQRYl+nYUKuKPfmJHg3bn3720S93JrfHrLQ3GuFFgW+zur3ZVx3ZfvONhPiYMH+I01Ym0meandu6iDbJyfZb77z+zScfvju+fXigO6FVDachaYXNSMw4f2tN/j4XaTmlZ5znIvYswf9zdvr5B8NdZrpprjXVrxnAEvQAvNi1scb4uJ3EYN3jg4MET7TAR6seho0x1s3LNTHauvOuzZ8oYz578NriNRAMbF1EW+kL+M8/fHw5GuqJ4uy9CQXQx6zj8hlfXPABDTYDgD9+/zv14azJjWYeGvcf/Dq78/LIHXKTtTXqObnECxDX61MaRF6WSsx79bhBSjf40snN0n8a/L87FqtbB9OY7gAAAABJRU5ErkJggg=="/>
+</defs>
+</svg>
diff --git a/images/icons/intune.svg b/images/icons/intune.svg
new file mode 100644
index 0000000000..22148b48fb
--- /dev/null
+++ b/images/icons/intune.svg
@@ -0,0 +1,23 @@
+<svg width="18" height="18" viewBox="0 0 18 18" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M15.1 1.25999H1C0.723858 1.25999 0.5 1.48385 0.5 1.75999V10.82C0.5 11.0961 0.723858 11.32 1 11.32H15.1C15.3761 11.32 15.6 11.0961 15.6 10.82V1.75999C15.6 1.48385 15.3761 1.25999 15.1 1.25999Z" fill="url(#paint0_linear_116_431)"/>
+<path d="M14.48 2.10001H1.62C1.46536 2.10001 1.34 2.22537 1.34 2.38001V10.21C1.34 10.3646 1.46536 10.49 1.62 10.49H14.48C14.6346 10.49 14.76 10.3646 14.76 10.21V2.38001C14.76 2.22537 14.6346 2.10001 14.48 2.10001Z" fill="white"/>
+<path d="M11.08 14.37C9.57999 14.14 9.51999 13.06 9.52999 11.37H6.52999C6.52999 13.11 6.46999 14.19 4.97999 14.37C4.77751 14.4005 4.5923 14.5015 4.45694 14.6552C4.32158 14.8088 4.24476 15.0053 4.23999 15.21H11.78C11.7752 15.0116 11.7034 14.8206 11.5763 14.6681C11.4492 14.5156 11.2743 14.4105 11.08 14.37Z" fill="url(#paint1_linear_116_431)"/>
+<path d="M17.17 5.91H10.29C10.176 5.34884 9.85759 4.85004 9.3966 4.51035C8.9356 4.17065 8.36487 4.0143 7.79512 4.0716C7.22536 4.1289 6.6972 4.39578 6.31308 4.82047C5.92897 5.24515 5.71628 5.79737 5.71628 6.37C5.71628 6.94263 5.92897 7.49485 6.31308 7.91954C6.6972 8.34422 7.22536 8.6111 7.79512 8.66841C8.36487 8.72571 8.9356 8.56935 9.3966 8.22966C9.85759 7.88997 10.176 7.39116 10.29 6.83H11V16.41C11 16.4975 11.0348 16.5815 11.0967 16.6433C11.1586 16.7052 11.2425 16.74 11.33 16.74H17.16C17.2475 16.74 17.3315 16.7052 17.3934 16.6433C17.4552 16.5815 17.49 16.4975 17.49 16.41V6.24C17.4901 6.15419 17.4567 6.07173 17.3969 6.01012C17.3372 5.94852 17.2558 5.9126 17.17 5.91Z" fill="#32BEDD"/>
+<path d="M16.77 6.82001H11.74C11.6737 6.82001 11.62 6.87373 11.62 6.94001V15.4C11.62 15.4663 11.6737 15.52 11.74 15.52H16.77C16.8363 15.52 16.89 15.4663 16.89 15.4V6.94001C16.89 6.87373 16.8363 6.82001 16.77 6.82001Z" fill="white"/>
+<path opacity="0.9" d="M8.05 7.87C8.85633 7.87 9.51 7.21633 9.51 6.41C9.51 5.60366 8.85633 4.95 8.05 4.95C7.24366 4.95 6.59 5.60366 6.59 6.41C6.59 7.21633 7.24366 7.87 8.05 7.87Z" fill="url(#paint2_linear_116_431)"/>
+<path d="M14.88 10.82L13.76 9.7C13.751 9.6919 13.7398 9.68668 13.7279 9.68505C13.7159 9.68341 13.7037 9.68543 13.6929 9.69083C13.6821 9.69623 13.6732 9.70477 13.6673 9.71533C13.6614 9.72589 13.6589 9.73797 13.66 9.75V10.43C13.66 10.4459 13.6537 10.4612 13.6424 10.4724C13.6312 10.4837 13.6159 10.49 13.6 10.49H11V11.32H13.6C13.6159 11.32 13.6312 11.3263 13.6424 11.3376C13.6537 11.3488 13.66 11.3641 13.66 11.38V12.07C13.6655 12.0783 13.6729 12.085 13.6816 12.0897C13.6904 12.0944 13.7001 12.0968 13.71 12.0968C13.7199 12.0968 13.7296 12.0944 13.7384 12.0897C13.7471 12.085 13.7545 12.0783 13.76 12.07L14.88 11C14.8928 10.9887 14.903 10.9749 14.91 10.9594C14.917 10.9439 14.9206 10.927 14.9206 10.91C14.9206 10.893 14.917 10.8761 14.91 10.8606C14.903 10.8451 14.8928 10.8313 14.88 10.82Z" fill="#0078D4"/>
+<defs>
+<linearGradient id="paint0_linear_116_431" x1="8.05" y1="11.32" x2="8.05" y2="1.25999" gradientUnits="userSpaceOnUse">
+<stop stop-color="#0078D4"/>
+<stop offset="0.82" stop-color="#5EA0EF"/>
+</linearGradient>
+<linearGradient id="paint1_linear_116_431" x1="8.04999" y1="15.21" x2="8.04999" y2="11.32" gradientUnits="userSpaceOnUse">
+<stop stop-color="#1490DF"/>
+<stop offset="0.98" stop-color="#1F56A3"/>
+</linearGradient>
+<linearGradient id="paint2_linear_116_431" x1="8.05" y1="7.87" x2="8.05" y2="4.94" gradientUnits="userSpaceOnUse">
+<stop stop-color="#D2EBFF"/>
+<stop offset="1" stop-color="#F0FFFD"/>
+</linearGradient>
+</defs>
+</svg>
diff --git a/images/icons/registry.svg b/images/icons/registry.svg
new file mode 100644
index 0000000000..667bce7438
--- /dev/null
+++ b/images/icons/registry.svg
@@ -0,0 +1,9 @@
+<svg width="18" height="18" viewBox="0 0 18 18" fill="none" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
+<rect width="17" height="18" fill="url(#pattern0)"/>
+<defs>
+<pattern id="pattern0" patternContentUnits="objectBoundingBox" width="1" height="1">
+<use xlink:href="#image0_116_428" transform="matrix(0.00472689 0 0 0.00446429 -0.00105042 0)"/>
+</pattern>
+<image id="image0_116_428" width="212" height="224" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAANQAAADgCAYAAAB7NUijAAAACXBIWXMAABYlAAAWJQFJUiTwAAAAB3RJTUUH6AEDCysOhIuKngAAIABJREFUeAHtnX1wFdd1wI9AEpFkkAwIjAyS+DAgDAiMY3CMzSTOh8eK0wyeNlO5mSadZBLSP9rQmZZk/FfrKcx0Juk/xW2T6R9xzbTpOJPaJiV2sWPAY2KjYiSCEAiDBBbGCCKBEQgBr/estKvz9u2+d/ft3bt39507I727u/fjnHPv7+39eveWZTIZYJdsC3z+jd9nTh7vh7bmGmhbeBe0tdxTlmyNkit9GQOV3MJDyX948lamZ7QcOo6cgb5zlyxlaiunCLDG4WpvbWC4NBYxA6XR2FFk9fRRsJoYY2O3Yd/BEzB8ZSQnG/vNteWh+QxXjnXU3mCg1NpTa2o2THamCNPe/d32pefnqlnToH35DNi2sZHh8rRQuJsMVDj7xRb7O8fvZAZvTcnJv/f0x9B57GzOfa8bjdPLud/lZZgQ9xioEMaLK+qPTt/MvH2t0jf7g4dOwcCFId/nXg+43+VlleD3GKjgNos9hrup5xYI+1N73uwC/CzWcb+rOMsxUMXZLbZYXz+WyYzcKdz9Gbx01RqkUCEo97vkrchAydsq9pD2ELmsIN0nz0P3iQHZ4FLhtj04E7Y/vrAw0VKppS9Qbq82fTqmRiOcbwriWu6bB7UzqoNEKRh2x6HLsLv7I14N4GMpBsrHMKbdLtRv8pP34QcXQ0XFVL/HRd1/Zs/5ouKVQiQGKgGljEPkxYpZXVUJ61qbi43uGW/45h348n8eL1omz0RTcpOBMrwgcYjca74piNgNc+ugaf6sIFEKht195hrsONDPULksxUC5DGLaZb75piCyrl6xQHl/6gdvXwwiQkmEZaAMLmYcIlclHvajHmxtUpWck87qnx5VJqOTaII9DJShhYdD5DLzTUHExxE/fFOpdF2XRuGZX55gqCaMykCprF0K0wo6RC6b9ZKFcwD7VCrdrp6rsOvIAEMljMpAqaxZitIqdohcNnsc9cPRP5Xue29cUJlcYtNioAwrujBD5LKqjPenmmWDS4XDoXTuT/EbSqqy6AqkYohcVtbZs6ZDy9IG2eBS4bA/9YO9p0u66cdvKKmqoieQqiFyWWlxaVK9AEulK/WlSQyUytoUIi2VQ+RBxMD+FC9NCmKx/GEZqPz20fI0iiFyWcFxcKJp+i2A61dkoxQMh/2pR184VpJNPwaqYPWIPkBUQ+Qyko8MD0Hf228CHD8A8Dvxee4YwHD4EbsDA9dLcmkS/x5KptZFGCbqIfJCou/9yb8KfjwAmloBUDsXYPrM8U+8LsJl/mZdSf12ioEqopKoiuK30Yqq9Aul071vH3Tve6tQsPHnFlxigS1+VlbJxRGhcCOYvu+1lgxUDJR01VAbsNBGK2pzy01tsK8P9r3ws9wHMneqZgDUCbAQLvQXcO3LpsOLX11aElAxUAUqQ1SP42zqjd24AXt/+hMYGQq2M5KnLfBtRd9enoEAdn52LpTCRpsMlE8FiPK27EYrUclw8L9+DgM9PeqTz9Pvwm3Khr6/NvVvKQZKfbWSSjGuN1Rf5xHoePllKRlDB6JvLvEmw92TOr+1MtVQ8bB56FpTXAJrq8aKixgiFg6Rd772WogUAkbF4XcchsfheDEs3/W7o7DjjXT/dJ6BClhHVAV/dnFFWfUUvXOf7/z854D9p1icmDiuHe6HbZ9bzm+oWAqgBDJ9YUWZtsqFQ+Se800a7fzili9rzC2erPgNFY/dnVxfWgmRQ4VD5NLzTY5kaj1bHl8DbZ9eEbmuaqUOnhoDFdxmymM0VhS/B3khYbCJd+gVTYMQPsKsWlAPO7/9VOphQvUZKJ9KoPP2j5dNjaw/1SFgUjLfVKRBaqunwc4//XyRsZMXjYEypMyi6E/hEHkk800BbLbty+th48olJfF2QrMwUAEqR9RBH6m5qSwL7UPkHpK3rVkE2zZvKhmY0AQMlEdFiOvW1oWVZar6U7EOkQsDYlPv1W3PlBRMWG8YqLjo8ckX+1M+j6Rv8xC5tKmUB2SglJs0fIJhhtJ5iDy8/cOkwECFsV6EcYtZmsRD5BEWiGTSDJSkoXQHK2ZpEg+R6y6l3PwYqFybGHMnyFA6D5GbUWwMlBnl4CuFTH+Kh8h9zaf9AQOl3eTBMyw0lM5D5MFtGlUMBioqyypMN9/SJB4iV2hoBUkxUAqMqCMJr/4UD5HrsHywPBioYPaKNTRdmsRD5LEWhW/mDJSvacx7QJcm8RC5eeWDEjFQZpaLr1TYn+Ihcl/zxP6AgYq9CIIL8I+rawB/AYs/3IvDleIqclk78zZispYyONyOX7yV2f3+KThw4sPIpcRV5EP/9tehF/BGLmhMGTBQMRk+qmyf33PQgWt4ZFR5Nq/+1dMlsTdEsYZjoIq1XJ54Ow70Z3af/kRs7FgJO5+M79equ9467MDVfyn8+U/YzCyVvSHyFG/eRwxUXvPIP0SIdh2/AnjOrNvhCRRtzTWxwnXgaG9m1zvdVrOw6+xFt4gFr7G/1vkP3+WmXgFLMVAFDJTvcT6I/OKZABfKFqTfZf36duvmktobwq/8Ct1noApZyPW8GIhcSTiXpsBVqN+1/Y8eK7m9IZxCCuhhoCQMphIiv+xMgcvd78Ih8lLcG8KvnArdZ6B8LKQDIp+srVP/4u5zoWzY7yqlLcD8yiPIfQaKWCtOiIgYWV5T3lxZQvGFrwVKHigTIfIrLYbLzzLm3C9JoJIEkV9VSRtcT/33mczQlZEsdXEer3ba1Kx7eNE4vcJqFrsftLXcE/uwfskB9c0Dg5nXeodh4IKC82XdJar7Wpy5BJfOwavfXA9tDyT7UOivHL6d6Tx2FvrOXYrEihsbsk+u37K6DtpbG5QDWB6J9IYk+vy756wVCxvvrYZtGxst482bWwcb6mbD2NhtC6rzHw0lC64JiMRhTwA3r49b+vY6x+Ko8/DNO46+zgODPd85fidTUTEV1rU2Q+2MakCwVLsDAxO2mkgYr7sGRzPbH1+oFKrUvaFsiHafuZZTJnjGa/29s6Fy9kyorqp0nhsPlxdEtvTioOgtm78I/beqwa0z6tu+fIbxcLnPGx68dBXe6ThlfenZakb1iaOpr35N3amKqQAqH0R+BYHfhE3zZ0HDPXVmwlUAIsADoevEH35KOFPh+tHpm5m3r01+udmqDIv+1KEjfYCfUTuVh2knFqhiIPIrGGPgUgyRn74mwfX1Y5nMyB3vVhe2HDqOnNHSJK+tnAIvPjEPwg5sJAoolRD5VTbtcGmCyE/fuOFyN/e85MQ+Ve/pj70eKb+3/ZH6UE1k44HSAZFfqUQGV8wQ+emrG64fnryV6RmVGxfD0T8EC99aUbv2ZdPhxa8WN2pqJFBxQuRXWKHhMhQiP311wCXzdqLyYX/qnUOnYOS6uoPpaPrUj/p3fmuld1uUBnT5jQHKRIhctnIupeFKGESOgi5PFHD985nRzOufTHPlVPgS31D7Dp7QMliB/aqh768NBFWsQCUJIr+i9oMLd3Tt3vdWdjQxxB10dC47gfivVMGFc0+Dt4rfIwgHK6KaBKZWRqiwX7XloflSYMUG1J+8eSHz6vHLWr5pqIEi8eMEq5ho3fyNp53k3UDV39cCNxvuT4e+qKXQefuGOtj2heDNIowetLmHcdwOgUKwdLgtq2qlfnEt1yMMKTG+ifqvjsGq2WKicWK5R6OYA3q8fq7VHh4QqxXQODrmHEKqMhl9AiJc+gPYtLPcJFCTAcd9s+fNgZZHW5KrL6rh0nl40Xpxc+W4ggH+49wTQO7cU4AkrKA4j1g3o8pqAkY9WPF817DY3uBYZv/XV+R9U0UGlF9z7ntvXMi0LayBK2L5j71iYcnCOYB/2Nk0Gi5XhQpaATA8rtBIjL4osAKdMRnqvCZy6fMgfmxyP/7oCmuwIuovZFyutPqnRzP5BiuUAuUHETUQrjPb1XNV3LoKFRX90CDW1s0TqxXw08jKFkGFsu1hpL4oXIQ627qr/EQ7PrZhqTWsHnW/Cjfhqfvx4czOz811WltUl9BAyUBEM6R+fE2jAfAPF0caA1cMFSp2uDTp/P2e26K5l/uTDFovivHbi2urxUac3ScGiklCOg6+FJ7Zc95zcW1RQIWByE/q2OHSVKH89Kf3tcEVg879Y+phorZruW+eWLFeZQ1WRN2v2nHoMoixgQydBJYGKgqIqCGoXxtcMVQoqqeMXzlcMeqMc08AweeeZOxEw2BLp0Y0AXUsrsXuSxfpV+UFSidE1CDUrxyuGCsU1asYf9FwGaLz4RtiHk6Tw8GKyjPvAfT1TeaI84BVMyavqW/6THo16cfwGM/tpgp0JtKy+1U4CZwDlAkQuWW3r4uGy5AKZeuh4rMgXAbqHGYiN6jN8CDvixQmTOD2GMAnPr8I9rsvmfGwCPf8ntGMBZTJEPnpIwuXe4LVL70k33fDtWfn82RuzAzNnjs1Jpp7Ht/0EYnXd6QzopS9k8Xddbc8saGsvPnFMxncXwEraFKdA9cH56C+KgOPPvFoUlUJLTfCNTnRHDo5ZQkcvq4PJhQaD6XT6dpaF1nZlePv+HFHAoTK3l8hUXC5mzZNTUKb0gVKZyUyNa+Bnh4YGdK7CU/7Z1ZY5nD6UDgygn+JgMsNkakly3JZFohq7snPvOdP9Pg9iuR+46wZzplZDlA0JyPhYohoESXKH/XcEzXG2I0b0HdEb3MPz82ynSdQ9kP8jBUuhogWRSL9uuaebOMMaH47Yb7bNm9yFswWBMoWFD+1wMUQUZMn3v/2SPhV5UGM0Pvb3wYJHjosnk5CXSCgaESlcDFE1LSp8vvtaBSFkjj3NHxBbACq0bWtWZyVW9FA0VSKgoshoiZMpV/33FPvb9/Vakd77olmqgQommBeuBgiaqrU+3XPPenuP9lzT7QglQNFE6dw7f33/4DhMyfpY/azBZRZII65Jzq6ZytS/C4ZdgqSn5WZ6Ld+khSFg2mwAG7CoiEbJ4s45p68TnfUBpSjOXtKwgI6F8LGPfdEC5SBotZgvzILVE/R94LSvW4PjUTnnqjRGChqDfYrs8ALK8rKGiv0LLjWvTLCPfdEjcZAUWuwX6kFfrxsatkjNdH2nXHeSffcU/vD4wthvYzFQHlZhe8ps8DWhZVlL60EZ2mOsoQnEtL9dsK5p/ZN/tszM1CqS5jT87QAQhVFv0p3/6n94RZP/eybDJRtCf6M3AKq+1U494QjfDodA6XT2pxXQQtgv2ptldjbQYHr1/yr3FUL6sFr7omqwm8oag32a7HAs4sryr5w12iovPDNhG8ona7Q2wllYaB0lgjn5Vjgu83TrMGKYvtVuvtOKLjf3JOjlPAwUNQa7NduAexXzS6/Ezjf3nf1rizPN/dEhWegqDXYH4sF/mX5lECTwDjvpH0TljxzT9RoDBS1Rkj/nje6rBMgnGNVKqsA6psBlm8EmHdfyNTTHT3IJHDvu3p/lVto7omWTKQ/36AZlYIfz7fqPf2x9Qe3xU+/7/9sKaitTEecBN4qUit0uqGJgxG2EfgNZVsixGfFpz4FFXNxP0DiXPthj4yMap8zIdIo9+K3Nm6fFYXLNwmMgxG65552fvsp6ZUe/IYqskYgRA3LlsG8pcusT0zGc7NQcfYuDF0QO5mKv1fGxuOIeA0iHqaRJIcQ4a9UcR+FfMtvVOiEgxW4n597C7LzmofKce4piGOggliLnOI+VjsXLoptjytuV0PNlRFxJlF11q5QHW8egL6DB8Y3qCd5DJzuh4HLo9Bx4jI0NDc6pzfigWFGOqJz7fx7oba5RsC0RPobO4xO2K/C83jtI0RxExbdzT2vX+Xm04mBymcdfEYqFAiIqKN9pmoYhSfaPuM8rp4qhoLxtIcJVz1nHozMFDvkkONU8I2Gfx0iDG4XYB+NGjtcPjr3X70FeHjz810dmcbp5dYp8O0PNEUKF+1X6YYJiw4PAJgoQqkPBsrLTD4VKiconv6Op8CLZt0IbkBDgAI8PwjTmYCqaflSWPLwI1nNQppe7HAF1Llf6NxVuxrgAVffkSql0I/9qi+99mEmI5pgXWcvKkzZPymZlRHu2AyUbZGAFQohsg53tuOLTzxkwelHDYmT+lZ/wYIN+1AIGL55mubPsv6ywoq3FHXa4Aqp8/DobXAfhYRvrjbRLNz5pPpm4a+3bs77ttj93jHPnwn3X7oC+Od2w2KgyA/OAyc+tPqK7jiFrksbqJAVyjIuSeOV197PtTc2E8Vft2Bm+NCprGZdLHARed1N2Czhyds364uDxH/+4hyAN8WXBXHuZmFUcJEsHW/bp1fkBc4JGKGn9IAiFaKoCoWFIZuGq+DyvXkihUtWXgmI8trMpW+ccLlE0XaZOqAuXvoE9u7vtppVDffUjRsybIXCVGTTkCy6yOGSlVcxRH7qlwpcZZu7Mp7tTj/DFHt//ws/yz3ztNjE8sW7axbAfeudEBViP8Cxsjwb1vtVKExBtlI6uYX3+I325etz0VwxvrWDqmtEkoaxTjicGEzxa84FeRNlpR3wIso+V0BRlAQv+8vjt3Imz5Sk7EpEB1A4UTp29wKAewqsmzMMIpepnMuwcDkJocdP5xi+NLLkIhdpgKssQ15QXjPTRN9Q3qiAcq9Y8P0m96tQqJVBlcrPyEXB5adzAvRNKlwOUDsO9Gd2Hb8Cp0YygH0P7CTj7L8qpxQoV4XIV9k6D7wDfe8dzBniTgJEfrbPpy/2zTp2/2p8uB7nxmznspl9OwmfSYKrbMOLPZmDZ6962hVPFFcFV2igJCvEknunw+o1Sx19uvftg+59bznXgH2sOc3WUPbkzeT6EK4lC+fA7FnTHSV+8dzfOf6KmrtgbO6y1OiLcG25/y7Ytmlx7EPkjpGJp7xh9VJ4vHkE+s5dgoGPhgCX09gua2mNQrjs9At+SkJE+wfDl8XcCAHKnUfLAyuhYc2Dnvq6wxp9PXE00MDxc1A7shZmP/aYp7h1s2fBhj/80uSEs2sS2TOSiTcn9O0X+u7+aDoCZaKUYA2bY9Nu9Qr8WwD447hY4SoCoqyRKgkzy+grkYz+IBOVylruhP0jSSe7QkMyOX3BfPWdfBvrE0Yup5x5KJnKpvzNpQEiP3PI6OsXV8t930pVXO7Gw6VY3+KsVHysHKBoUjKVrWi4YoSI6kj9MvrS8JH5NVUqY+DSpG9k5UUSzgsUCWeN+IVuFhoIEdWR+rXDFXOl0g5XzPrSslbplwaKZipT2dxvrrEZzWL19f00mWy/35xJdqhYrmT0LUowQytVZHAZqm9RZecTqSigaFoylQ3hgvIaGm3cbzBEucKO35HR1y+udT9hlSo0XAnTN2/ZSTwMDRTNQ6qyJRAiqiP1S+mLEVJSqaThSom+tKxl/UqBopm6K9s7/7MXRvrEXtRo7BQ6t7449WDtboqLUAMMcSfFNF5wdfz6dWtDmjTqK1suWrYRw8pWc/P3qYXJbexxuMQi3XPHUgmTW18bLjh/siT0detPr7UARTNkP1sgzRZgoNJcuqybdgswUNpNzhmm2QIMVJpLl3XTbgEGSrvJOcM0W4CBSnPpsm7aLcBAaTc5Z5hmCzBQaS5d1k27BRgo7SbnDNNsAQYqzaXLumm3AAOl3eScYZotwECluXRZN+0WYKC0m5wzTLMFGKg0ly7rpt0CDJR2k3OGabYAA5Xm0mXdtFuAgdJucs4wzRZgoNJcuqybdgswUNpNzhmm2QIMVJpLl3XTbgEGSrvJOcM0W4CBSnPpsm7aLZA6oIauXIfOY2etY3myrFlZBVDfDDDz3qzbabjAI4is3XndyqDO+Q6vdofn69AWiGyjy9CSFZkAnrHbe/pj6w9PYKwYFd8ZyzcCVM0YT3GaumNOixRReTQ8BnTgjS7rQAc8ytX64pg1f1xncrKh8ow5wRwLpA4omDqp0vi3tviWrhJ/JeDwTdV5bARg/ooS0NZMFctfWgnWWaXPnRrLHL5eYaaUBaSqrquDhqXLoKm1Fa7BNDgvjjbFb218W2W54QvQ/XonDL9fA/OWLbPi4CnySXQod4PQYfaiJTB4q9pbX6HYxQ96Yc/x96Chod6yT+3cuUlUF2qrp0Fb6yJoW7MY2jetNfJ8XTSs83X+7OKKsm/sPpX5zdBUmCdOgcfDkI12E/2D6vmLoaVVwCHkxS2Ba4XQ6F8nPhGqU8d64WJ31/ip6LfHLJUGLotnPT3QIdJoeOgxmLdksRPfaJ0nzteqFxCt27QesEmLrkn82fril0nf78QW0EMXHJ3FOwt6z30Ave93QnWTsNWqNYBNQ9wy2mg3oW/jgvmw/cn7ob21wViQbDuWbdl9MrP7zDXov3rLvmd9YuXEiqkKrtCnwKNUdifb7h9kSTwOUuOCWZbc9qOcU+DzpEH1Rf3DOnoae9Fp5TmkDoFAMBrEF6ANF+aTlS/Gx4EYD5thHIyrCq6sfItVOJ++lVOgbWENtC+bAW0t9xgJV/np+kaouz0Ew+K0CGyD2w6bS3iCBP6phsvOQ+ozDwBZ8UVzbqCvE8ZOiKZQ+x9nPaIX2CysXdpq6UX1xTBW51681TqEXzVcVIaC/jyVisYdvvCR6DMdgrHW5dCy4dP0keOvn98Ai7/4lGcz2H0onkq4HAFkPLL6Dg/Brr1Hof9oObQ961/GMllGFaYcv6WWLJxj/aGBB7DJEDdcASCiTRvLSNOxAQTWMLKly4joIzWtdppA1VXTCuqL8bXDJVmprKNi8Igc8QXiHA10s8nqL6LM2OSzRjXtMEIX/HLAP9osxLC0j6kdrjD63m3u1IfTh8JKFCtcYSBC4dGJNK5V3g1793eTt61ous0UQ8j4J/pQg1BlwYIVTEZfTDYyuMJUKhRsIn7f1XLofu19vDPucIoAR/rE31DmpjWFYDcLY4UrrL62fgZ/lm3uymQKyef35qLxCjULPftQiiCyJi89+ghUPrc/n7wy+mJ6WDntPqZXn8uzTxG2UsnGdyssrv36XBjUfru531w0mUJ9rkj0pQJM+DcuvRf2/+2fGdmHkgKK6iRT2bwqqwNUjBBRPajfS177uYy+GNYLLqeCyULgd1yqbHxbaInPKOBSpm8B+VMFFNVVprLZlfXiyeMwIuaInBULNCHbj/0CMtxr37Y+ZUHMihT8wpbXfvPQFGT0xfA2XB0vvwxQJ+Z98i3/0QgR1YX6VcHV+5v/LV5fKlABf2qBonrLVjYax/IbAFGOTBM3VMDlmbYBEHnKJW6GhcszXT99PQMXvlkSQFEzFITLYIioHtQfGi6/ShVBc47KHcYfCi4/fcMINBG35ICiNrPh6v6/ozB2oc+ZvadhCk3YZoU14EIaLjFPBPbw9c3rk5IbDNGkkNk+Gbj6jp8UTXahMx3Sz05GyVVJA2Vb0BmUsG9o6hPZ2UX1mQ8up5OOmScQIj+b+cGVpa9fZAX3TQYqtt9DtXz+CWja8ChUzLhbgYnjS8JaUXLyNBz85SsweO5DX0FwUeq6r3zFWpDrGyghD4YHL0HnW/uhY/evEiKxPjGzJnb1ZSt+siN+pzO7qSnv7L1OeQLn5dVHuH0re8UCWaFRKdYG4po5/EMI6bxP4LzjiIBNVmzKYRMWdUcnyo9dtgViA4qKITN7T8PH5veCCIWZaM4d6R2E4aODk+KRFRrXYNRZoYHNxETA5QXRpHbs87CAEUBRuYyDqwBEdJ5p+AbVhPgFcCNQAQcPncpZaGwcXAwRKbjgXuOAoirEBlcAiKi8Mv58q/hjg4shkik6qTBGA0U1iByuCCGielB/rHAxRLQolPkTAxTVWBlcMUBE9aB+LXAxRNTkkfgTCRS1RGC4DIKI6kH9SuFiiKhpI/cnHihqIV+4rvw+sSsWioLr7PncIW5qKPZHZoFUAUWtZMPV1NcH+154ZfJRglcsyML1iz27JvVNoa/gD/hi1Dm1QPnZtOmBdVCxYLn1U39cZ5hUZ8H1wTnoO9wBLcsbffeUSKp++eU2F6mSAwr3lGhZsQBWiz/cpAX3z8C9JxIDl1efaFF9/vqXsqeZO+YqVHJA0aLARZ6rV+Cf4XB5QUQVYb8xFihpoGgpGAcXQ0SLJzF+BsqjqGKDiyHyKI3cWxmD23wMVG55Zd2JHC6GKMveSb9goAKUoDK4GKIAVs8NWnjju9w4uu4wUEVaOjBcDFGRlvaKxsPmXlZJzT1fuIaHecVCJKVs5B6Xlqb8hlJc4DZcDTV3xAqNXypOnZMz3QKx7SlhumFYPnMtkAFzZ3YZKHPrDUvmZwFzu1DAQPkVGt831gImj/IxUMZWGxYsiRZgoJJYaiUuc5nBtdY6Bf5Hp29aJ8CP3DF3OLLE6xCrLyywYOZ0eLJ1IXztoWXG2sMaNt+6sNIhieEytqxKUrDGWeKA6jWLoP3hFti4colTT001Rs48FMNlalGVjlxJg4iWTA5Q9CHDRa3B/igtkGSIqF3yAkUDMlzUGuxXYYG0QERtIQ0UjcRwUWuwP4gF0ggR1b8ooGgCDBe1Bvu9LJB2iKjOoYGiicnCtWpBPSwQx9mQM/1oMuxPiAWqpvivASoliGhxKQWKJuyG62bjbHhkfRNs27zJGvr84clbmZ5RGoP9SbNAY8VteGklWOX53KmxzKGEDXFHYe/IgKLCIlxb//xJeov9KbPAs4sryp79p79ImVbB1YltEcff31detrZqLLjEHCN2C9RWT7MmWrc9tSF2WUwTQMsbyk9p/Fazn2GT4fD1CvuSPw2zAELU1rpIrFpYDO2b1jrlZpiYsYsTK1BUe4aLWsMMP0MUvByMAYqKznBRa+j1M0Th7G0kUFQlhotaIxo/Q6TOrsYDRVVluKg1wvkZonD284udKKCoEgwXtYacnyGSs1OYUIkFiirNcFFrZPsZomx7RH2VCqCokdxwvS4eupfBPH0U/NfM0MQS4v+D2huwXaxY+Oczo5nDNyqAIYqv4MoyJm8hE5FddAA1aB1F+rOINMhOdttT62H7M1/kuaFss8RyFdtKiVj7hpudAAAAjUlEQVS0ncg0LSs08E2EPw3HCVd2ZlggdU0+GbO6m4VJWqHBzTmZEo4vTEkCRc2dBLgYIlpiZvtLHihaPCbBxRDRkkmOn4HyKas44GKIfAojQbcZKInCihIuhkiiABIUhIEKWFgq4GKIAho9QcEZqBCFFQQuhiiEoRMUlYFSVFhuuHCFBkOkyLgJSub/Ach9DcBKdZhLAAAAAElFTkSuQmCC"/>
+</defs>
+</svg>
diff --git a/windows/client-management/manage-notepad.md b/windows/client-management/manage-notepad.md
new file mode 100644
index 0000000000..559a696e9a
--- /dev/null
+++ b/windows/client-management/manage-notepad.md
@@ -0,0 +1,45 @@
+---
+title: Manage AI features in Notepad
+description: Learn how to manage AI features in Notepad using Microsoft Intune and Group Policy.
+ms.topic: how-to
+ms.subservice: windows-copilot
+ms.date: 04/30/2025
+ms.author: vinpa
+author: vinaypamnani-msft
+---
+
+# Manage AI features in Notepad
+
+> **Looking for consumer information?** See [Enhance Your Writing with AI in Notepad](https://support.microsoft.com/topic/4088b954-c97b-46dc-813f-959be01746d5).
+
+Notepad in Windows includes AI features powered by Copilot that help refine and shorten text with the assistance of GPT. By default, these AI features are enabled on managed devices. IT admins can choose if they want to allow these features to be used in their organizations.
+
+This article provides information about managing AI features for Notepad in a commercial environment.
+
+## Configure policies for Notepad
+
+To configure Notepad policies, you can use:
+
+- Microsoft Intune
+- CSP
+- Group policy
+- Registry
+
+The following instructions provide details how to configure your devices. Select the option that best suits your needs.
+
+#### [:::image type="icon" source="../../images/icons/intune.svg"::: **Intune**](#tab/intune)
+
+TODO
+
+#### [:::image type="icon" source="../../images/icons/csp.svg"::: **CSP**](#tab/csp)
+
+TODO
+
+
+#### [:::image type="icon" source="../../images/icons/group-policy.svg" border="false"::: **GPO**](#tab/gpo)
+
+TODO
+
+#### [:::image type="icon" source="../../images/icons/registry.svg" border="false"::: **Registry**](#tab/reg)
+
+TODO
\ No newline at end of file
diff --git a/windows/client-management/toc.yml b/windows/client-management/toc.yml
index 149a74c64d..c6427b24a0 100644
--- a/windows/client-management/toc.yml
+++ b/windows/client-management/toc.yml
@@ -48,20 +48,25 @@ items:
                 href: enterprise-app-management.md
               - name: Manage updates
                 href: device-update-management.md
-              - name: Updated Windows and Microsoft 365 Copilot Chat experience
-                href: manage-windows-copilot.md
-              - name: Manage Click to Do
-                href: manage-click-to-do.md                
-              - name: Manage Recall
-                href: manage-recall.md
-              - name: Reference for sensitive information filtering in Recall
-                href: recall-sensitive-information-filtering.md                                 
               - name: Secured-Core PC Configuration Lock
                 href: config-lock.md
               - name: Certificate renewal
                 href: certificate-renewal-windows-mdm.md
               - name: eSIM management
                 href: esim-enterprise-management.md
+          - name: Manage Windows AI
+            expanded: false
+            items:
+              - name: Manage Click to Do
+                href: manage-click-to-do.md
+              - name: Manage Recall
+                href: manage-recall.md
+              - name: Reference for sensitive information filtering in Recall
+                href: recall-sensitive-information-filtering.md
+              - name: Manage Notepad
+                href: manage-notepad.md
+              - name: Updated Windows and Microsoft 365 Copilot Chat experience
+                href: manage-windows-copilot.md
           - name: Diagnose MDM failures
             expanded: false
             items:

From a1c9af5ad35c646c650024db9d9d5b11fb6a2df6 Mon Sep 17 00:00:00 2001
From: "Vinay Pamnani (from Dev Box)" <vinpa@microsoft.com>
Date: Wed, 30 Apr 2025 10:40:00 -0600
Subject: [PATCH 04/17] Update

---
 images/icons/group-policy.svg                 | 14 ----
 images/icons/intune.svg                       | 23 ------
 .../client-management/images}/icons/csp.svg   |  0
 .../images/icons/group-policy.svg             | 17 ++++-
 .../images}/icons/registry.svg                |  0
 windows/client-management/manage-notepad.md   | 70 +++++++++++++++----
 windows/client-management/toc.yml             |  2 +-
 7 files changed, 72 insertions(+), 54 deletions(-)
 delete mode 100644 images/icons/group-policy.svg
 delete mode 100644 images/icons/intune.svg
 rename {images => windows/client-management/images}/icons/csp.svg (100%)
 rename {images => windows/client-management/images}/icons/registry.svg (100%)

diff --git a/images/icons/group-policy.svg b/images/icons/group-policy.svg
deleted file mode 100644
index e6ec2d2c2e..0000000000
--- a/images/icons/group-policy.svg
+++ /dev/null
@@ -1,14 +0,0 @@
-<svg width="18" height="18" viewBox="0 0 18 18" fill="none" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
-<g clip-path="url(#clip0_116_430)">
-<rect width="17.1" height="18" fill="url(#pattern0)"/>
-</g>
-<defs>
-<pattern id="pattern0" patternContentUnits="objectBoundingBox" width="1" height="1">
-<use xlink:href="#image0_116_430" transform="matrix(0.0227273 0 0 0.0222924 -0.0454545 -0.0891697)"/>
-</pattern>
-<clipPath id="clip0_116_430">
-<rect width="18" height="18" fill="white"/>
-</clipPath>
-<image id="image0_116_430" width="47" height="52" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAC8AAAA0CAYAAAAaNmH0AAAACXBIWXMAABYlAAAWJQFJUiTwAAAAB3RJTUUH6AEEFgALC7iL4gAABVhJREFUaAXtWb+LJEUUfruMSzde0CMbzIiBAwZusMEazV4gOMcli4IuCIoayIogmohmF8sGsoEYKfgfCCbeRWKmqaCg4WU3EwzbDQ50sze4fq+660f3dFdV98zurWDBbr+pevXe976qelVdvXV5eUlN5eLiQjTt7Ow0qTzR+u0n6n1N5/+DX5PAzt17Hj2fPju999PJe6+Os2Xqob5hlSVRukyE0TAIaPD80Zb0sOVYsPtff/Xlt5NXDsZ7LwyJYIgok32v/JnBFf+lyyl8xfCf0G9/nNPx21+IAFzM/378xoSGuxEh6KIoQVZczRNEMU3pIqEQKFNEkS3O6WD/WeXPBZ76twIAB2CnprK5ESFbhrADtklP1YwDQjCyWCH9eP97Oro7uXbgRAGmS0zxPKFk+hcl9EiAniYxiOzTwTiHbwU/OTzMWZehXuMzTjKazaeUJo8w12cIJqV4gbo/H9LRmx7g8wV6jYgNVwmmRxzHgvGgx9M2ohCPe6dnKttYmTdsXbvITB+9dgKgJ42+W4PPeNXDcG0RqbS2pbEyirAwmdkOxQEeyYoBGVrJPKbpTK94bueURo85H1eCcgUThPTS/oCiqA68sGoNyYBl1VONUdRHMoAzAYwdSMccaKT0WKiEUmrjH5wMAwTQtbQGHyDvD/B3pYWJcY0aVG7oqdI9ZZi81swn2Cg4B5dKwVK2rK8v6Zo/MP1Gz/U77yWe4DWoPNvgtwkU4IWGMdTV3yZmKQecuQY4fsiKlk9P8NrqYDdoyA5ap40UtEagrbfv2gtpHYfa9fpSa/BigzKmh4TAJ77VoqfbahvXYBRv4QFCupTW4BOc9KZzA1QBWoB/rDO7kGoD0jDDMKS9F3mT0nVtJA/wBlBY5jw/rFtiAJpW6x3gOdfpl5w2sHNdD/CaTe4itvJGprrmjbIP3zBu6CbF8MsjXheQB/Plbgk2qAwvBbx9r/BVnSb4bYPAWWvIeb7jcaM1eAbOO6zKLgZgcTWC06V3eSqkPvaNrpOtNXj7JlVZDEZgtQHBe/2CtY2XttQCfGEQNHVlSrutSn5gq708wcO41IS4cgCrWpW/vZgHFdI293P1kbbxNLsZ1c3iDBtUXGxSat6zOpyuXAc65n8gNimMZO2bVDMG2dIaPM/RfjG10ypL4qJImuZgtFwniTNSawTakn/XAki+SW141q8E6bcG/MAL434GNS9dJX9irODr4CYJpgNf3XIxGPM5iOWdjP/wPsR8D/hkuVLqvJeVrOCFqnxjKjR5k5oiAJLXHEUAwpW4/jAcGMEZtUrkGzBxkatqWHCDlupO8GwK155SnyLeEQVTHsPrAN98qtT+lOMawQHeMFIA4QxRP8w11n2rzCAdiEyTdlXTqMG+aeBK5JLfZg928Kofj8DKGVK1blRQwN3+rOBTLNYIl6o4QwKfMYU2ijY3plYQEOWvlG5/VvDEwDNOLTAks0sX4KYXxaxhqHgBZ9D5zQRYl+nYUKuKPfmJHg3bn3720S93JrfHrLQ3GuFFgW+zur3ZVx3ZfvONhPiYMH+I01Ym0meandu6iDbJyfZb77z+zScfvju+fXigO6FVDachaYXNSMw4f2tN/j4XaTmlZ5znIvYswf9zdvr5B8NdZrpprjXVrxnAEvQAvNi1scb4uJ3EYN3jg4MET7TAR6seho0x1s3LNTHauvOuzZ8oYz578NriNRAMbF1EW+kL+M8/fHw5GuqJ4uy9CQXQx6zj8hlfXPABDTYDgD9+/zv14azJjWYeGvcf/Dq78/LIHXKTtTXqObnECxDX61MaRF6WSsx79bhBSjf40snN0n8a/L87FqtbB9OY7gAAAABJRU5ErkJggg=="/>
-</defs>
-</svg>
diff --git a/images/icons/intune.svg b/images/icons/intune.svg
deleted file mode 100644
index 22148b48fb..0000000000
--- a/images/icons/intune.svg
+++ /dev/null
@@ -1,23 +0,0 @@
-<svg width="18" height="18" viewBox="0 0 18 18" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M15.1 1.25999H1C0.723858 1.25999 0.5 1.48385 0.5 1.75999V10.82C0.5 11.0961 0.723858 11.32 1 11.32H15.1C15.3761 11.32 15.6 11.0961 15.6 10.82V1.75999C15.6 1.48385 15.3761 1.25999 15.1 1.25999Z" fill="url(#paint0_linear_116_431)"/>
-<path d="M14.48 2.10001H1.62C1.46536 2.10001 1.34 2.22537 1.34 2.38001V10.21C1.34 10.3646 1.46536 10.49 1.62 10.49H14.48C14.6346 10.49 14.76 10.3646 14.76 10.21V2.38001C14.76 2.22537 14.6346 2.10001 14.48 2.10001Z" fill="white"/>
-<path d="M11.08 14.37C9.57999 14.14 9.51999 13.06 9.52999 11.37H6.52999C6.52999 13.11 6.46999 14.19 4.97999 14.37C4.77751 14.4005 4.5923 14.5015 4.45694 14.6552C4.32158 14.8088 4.24476 15.0053 4.23999 15.21H11.78C11.7752 15.0116 11.7034 14.8206 11.5763 14.6681C11.4492 14.5156 11.2743 14.4105 11.08 14.37Z" fill="url(#paint1_linear_116_431)"/>
-<path d="M17.17 5.91H10.29C10.176 5.34884 9.85759 4.85004 9.3966 4.51035C8.9356 4.17065 8.36487 4.0143 7.79512 4.0716C7.22536 4.1289 6.6972 4.39578 6.31308 4.82047C5.92897 5.24515 5.71628 5.79737 5.71628 6.37C5.71628 6.94263 5.92897 7.49485 6.31308 7.91954C6.6972 8.34422 7.22536 8.6111 7.79512 8.66841C8.36487 8.72571 8.9356 8.56935 9.3966 8.22966C9.85759 7.88997 10.176 7.39116 10.29 6.83H11V16.41C11 16.4975 11.0348 16.5815 11.0967 16.6433C11.1586 16.7052 11.2425 16.74 11.33 16.74H17.16C17.2475 16.74 17.3315 16.7052 17.3934 16.6433C17.4552 16.5815 17.49 16.4975 17.49 16.41V6.24C17.4901 6.15419 17.4567 6.07173 17.3969 6.01012C17.3372 5.94852 17.2558 5.9126 17.17 5.91Z" fill="#32BEDD"/>
-<path d="M16.77 6.82001H11.74C11.6737 6.82001 11.62 6.87373 11.62 6.94001V15.4C11.62 15.4663 11.6737 15.52 11.74 15.52H16.77C16.8363 15.52 16.89 15.4663 16.89 15.4V6.94001C16.89 6.87373 16.8363 6.82001 16.77 6.82001Z" fill="white"/>
-<path opacity="0.9" d="M8.05 7.87C8.85633 7.87 9.51 7.21633 9.51 6.41C9.51 5.60366 8.85633 4.95 8.05 4.95C7.24366 4.95 6.59 5.60366 6.59 6.41C6.59 7.21633 7.24366 7.87 8.05 7.87Z" fill="url(#paint2_linear_116_431)"/>
-<path d="M14.88 10.82L13.76 9.7C13.751 9.6919 13.7398 9.68668 13.7279 9.68505C13.7159 9.68341 13.7037 9.68543 13.6929 9.69083C13.6821 9.69623 13.6732 9.70477 13.6673 9.71533C13.6614 9.72589 13.6589 9.73797 13.66 9.75V10.43C13.66 10.4459 13.6537 10.4612 13.6424 10.4724C13.6312 10.4837 13.6159 10.49 13.6 10.49H11V11.32H13.6C13.6159 11.32 13.6312 11.3263 13.6424 11.3376C13.6537 11.3488 13.66 11.3641 13.66 11.38V12.07C13.6655 12.0783 13.6729 12.085 13.6816 12.0897C13.6904 12.0944 13.7001 12.0968 13.71 12.0968C13.7199 12.0968 13.7296 12.0944 13.7384 12.0897C13.7471 12.085 13.7545 12.0783 13.76 12.07L14.88 11C14.8928 10.9887 14.903 10.9749 14.91 10.9594C14.917 10.9439 14.9206 10.927 14.9206 10.91C14.9206 10.893 14.917 10.8761 14.91 10.8606C14.903 10.8451 14.8928 10.8313 14.88 10.82Z" fill="#0078D4"/>
-<defs>
-<linearGradient id="paint0_linear_116_431" x1="8.05" y1="11.32" x2="8.05" y2="1.25999" gradientUnits="userSpaceOnUse">
-<stop stop-color="#0078D4"/>
-<stop offset="0.82" stop-color="#5EA0EF"/>
-</linearGradient>
-<linearGradient id="paint1_linear_116_431" x1="8.04999" y1="15.21" x2="8.04999" y2="11.32" gradientUnits="userSpaceOnUse">
-<stop stop-color="#1490DF"/>
-<stop offset="0.98" stop-color="#1F56A3"/>
-</linearGradient>
-<linearGradient id="paint2_linear_116_431" x1="8.05" y1="7.87" x2="8.05" y2="4.94" gradientUnits="userSpaceOnUse">
-<stop stop-color="#D2EBFF"/>
-<stop offset="1" stop-color="#F0FFFD"/>
-</linearGradient>
-</defs>
-</svg>
diff --git a/images/icons/csp.svg b/windows/client-management/images/icons/csp.svg
similarity index 100%
rename from images/icons/csp.svg
rename to windows/client-management/images/icons/csp.svg
diff --git a/windows/client-management/images/icons/group-policy.svg b/windows/client-management/images/icons/group-policy.svg
index ace95add6b..e6ec2d2c2e 100644
--- a/windows/client-management/images/icons/group-policy.svg
+++ b/windows/client-management/images/icons/group-policy.svg
@@ -1,3 +1,14 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 2048 2048">
-  <path d="M1792 0q53 0 99 20t82 55 55 81 20 100q0 53-20 99t-55 82-81 55-100 20h-128v1280q0 53-20 99t-55 82-81 55-100 20H256q-53 0-99-20t-82-55-55-81-20-100q0-53 20-99t55-82 81-55 100-20V256q0-53 20-99t55-82 81-55T512 0h1280zM128 1792q0 27 10 50t27 40 41 28 50 10h930q-34-60-34-128t34-128H256q-27 0-50 10t-40 27-28 41-10 50zm1280 128q27 0 50-10t40-27 28-41 10-50V256q0-68 34-128H512q-27 0-50 10t-40 27-28 41-10 50v1280h1024q26 0 45 19t19 45q0 26-19 45t-45 19q-25 0-49 9t-42 28q-18 18-27 42t-10 49q0 27 10 50t27 40 41 28 50 10zm384-1536q27 0 50-10t40-27 28-41 10-50q0-27-10-50t-27-40-41-28-50-10q-27 0-50 10t-40 27-28 41-10 50v128h128zm-1280 0h896v128H512V384zm0 256h256v128H512V640zm0 256h256v128H512V896zm0 256h256v128H512v-128zm640-512q53 0 99 20t82 55 55 81 20 100q0 17-4 33t-4 31v539l-248-124-248 124V960q0-14-4-30t-4-34q0-53 20-99t55-82 81-55 100-20zm0 128q-27 0-50 10t-40 27-28 41-10 50q0 27 10 50t27 40 41 28 50 10q27 0 50-10t40-27 28-41 10-50q0-27-10-50t-27-40-41-28-50-10zm136 549v-204q-30 20-65 29t-71 10q-36 0-71-9t-65-30v204l136-68 136 68z" fill="#0078D4" />
-</svg>
\ No newline at end of file
+<svg width="18" height="18" viewBox="0 0 18 18" fill="none" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
+<g clip-path="url(#clip0_116_430)">
+<rect width="17.1" height="18" fill="url(#pattern0)"/>
+</g>
+<defs>
+<pattern id="pattern0" patternContentUnits="objectBoundingBox" width="1" height="1">
+<use xlink:href="#image0_116_430" transform="matrix(0.0227273 0 0 0.0222924 -0.0454545 -0.0891697)"/>
+</pattern>
+<clipPath id="clip0_116_430">
+<rect width="18" height="18" fill="white"/>
+</clipPath>
+<image id="image0_116_430" width="47" height="52" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAC8AAAA0CAYAAAAaNmH0AAAACXBIWXMAABYlAAAWJQFJUiTwAAAAB3RJTUUH6AEEFgALC7iL4gAABVhJREFUaAXtWb+LJEUUfruMSzde0CMbzIiBAwZusMEazV4gOMcli4IuCIoayIogmohmF8sGsoEYKfgfCCbeRWKmqaCg4WU3EwzbDQ50sze4fq+660f3dFdV98zurWDBbr+pevXe976qelVdvXV5eUlN5eLiQjTt7Ow0qTzR+u0n6n1N5/+DX5PAzt17Hj2fPju999PJe6+Os2Xqob5hlSVRukyE0TAIaPD80Zb0sOVYsPtff/Xlt5NXDsZ7LwyJYIgok32v/JnBFf+lyyl8xfCf0G9/nNPx21+IAFzM/378xoSGuxEh6KIoQVZczRNEMU3pIqEQKFNEkS3O6WD/WeXPBZ76twIAB2CnprK5ESFbhrADtklP1YwDQjCyWCH9eP97Oro7uXbgRAGmS0zxPKFk+hcl9EiAniYxiOzTwTiHbwU/OTzMWZehXuMzTjKazaeUJo8w12cIJqV4gbo/H9LRmx7g8wV6jYgNVwmmRxzHgvGgx9M2ohCPe6dnKttYmTdsXbvITB+9dgKgJ42+W4PPeNXDcG0RqbS2pbEyirAwmdkOxQEeyYoBGVrJPKbpTK94bueURo85H1eCcgUThPTS/oCiqA68sGoNyYBl1VONUdRHMoAzAYwdSMccaKT0WKiEUmrjH5wMAwTQtbQGHyDvD/B3pYWJcY0aVG7oqdI9ZZi81swn2Cg4B5dKwVK2rK8v6Zo/MP1Gz/U77yWe4DWoPNvgtwkU4IWGMdTV3yZmKQecuQY4fsiKlk9P8NrqYDdoyA5ap40UtEagrbfv2gtpHYfa9fpSa/BigzKmh4TAJ77VoqfbahvXYBRv4QFCupTW4BOc9KZzA1QBWoB/rDO7kGoD0jDDMKS9F3mT0nVtJA/wBlBY5jw/rFtiAJpW6x3gOdfpl5w2sHNdD/CaTe4itvJGprrmjbIP3zBu6CbF8MsjXheQB/Plbgk2qAwvBbx9r/BVnSb4bYPAWWvIeb7jcaM1eAbOO6zKLgZgcTWC06V3eSqkPvaNrpOtNXj7JlVZDEZgtQHBe/2CtY2XttQCfGEQNHVlSrutSn5gq708wcO41IS4cgCrWpW/vZgHFdI293P1kbbxNLsZ1c3iDBtUXGxSat6zOpyuXAc65n8gNimMZO2bVDMG2dIaPM/RfjG10ypL4qJImuZgtFwniTNSawTakn/XAki+SW141q8E6bcG/MAL434GNS9dJX9irODr4CYJpgNf3XIxGPM5iOWdjP/wPsR8D/hkuVLqvJeVrOCFqnxjKjR5k5oiAJLXHEUAwpW4/jAcGMEZtUrkGzBxkatqWHCDlupO8GwK155SnyLeEQVTHsPrAN98qtT+lOMawQHeMFIA4QxRP8w11n2rzCAdiEyTdlXTqMG+aeBK5JLfZg928Kofj8DKGVK1blRQwN3+rOBTLNYIl6o4QwKfMYU2ijY3plYQEOWvlG5/VvDEwDNOLTAks0sX4KYXxaxhqHgBZ9D5zQRYl+nYUKuKPfmJHg3bn3720S93JrfHrLQ3GuFFgW+zur3ZVx3ZfvONhPiYMH+I01Ym0meandu6iDbJyfZb77z+zScfvju+fXigO6FVDachaYXNSMw4f2tN/j4XaTmlZ5znIvYswf9zdvr5B8NdZrpprjXVrxnAEvQAvNi1scb4uJ3EYN3jg4MET7TAR6seho0x1s3LNTHauvOuzZ8oYz578NriNRAMbF1EW+kL+M8/fHw5GuqJ4uy9CQXQx6zj8hlfXPABDTYDgD9+/zv14azJjWYeGvcf/Dq78/LIHXKTtTXqObnECxDX61MaRF6WSsx79bhBSjf40snN0n8a/L87FqtbB9OY7gAAAABJRU5ErkJggg=="/>
+</defs>
+</svg>
diff --git a/images/icons/registry.svg b/windows/client-management/images/icons/registry.svg
similarity index 100%
rename from images/icons/registry.svg
rename to windows/client-management/images/icons/registry.svg
diff --git a/windows/client-management/manage-notepad.md b/windows/client-management/manage-notepad.md
index 559a696e9a..3c2d589a29 100644
--- a/windows/client-management/manage-notepad.md
+++ b/windows/client-management/manage-notepad.md
@@ -16,30 +16,74 @@ Notepad in Windows includes AI features powered by Copilot that help refine and
 
 This article provides information about managing AI features for Notepad in a commercial environment.
 
-## Configure policies for Notepad
+## Download the Notepad administrative template (ADMX)
+
+The [Notepad Administrative Template (ADMX)](https://todo) can be downloaded from the Microsoft Download Center.
+
+## Policy settings
+
+### DisableAIFeaturesInNotepad
+
+This policy setting allows you to control whether AI features are disabled in the Windows Notepad app. 
+
+- If this policy is enabled, AI features will not be accessible in the Notepad app. 
+- If this policy is disabled or not configured, users will be able to access AI features in the Notepad app.
+
+**Supported versions**
+
+- Windows 11, version 22H2 or later.
+- Notepad [TBD]
+
+**Allowed values**
+
+| Value       | Description               |
+|:----------- |:------------------------- |
+| 0 (Default) | AI features are enabled.  |
+| 1           | AI features are disabled. |
+
+## Configure policies
 
 To configure Notepad policies, you can use:
 
 - Microsoft Intune
-- CSP
 - Group policy
 - Registry
 
 The following instructions provide details how to configure your devices. Select the option that best suits your needs.
 
-#### [:::image type="icon" source="../../images/icons/intune.svg"::: **Intune**](#tab/intune)
-
-TODO
-
-#### [:::image type="icon" source="../../images/icons/csp.svg"::: **CSP**](#tab/csp)
-
-TODO
+#### [:::image type="icon" source="images/icons/intune.svg"::: **Intune**](#tab/intune)
 
 
-#### [:::image type="icon" source="../../images/icons/group-policy.svg" border="false"::: **GPO**](#tab/gpo)
+To configure devices using Microsoft Intune, [import the Notepad administrative template (ADMX) files](/intune/intune-service/configuration/administrative-templates-import-custom#add-the-admx-and-adml-files) and then [create a custom **Configuration profile**](/intune/intune-service/configuration/administrative-templates-import-custom#create-a-profile-using-your-imported-files) based on the imported ADMX files. 
 
-TODO
+> [!NOTE]
+> The Notepad administrative template (ADMX) depends on the Windows administrative template (`C:\Windows\PolicyDefinitions\Windows.admx`) file, so make sure you import it as well.
 
-#### [:::image type="icon" source="../../images/icons/registry.svg" border="false"::: **Registry**](#tab/reg)
+<!-- 
+#### [:::image type="icon" source="images/icons/csp.svg"::: **CSP**](#tab/csp)
+TODO 
+-->
 
-TODO
\ No newline at end of file
+#### [:::image type="icon" source="images/icons/group-policy.svg" border="false"::: **GPO**](#tab/gpo)
+
+For machines within a corporate network, you can use Group Policy with Active Directory (AD) to deploy Notepad policies. Steps:
+
+1. Download the latest [Notepad administrative template (ADMX)](#download-the-notepad-administrative-template-admx).
+
+2. On your domain controllers, copy and paste the following files to the relevant location, depending if you store Group Policy templates in the local `PolicyDefinitions` folder or the [Group Policy Central Store](/troubleshoot/windows-client/group-policy/create-and-manage-central-store). Replace `contoso.com` with your domain name, and `en-US` if you're using a different language.
+   
+   - **Filename**: `WindowsNotepad.admx`     
+     - **Local location**: `C:\Windows\PolicyDefinitions\`
+     - **Central Store**: `\\contoso.com\SYSVOL\contoso.com\Policies\PolicyDefinitions`
+   
+   - **Filename**: `en-US\WindowsNotepad.adml`     
+     - **Local location**: `C:\Windows\PolicyDefinitions\en-US\`
+     - **Central Store**: `\\contoso.com\SYSVOL\contoso.com\Policies\PolicyDefinitions\en-US`
+
+3. On a device you use to manage Group Policy, open the **Group Policy Management Console (GPMC)** and create or edit a policy that targets your devices.
+
+4. To verify that the Notepad administrative template is available, browse to **Computer Configuration** > **Policies** > **Administrative Templates** > **Windows Components** > **Notepad** . You should see policy settings for Notepad available for you to configure.
+
+#### [:::image type="icon" source="images/icons/registry.svg" border="false"::: **Registry**](#tab/reg)
+
+To disable AI features in Notepad, set the `DisableAIFeatures` registry value to `1` under `HKLM:\SOFTWARE\Policies\WindowsNotepad`.
diff --git a/windows/client-management/toc.yml b/windows/client-management/toc.yml
index c6427b24a0..c21275a117 100644
--- a/windows/client-management/toc.yml
+++ b/windows/client-management/toc.yml
@@ -55,7 +55,7 @@ items:
               - name: eSIM management
                 href: esim-enterprise-management.md
           - name: Manage Windows AI
-            expanded: false
+            expanded: true
             items:
               - name: Manage Click to Do
                 href: manage-click-to-do.md

From 9a8448f6c2ef97231fe9b147c29c2b17f2b1114d Mon Sep 17 00:00:00 2001
From: "Vinay Pamnani (from Dev Box)" <vinpa@microsoft.com>
Date: Wed, 30 Apr 2025 10:47:13 -0600
Subject: [PATCH 05/17] Minor

---
 windows/client-management/manage-notepad.md | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/windows/client-management/manage-notepad.md b/windows/client-management/manage-notepad.md
index 3c2d589a29..9a687339e7 100644
--- a/windows/client-management/manage-notepad.md
+++ b/windows/client-management/manage-notepad.md
@@ -18,16 +18,16 @@ This article provides information about managing AI features for Notepad in a co
 
 ## Download the Notepad administrative template (ADMX)
 
-The [Notepad Administrative Template (ADMX)](https://todo) can be downloaded from the Microsoft Download Center.
+The [Notepad Administrative Template (ADMX)](https://todo) can be downloaded from the Microsoft Download Center.
 
 ## Policy settings
 
 ### DisableAIFeaturesInNotepad
 
-This policy setting allows you to control whether AI features are disabled in the Windows Notepad app. 
+This policy setting allows you to control whether AI features are disabled in the Windows Notepad app. 
 
-- If this policy is enabled, AI features will not be accessible in the Notepad app. 
-- If this policy is disabled or not configured, users will be able to access AI features in the Notepad app.
+- If this policy is enabled, users can't access AI features in the Notepad app.
+- If this policy is disabled or not configured, users can access AI features in the Notepad app.
 
 **Supported versions**
 
@@ -54,10 +54,10 @@ The following instructions provide details how to configure your devices. Select
 #### [:::image type="icon" source="images/icons/intune.svg"::: **Intune**](#tab/intune)
 
 
-To configure devices using Microsoft Intune, [import the Notepad administrative template (ADMX) files](/intune/intune-service/configuration/administrative-templates-import-custom#add-the-admx-and-adml-files) and then [create a custom **Configuration profile**](/intune/intune-service/configuration/administrative-templates-import-custom#create-a-profile-using-your-imported-files) based on the imported ADMX files. 
+To configure devices using Microsoft Intune, [import the Notepad administrative template (ADMX) files](/intune/intune-service/configuration/administrative-templates-import-custom#add-the-admx-and-adml-files) and then [create a custom **Configuration profile**](/intune/intune-service/configuration/administrative-templates-import-custom#create-a-profile-using-your-imported-files) based on the imported ADMX files. 
 
 > [!NOTE]
-> The Notepad administrative template (ADMX) depends on the Windows administrative template (`C:\Windows\PolicyDefinitions\Windows.admx`) file, so make sure you import it as well.
+> The Notepad administrative template (ADMX) depends on the Windows administrative template (`C:\Windows\PolicyDefinitions\Windows.admx`) file, so make sure you import it as well.
 
 <!-- 
 #### [:::image type="icon" source="images/icons/csp.svg"::: **CSP**](#tab/csp)

From a7216ce5eb115550db99212141fa969b9e4df3d8 Mon Sep 17 00:00:00 2001
From: "Vinay Pamnani (from Dev Box)" <vinpa@microsoft.com>
Date: Wed, 30 Apr 2025 11:02:18 -0600
Subject: [PATCH 06/17] Minor

---
 windows/client-management/manage-notepad.md | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/windows/client-management/manage-notepad.md b/windows/client-management/manage-notepad.md
index 9a687339e7..16adb1cb99 100644
--- a/windows/client-management/manage-notepad.md
+++ b/windows/client-management/manage-notepad.md
@@ -18,7 +18,7 @@ This article provides information about managing AI features for Notepad in a co
 
 ## Download the Notepad administrative template (ADMX)
 
-The [Notepad Administrative Template (ADMX)](https://todo) can be downloaded from the Microsoft Download Center.
+The [Notepad Administrative Template (ADMX)](https://todo) can be downloaded from the Microsoft Download Center. The group policy settings contained in the ADMX file are machine-wide for all users.
 
 ## Policy settings
 
@@ -34,13 +34,6 @@ This policy setting allows you to control whether AI features are disabled in th
 - Windows 11, version 22H2 or later.
 - Notepad [TBD]
 
-**Allowed values**
-
-| Value       | Description               |
-|:----------- |:------------------------- |
-| 0 (Default) | AI features are enabled.  |
-| 1           | AI features are disabled. |
-
 ## Configure policies
 
 To configure Notepad policies, you can use:

From eb6b5e41b7352aec882dd41c2e508ce497e9bfed Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Mon, 5 May 2025 09:39:58 -0600
Subject: [PATCH 07/17] CSP Updates 2504

---
 .../mdm/passportforwork-csp.md                |  6 +-
 .../mdm/passportforwork-ddf.md                |  6 +-
 .../mdm/policies-in-preview.md                | 11 ++-
 .../mdm/policy-csp-devicelock.md              | 20 ++---
 .../mdm/policy-csp-display.md                 | 34 ++++---
 .../mdm/policy-csp-filesystem.md              | 52 ++++++++++-
 ...policy-csp-localpoliciessecurityoptions.md | 66 +++++++-------
 .../mdm/policy-csp-mssecurityguide.md         |  4 +-
 .../mdm/policy-csp-networklistmanager.md      | 14 +--
 .../mdm/policy-csp-settingssync.md            | 40 ++++-----
 .../mdm/policy-csp-systemservices.md          | 34 +++----
 .../mdm/policy-csp-userrights.md              | 22 ++---
 .../mdm/policy-csp-windowsai.md               | 28 +++---
 windows/client-management/mdm/toc.yml         |  5 ++
 .../mdm/windowsbackupandrestore-csp.md        | 83 +++++++++++++++++
 .../mdm/windowsbackupandrestore-ddf-file.md   | 89 +++++++++++++++++++
 .../mdm/wirelessnetworkpreference-csp.md      | 10 +--
 .../mdm/wirelessnetworkpreference-ddf-file.md | 12 +--
 18 files changed, 390 insertions(+), 146 deletions(-)
 create mode 100644 windows/client-management/mdm/windowsbackupandrestore-csp.md
 create mode 100644 windows/client-management/mdm/windowsbackupandrestore-ddf-file.md

diff --git a/windows/client-management/mdm/passportforwork-csp.md b/windows/client-management/mdm/passportforwork-csp.md
index 2bc6d2300d..651e786236 100644
--- a/windows/client-management/mdm/passportforwork-csp.md
+++ b/windows/client-management/mdm/passportforwork-csp.md
@@ -1,7 +1,7 @@
 ---
 title: PassportForWork CSP
 description: Learn more about the PassportForWork CSP.
-ms.date: 03/12/2025
+ms.date: 04/30/2025
 ms.topic: generated-reference
 ---
 
@@ -1284,8 +1284,8 @@ Enhanced Sign-in Security (ESS) isolates both biometric template data and matchi
 
 | Value | Description |
 |:--|:--|
-| 0 | ESS will be enabled on systems with capable software and hardware, following the existing default behavior in Windows. Authentication operations of peripheral Windows Hello capable devices will be allowed, subject to current feature limitations. In addition, with this setting, ESS will be enabled on devices with a mixture of biometric devices, such as an ESS capable FPR and a non-ESS capable camera. (not recommended). |
-| 1 (Default) | ESS will be enabled on systems with capable software and hardware, following the existing default behavior in Windows. Authentication operations of any peripheral biometric device will be blocked and not available for Windows Hello. (default and recommended for highest security). |
+| 0 | ESS will be disabled on systems with capable software and hardware. Authentication operations of peripheral Windows Hello capable devices will be allowed, subject to current feature limitations. |
+| 1 (Default) | ESS will be enabled on systems with capable software and hardware, following the existing default behavior in Windows. Authentication operations of any peripheral biometric device will be blocked and not available for Windows Hello. |
 <!-- Device-Biometrics-EnableESSwithSupportedPeripherals-AllowedValues-End -->
 
 <!-- Device-Biometrics-EnableESSwithSupportedPeripherals-GpMapping-Begin -->
diff --git a/windows/client-management/mdm/passportforwork-ddf.md b/windows/client-management/mdm/passportforwork-ddf.md
index a40108a1d3..94763f451e 100644
--- a/windows/client-management/mdm/passportforwork-ddf.md
+++ b/windows/client-management/mdm/passportforwork-ddf.md
@@ -1,7 +1,7 @@
 ---
 title: PassportForWork DDF file
 description: View the XML file containing the device description framework (DDF) for the PassportForWork configuration service provider.
-ms.date: 02/13/2025
+ms.date: 04/30/2025
 ms.topic: generated-reference
 ---
 
@@ -1579,11 +1579,11 @@ Note that enhanced anti-spoofing for Windows Hello face authentication is not re
           <MSFT:AllowedValues ValueType="ENUM">
             <MSFT:Enum>
               <MSFT:Value>0</MSFT:Value>
-              <MSFT:ValueDescription>ESS will be enabled on systems with capable software and hardware, following the existing default behavior in Windows. Authentication operations of peripheral Windows Hello capable devices will be allowed, subject to current feature limitations. In addition, with this setting, ESS will be enabled on devices with a mixture of biometric devices, such as an ESS capable FPR and a non-ESS capable camera. (not recommended)</MSFT:ValueDescription>
+              <MSFT:ValueDescription>ESS will be disabled on systems with capable software and hardware. Authentication operations of peripheral Windows Hello capable devices will be allowed, subject to current feature limitations.</MSFT:ValueDescription>
             </MSFT:Enum>
             <MSFT:Enum>
               <MSFT:Value>1</MSFT:Value>
-              <MSFT:ValueDescription>ESS will be enabled on systems with capable software and hardware, following the existing default behavior in Windows. Authentication operations of any peripheral biometric device will be blocked and not available for Windows Hello. (default and recommended for highest security)</MSFT:ValueDescription>
+              <MSFT:ValueDescription>ESS will be enabled on systems with capable software and hardware, following the existing default behavior in Windows. Authentication operations of any peripheral biometric device will be blocked and not available for Windows Hello.</MSFT:ValueDescription>
             </MSFT:Enum>
           </MSFT:AllowedValues>
           <MSFT:GpMapping GpEnglishName="Enable ESS with Supported Peripherals" GpAreaPath="Passport~AT~WindowsComponents~MSPassportForWorkCategory" />
diff --git a/windows/client-management/mdm/policies-in-preview.md b/windows/client-management/mdm/policies-in-preview.md
index 9be89eb1f4..e7a1b732c0 100644
--- a/windows/client-management/mdm/policies-in-preview.md
+++ b/windows/client-management/mdm/policies-in-preview.md
@@ -1,7 +1,7 @@
 ---
 title: Configuration service provider preview policies
 description: Learn more about configuration service provider (CSP) policies that are available for Windows Insider Preview.
-ms.date: 04/21/2025
+ms.date: 05/02/2025
 ms.topic: generated-reference
 ---
 
@@ -86,6 +86,7 @@ This article lists the policies that are applicable for Windows Insider Preview
 
 - [EnableDevDrive](policy-csp-filesystem.md#enabledevdrive)
 - [DevDriveAttachPolicy](policy-csp-filesystem.md#devdriveattachpolicy)
+- [ClfsAuthenticationChecking](policy-csp-filesystem.md#clfsauthenticationchecking)
 
 ## HealthAttestation CSP
 
@@ -135,6 +136,8 @@ This article lists the policies that are applicable for Windows Insider Preview
 ## LocalPoliciesSecurityOptions
 
 - [InteractiveLogon_NumberOfPreviousLogonsToCache](policy-csp-localpoliciessecurityoptions.md#interactivelogon_numberofpreviouslogonstocache)
+- [NetworkAccess_RemotelyAccessibleRegistryPaths](policy-csp-localpoliciessecurityoptions.md#networkaccess_remotelyaccessibleregistrypaths)
+- [NetworkAccess_RemotelyAccessibleRegistryPathsAndSubpaths](policy-csp-localpoliciessecurityoptions.md#networkaccess_remotelyaccessibleregistrypathsandsubpaths)
 - [UserAccountControl_BehaviorOfTheElevationPromptForAdministratorProtection](policy-csp-localpoliciessecurityoptions.md#useraccountcontrol_behavioroftheelevationpromptforadministratorprotection)
 - [UserAccountControl_TypeOfAdminApprovalMode](policy-csp-localpoliciessecurityoptions.md#useraccountcontrol_typeofadminapprovalmode)
 
@@ -179,7 +182,7 @@ This article lists the policies that are applicable for Windows Insider Preview
 
 ## SettingsSync
 
-- [EnableWindowsbackup](policy-csp-settingssync.md#enablewindowsbackup)
+- [EnableWindowsBackup](policy-csp-settingssync.md#enablewindowsbackup)
 
 ## Start
 
@@ -220,6 +223,10 @@ This article lists the policies that are applicable for Windows Insider Preview
 - [DisableGenerativeFill](policy-csp-windowsai.md#disablegenerativefill)
 - [AllowRecallEnablement](policy-csp-windowsai.md#allowrecallenablement)
 
+## WindowsBackupAndRestore CSP
+
+- [EnableWindowsRestore](windowsbackupandrestore-csp.md#enablewindowsrestore)
+
 ## WindowsLicensing CSP
 
 - [SubscriptionType](windowslicensing-csp.md#subscriptionssubscriptiontype)
diff --git a/windows/client-management/mdm/policy-csp-devicelock.md b/windows/client-management/mdm/policy-csp-devicelock.md
index 9fc3c22b95..50b70af65a 100644
--- a/windows/client-management/mdm/policy-csp-devicelock.md
+++ b/windows/client-management/mdm/policy-csp-devicelock.md
@@ -1,7 +1,7 @@
 ---
 title: DeviceLock Policy CSP
 description: Learn more about the DeviceLock Area in Policy CSP.
-ms.date: 03/12/2025
+ms.date: 04/30/2025
 ms.topic: generated-reference
 ---
 
@@ -24,7 +24,7 @@ ms.topic: generated-reference
 <!-- AccountLockoutPolicy-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- AccountLockoutPolicy-Applicability-End -->
 
 <!-- AccountLockoutPolicy-OmaUri-Begin -->
@@ -63,7 +63,7 @@ Account lockout threshold - This security setting determines the number of faile
 <!-- AllowAdministratorLockout-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- AllowAdministratorLockout-Applicability-End -->
 
 <!-- AllowAdministratorLockout-OmaUri-Begin -->
@@ -328,7 +328,7 @@ Determines the type of PIN or password required. This policy only applies if the
 <!-- ClearTextPassword-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ClearTextPassword-Applicability-End -->
 
 <!-- ClearTextPassword-OmaUri-Begin -->
@@ -684,7 +684,7 @@ The number of authentication failures allowed before the device will be wiped. A
 <!-- MaximumPasswordAge-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- MaximumPasswordAge-Applicability-End -->
 
 <!-- MaximumPasswordAge-OmaUri-Begin -->
@@ -1024,7 +1024,7 @@ This security setting determines the period of time (in days) that a password mu
 <!-- MinimumPasswordLength-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- MinimumPasswordLength-Applicability-End -->
 
 <!-- MinimumPasswordLength-OmaUri-Begin -->
@@ -1077,7 +1077,7 @@ This security setting determines the least number of characters that a password
 <!-- MinimumPasswordLengthAudit-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- MinimumPasswordLengthAudit-Applicability-End -->
 
 <!-- MinimumPasswordLengthAudit-OmaUri-Begin -->
@@ -1127,7 +1127,7 @@ This security setting determines the minimum password length for which password
 <!-- PasswordComplexity-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- PasswordComplexity-Applicability-End -->
 
 <!-- PasswordComplexity-OmaUri-Begin -->
@@ -1187,7 +1187,7 @@ Complexity requirements are enforced when passwords are changed or created.
 <!-- PasswordHistorySize-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- PasswordHistorySize-Applicability-End -->
 
 <!-- PasswordHistorySize-OmaUri-Begin -->
@@ -1359,7 +1359,7 @@ If you enable this setting, users will no longer be able to modify slide show se
 <!-- RelaxMinimumPasswordLengthLimits-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- RelaxMinimumPasswordLengthLimits-Applicability-End -->
 
 <!-- RelaxMinimumPasswordLengthLimits-OmaUri-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-display.md b/windows/client-management/mdm/policy-csp-display.md
index fef26a3307..eaaee22550 100644
--- a/windows/client-management/mdm/policy-csp-display.md
+++ b/windows/client-management/mdm/policy-csp-display.md
@@ -1,7 +1,7 @@
 ---
 title: Display Policy CSP
 description: Learn more about the Display Area in Policy CSP.
-ms.date: 03/12/2025
+ms.date: 04/30/2025
 ms.topic: generated-reference
 ---
 
@@ -22,10 +22,14 @@ ms.topic: generated-reference
 <!-- ConfigureMultipleDisplayMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ✅ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
 <!-- ConfigureMultipleDisplayMode-Applicability-End -->
 
 <!-- ConfigureMultipleDisplayMode-OmaUri-Begin -->
+```User
+./User/Vendor/MSFT/Policy/Config/Display/ConfigureMultipleDisplayMode
+```
+
 ```Device
 ./Device/Vendor/MSFT/Policy/Config/Display/ConfigureMultipleDisplayMode
 ```
@@ -33,7 +37,7 @@ ms.topic: generated-reference
 
 <!-- ConfigureMultipleDisplayMode-Description-Begin -->
 <!-- Description-Source-DDF -->
-This policy sets the default display arrangement to pick between clone or extend.
+Set the default display arrangement as clone, extend, internalOnly, externalOnly or default Windows Settings.
 <!-- ConfigureMultipleDisplayMode-Description-End -->
 
 <!-- ConfigureMultipleDisplayMode-Editable-Begin -->
@@ -47,7 +51,7 @@ This policy sets the default display arrangement to pick between clone or extend
 |:--|:--|
 | Format | `int` |
 | Access Type | Add, Delete, Get, Replace |
-| Default Value  | 1 |
+| Default Value  | 0 |
 <!-- ConfigureMultipleDisplayMode-DFProperties-End -->
 
 <!-- ConfigureMultipleDisplayMode-AllowedValues-Begin -->
@@ -55,9 +59,11 @@ This policy sets the default display arrangement to pick between clone or extend
 
 | Value | Description |
 |:--|:--|
-| 0 | Default. |
-| 1 (Default) | Clone. |
-| 2 | Extend. |
+| 0 (Default) | Default. |
+| 1 | Internal Only. |
+| 2 | External Only. |
+| 3 | Clone. |
+| 4 | Extend. |
 <!-- ConfigureMultipleDisplayMode-AllowedValues-End -->
 
 <!-- ConfigureMultipleDisplayMode-GpMapping-Begin -->
@@ -305,10 +311,14 @@ Enabling this setting lets you specify the system-wide default for desktop appli
 <!-- SetClonePreferredResolutionSource-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ✅ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
 <!-- SetClonePreferredResolutionSource-Applicability-End -->
 
 <!-- SetClonePreferredResolutionSource-OmaUri-Begin -->
+```User
+./User/Vendor/MSFT/Policy/Config/Display/SetClonePreferredResolutionSource
+```
+
 ```Device
 ./Device/Vendor/MSFT/Policy/Config/Display/SetClonePreferredResolutionSource
 ```
@@ -316,7 +326,7 @@ Enabling this setting lets you specify the system-wide default for desktop appli
 
 <!-- SetClonePreferredResolutionSource-Description-Begin -->
 <!-- Description-Source-DDF -->
-This policy sets the cloned monitor preferred resolution source to an internal or external monitor by default.
+Set the cloned monitor preferred resolution source as internal or external monitor or set to default.
 <!-- SetClonePreferredResolutionSource-Description-End -->
 
 <!-- SetClonePreferredResolutionSource-Editable-Begin -->
@@ -330,7 +340,7 @@ This policy sets the cloned monitor preferred resolution source to an internal o
 |:--|:--|
 | Format | `int` |
 | Access Type | Add, Delete, Get, Replace |
-| Default Value  | 1 |
+| Default Value  | 0 |
 <!-- SetClonePreferredResolutionSource-DFProperties-End -->
 
 <!-- SetClonePreferredResolutionSource-AllowedValues-Begin -->
@@ -338,8 +348,8 @@ This policy sets the cloned monitor preferred resolution source to an internal o
 
 | Value | Description |
 |:--|:--|
-| 0 | Default. |
-| 1 (Default) | Internal. |
+| 0 (Default) | Default. |
+| 1 | Internal. |
 | 2 | External. |
 <!-- SetClonePreferredResolutionSource-AllowedValues-End -->
 
diff --git a/windows/client-management/mdm/policy-csp-filesystem.md b/windows/client-management/mdm/policy-csp-filesystem.md
index 79f4e79033..6aa34c4df9 100644
--- a/windows/client-management/mdm/policy-csp-filesystem.md
+++ b/windows/client-management/mdm/policy-csp-filesystem.md
@@ -1,7 +1,7 @@
 ---
 title: FileSystem Policy CSP
 description: Learn more about the FileSystem Area in Policy CSP.
-ms.date: 03/12/2025
+ms.date: 04/30/2025
 ms.topic: generated-reference
 ---
 
@@ -18,6 +18,56 @@ ms.topic: generated-reference
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 <!-- FileSystem-Editable-End -->
 
+<!-- ClfsAuthenticationChecking-Begin -->
+## ClfsAuthenticationChecking
+
+<!-- ClfsAuthenticationChecking-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+<!-- ClfsAuthenticationChecking-Applicability-End -->
+
+<!-- ClfsAuthenticationChecking-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/FileSystem/ClfsAuthenticationChecking
+```
+<!-- ClfsAuthenticationChecking-OmaUri-End -->
+
+<!-- ClfsAuthenticationChecking-Description-Begin -->
+<!-- Description-Source-Not-Found -->
+<!-- ClfsAuthenticationChecking-Description-End -->
+
+<!-- ClfsAuthenticationChecking-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- ClfsAuthenticationChecking-Editable-End -->
+
+<!-- ClfsAuthenticationChecking-DFProperties-Begin -->
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `chr` (string) |
+| Access Type | Add, Delete, Get, Replace |
+<!-- ClfsAuthenticationChecking-DFProperties-End -->
+
+<!-- ClfsAuthenticationChecking-AdmxBacked-Begin -->
+<!-- ADMX-Not-Found -->
+[!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
+
+**ADMX mapping**:
+
+| Name | Value |
+|:--|:--|
+| Name | ClfsAuthenticationChecking |
+| ADMX File Name | FileSys.admx |
+<!-- ClfsAuthenticationChecking-AdmxBacked-End -->
+
+<!-- ClfsAuthenticationChecking-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- ClfsAuthenticationChecking-Examples-End -->
+
+<!-- ClfsAuthenticationChecking-End -->
+
 <!-- DevDriveAttachPolicy-Begin -->
 ## DevDriveAttachPolicy
 
diff --git a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
index 9c5d66ece3..721b0c112a 100644
--- a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
+++ b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
@@ -1,7 +1,7 @@
 ---
 title: LocalPoliciesSecurityOptions Policy CSP
 description: Learn more about the LocalPoliciesSecurityOptions Area in Policy CSP.
-ms.date: 03/12/2025
+ms.date: 04/30/2025
 ms.topic: generated-reference
 ---
 
@@ -361,7 +361,7 @@ Accounts: Rename guest account This security setting determines whether a differ
 <!-- Audit_AuditTheUseOfBackupAndRestoreprivilege-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- Audit_AuditTheUseOfBackupAndRestoreprivilege-Applicability-End -->
 
 <!-- Audit_AuditTheUseOfBackupAndRestoreprivilege-OmaUri-Begin -->
@@ -422,7 +422,7 @@ Audit: Audit the use of Backup and Restore privilege This security setting deter
 <!-- Audit_ForceAuditPolicySubcategorySettingsToOverrideAuditPolicyCategorySettings-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- Audit_ForceAuditPolicySubcategorySettingsToOverrideAuditPolicyCategorySettings-Applicability-End -->
 
 <!-- Audit_ForceAuditPolicySubcategorySettingsToOverrideAuditPolicyCategorySettings-OmaUri-Begin -->
@@ -463,7 +463,7 @@ Audit: Force audit policy subcategory settings (Windows Vista or later) to overr
 <!-- Audit_ShutdownSystemImmediatelyIfUnableToLogSecurityAudits-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- Audit_ShutdownSystemImmediatelyIfUnableToLogSecurityAudits-Applicability-End -->
 
 <!-- Audit_ShutdownSystemImmediatelyIfUnableToLogSecurityAudits-OmaUri-Begin -->
@@ -736,7 +736,7 @@ Devices: Restrict CD-ROM access to locally logged-on user only This security set
 <!-- Devices_RestrictFloppyAccessToLocallyLoggedOnUserOnly-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- Devices_RestrictFloppyAccessToLocallyLoggedOnUserOnly-Applicability-End -->
 
 <!-- Devices_RestrictFloppyAccessToLocallyLoggedOnUserOnly-OmaUri-Begin -->
@@ -789,7 +789,7 @@ Devices: Restrict floppy access to locally logged-on user only This security set
 <!-- DomainMember_DigitallyEncryptOrSignSecureChannelDataAlways-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- DomainMember_DigitallyEncryptOrSignSecureChannelDataAlways-Applicability-End -->
 
 <!-- DomainMember_DigitallyEncryptOrSignSecureChannelDataAlways-OmaUri-Begin -->
@@ -843,7 +843,7 @@ Domain member: Digitally encrypt or sign secure channel data (always) This secur
 <!-- DomainMember_DigitallyEncryptSecureChannelDataWhenPossible-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- DomainMember_DigitallyEncryptSecureChannelDataWhenPossible-Applicability-End -->
 
 <!-- DomainMember_DigitallyEncryptSecureChannelDataWhenPossible-OmaUri-Begin -->
@@ -896,7 +896,7 @@ Domain member: Digitally encrypt secure channel data (when possible) This securi
 <!-- DomainMember_DigitallySignSecureChannelDataWhenPossible-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- DomainMember_DigitallySignSecureChannelDataWhenPossible-Applicability-End -->
 
 <!-- DomainMember_DigitallySignSecureChannelDataWhenPossible-OmaUri-Begin -->
@@ -946,7 +946,7 @@ Domain member: Digitally sign secure channel data (when possible) This security
 <!-- DomainMember_DisableMachineAccountPasswordChanges-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- DomainMember_DisableMachineAccountPasswordChanges-Applicability-End -->
 
 <!-- DomainMember_DisableMachineAccountPasswordChanges-OmaUri-Begin -->
@@ -1000,7 +1000,7 @@ Domain member: Disable machine account password changes Determines whether a dom
 <!-- DomainMember_MaximumMachineAccountPasswordAge-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- DomainMember_MaximumMachineAccountPasswordAge-Applicability-End -->
 
 <!-- DomainMember_MaximumMachineAccountPasswordAge-OmaUri-Begin -->
@@ -1053,7 +1053,7 @@ Domain member: Maximum machine account password age This security setting determ
 <!-- DomainMember_RequireStrongSessionKey-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- DomainMember_RequireStrongSessionKey-Applicability-End -->
 
 <!-- DomainMember_RequireStrongSessionKey-OmaUri-Begin -->
@@ -1353,7 +1353,7 @@ Interactive logon: Don't require CTRL+ALT+DEL This security setting determines w
 <!-- InteractiveLogon_MachineAccountLockoutThreshold-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- InteractiveLogon_MachineAccountLockoutThreshold-Applicability-End -->
 
 <!-- InteractiveLogon_MachineAccountLockoutThreshold-OmaUri-Begin -->
@@ -1557,7 +1557,7 @@ Interactive logon: Message title for users attempting to log on This security se
 <!-- InteractiveLogon_NumberOfPreviousLogonsToCache-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 with [KB5052093](https://support.microsoft.com/help/5052093) [10.0.26100.3323] and later <br> ✅ Windows Insider Preview |
 <!-- InteractiveLogon_NumberOfPreviousLogonsToCache-Applicability-End -->
 
 <!-- InteractiveLogon_NumberOfPreviousLogonsToCache-OmaUri-Begin -->
@@ -1599,7 +1599,7 @@ Interactive logon: Number of previous logons to cache (in case domain controller
 <!-- InteractiveLogon_PromptUserToChangePasswordBeforeExpiration-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- InteractiveLogon_PromptUserToChangePasswordBeforeExpiration-Applicability-End -->
 
 <!-- InteractiveLogon_PromptUserToChangePasswordBeforeExpiration-OmaUri-Begin -->
@@ -1888,7 +1888,7 @@ Microsoft network client: Send unencrypted password to connect to third-party SM
 <!-- MicrosoftNetworkServer_AmountOfIdleTimeRequiredBeforeSuspendingSession-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- MicrosoftNetworkServer_AmountOfIdleTimeRequiredBeforeSuspendingSession-Applicability-End -->
 
 <!-- MicrosoftNetworkServer_AmountOfIdleTimeRequiredBeforeSuspendingSession-OmaUri-Begin -->
@@ -2071,7 +2071,7 @@ Microsoft network server: Digitally sign communications (if client agrees) This
 <!-- MicrosoftNetworkServer_DisconnectClientsWhenLogonHoursExpire-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- MicrosoftNetworkServer_DisconnectClientsWhenLogonHoursExpire-Applicability-End -->
 
 <!-- MicrosoftNetworkServer_DisconnectClientsWhenLogonHoursExpire-OmaUri-Begin -->
@@ -2114,7 +2114,7 @@ Microsoft network server: Disconnect clients when logon hours expire This securi
 <!-- MicrosoftNetworkServer_ServerSPNTargetNameValidationLevel-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- MicrosoftNetworkServer_ServerSPNTargetNameValidationLevel-Applicability-End -->
 
 <!-- MicrosoftNetworkServer_ServerSPNTargetNameValidationLevel-OmaUri-Begin -->
@@ -2155,7 +2155,7 @@ Microsoft network server: Server SPN target name validation level This policy se
 <!-- NetworkAccess_AllowAnonymousSIDOrNameTranslation-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- NetworkAccess_AllowAnonymousSIDOrNameTranslation-Applicability-End -->
 
 <!-- NetworkAccess_AllowAnonymousSIDOrNameTranslation-OmaUri-Begin -->
@@ -2336,7 +2336,7 @@ Network access: Don't allow anonymous enumeration of SAM accounts and shares Thi
 <!-- NetworkAccess_DoNotAllowStorageOfPasswordsAndCredentialsForNetworkAuthentication-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- NetworkAccess_DoNotAllowStorageOfPasswordsAndCredentialsForNetworkAuthentication-Applicability-End -->
 
 <!-- NetworkAccess_DoNotAllowStorageOfPasswordsAndCredentialsForNetworkAuthentication-OmaUri-Begin -->
@@ -2384,7 +2384,7 @@ Network access: Don't allow storage of passwords and credentials for network aut
 <!-- NetworkAccess_LetEveryonePermissionsApplyToAnonymousUsers-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- NetworkAccess_LetEveryonePermissionsApplyToAnonymousUsers-Applicability-End -->
 
 <!-- NetworkAccess_LetEveryonePermissionsApplyToAnonymousUsers-OmaUri-Begin -->
@@ -2436,7 +2436,7 @@ Network access: Let Everyone permissions apply to anonymous users This security
 <!-- NetworkAccess_NamedPipesThatCanBeAccessedAnonymously-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- NetworkAccess_NamedPipesThatCanBeAccessedAnonymously-Applicability-End -->
 
 <!-- NetworkAccess_NamedPipesThatCanBeAccessedAnonymously-OmaUri-Begin -->
@@ -2476,7 +2476,7 @@ Network access: Named pipes that can be accessed anonymously This security setti
 <!-- NetworkAccess_RemotelyAccessibleRegistryPaths-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 with [KB5053656](https://support.microsoft.com/help/5053656) [10.0.26100.3624] and later <br> ✅ Windows Insider Preview |
 <!-- NetworkAccess_RemotelyAccessibleRegistryPaths-Applicability-End -->
 
 <!-- NetworkAccess_RemotelyAccessibleRegistryPaths-OmaUri-Begin -->
@@ -2519,7 +2519,7 @@ Network access: Remotely accessible registry paths This security setting determi
 <!-- NetworkAccess_RemotelyAccessibleRegistryPathsAndSubpaths-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 with [KB5053656](https://support.microsoft.com/help/5053656) [10.0.26100.3624] and later <br> ✅ Windows Insider Preview |
 <!-- NetworkAccess_RemotelyAccessibleRegistryPathsAndSubpaths-Applicability-End -->
 
 <!-- NetworkAccess_RemotelyAccessibleRegistryPathsAndSubpaths-OmaUri-Begin -->
@@ -2668,7 +2668,7 @@ Network access: Restrict clients allowed to make remote calls to SAM This policy
 <!-- NetworkAccess_SharesThatCanBeAccessedAnonymously-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- NetworkAccess_SharesThatCanBeAccessedAnonymously-Applicability-End -->
 
 <!-- NetworkAccess_SharesThatCanBeAccessedAnonymously-OmaUri-Begin -->
@@ -2708,7 +2708,7 @@ Network access: Shares that can be accessed anonymously This security setting de
 <!-- NetworkAccess_SharingAndSecurityModelForLocalAccounts-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- NetworkAccess_SharingAndSecurityModelForLocalAccounts-Applicability-End -->
 
 <!-- NetworkAccess_SharingAndSecurityModelForLocalAccounts-OmaUri-Begin -->
@@ -2752,7 +2752,7 @@ Network access: Sharing and security model for local accounts This security sett
 <!-- NetworkSecurity_AllowLocalSystemNULLSessionFallback-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- NetworkSecurity_AllowLocalSystemNULLSessionFallback-Applicability-End -->
 
 <!-- NetworkSecurity_AllowLocalSystemNULLSessionFallback-OmaUri-Begin -->
@@ -2982,7 +2982,7 @@ Network security: Don't store LAN Manager hash value on next password change Thi
 <!-- NetworkSecurity_ForceLogoffWhenLogonHoursExpire-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- NetworkSecurity_ForceLogoffWhenLogonHoursExpire-Applicability-End -->
 
 <!-- NetworkSecurity_ForceLogoffWhenLogonHoursExpire-OmaUri-Begin -->
@@ -3107,7 +3107,7 @@ Network security LAN Manager authentication level This security setting determin
 <!-- NetworkSecurity_LDAPClientSigningRequirements-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- NetworkSecurity_LDAPClientSigningRequirements-Applicability-End -->
 
 <!-- NetworkSecurity_LDAPClientSigningRequirements-OmaUri-Begin -->
@@ -3513,7 +3513,7 @@ Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers This po
 <!-- RecoveryConsole_AllowAutomaticAdministrativeLogon-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- RecoveryConsole_AllowAutomaticAdministrativeLogon-Applicability-End -->
 
 <!-- RecoveryConsole_AllowAutomaticAdministrativeLogon-OmaUri-Begin -->
@@ -3563,7 +3563,7 @@ Recovery console: Allow automatic administrative logon This security setting det
 <!-- RecoveryConsole_AllowFloppyCopyAndAccessToAllDrivesAndAllFolders-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- RecoveryConsole_AllowFloppyCopyAndAccessToAllDrivesAndAllFolders-Applicability-End -->
 
 <!-- RecoveryConsole_AllowFloppyCopyAndAccessToAllDrivesAndAllFolders-OmaUri-Begin -->
@@ -3720,7 +3720,7 @@ Shutdown: Clear virtual memory pagefile This security setting determines whether
 <!-- SystemCryptography_ForceStrongKeyProtection-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- SystemCryptography_ForceStrongKeyProtection-Applicability-End -->
 
 <!-- SystemCryptography_ForceStrongKeyProtection-OmaUri-Begin -->
@@ -3761,7 +3761,7 @@ System Cryptography: Force strong key protection for user keys stored on the com
 <!-- SystemObjects_RequireCaseInsensitivityForNonWindowsSubsystems-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- SystemObjects_RequireCaseInsensitivityForNonWindowsSubsystems-Applicability-End -->
 
 <!-- SystemObjects_RequireCaseInsensitivityForNonWindowsSubsystems-OmaUri-Begin -->
@@ -3811,7 +3811,7 @@ System objects: Require case insensitivity for non-Windows subsystems This secur
 <!-- SystemObjects_StrengthenDefaultPermissionsOfInternalSystemObjects-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- SystemObjects_StrengthenDefaultPermissionsOfInternalSystemObjects-Applicability-End -->
 
 <!-- SystemObjects_StrengthenDefaultPermissionsOfInternalSystemObjects-OmaUri-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-mssecurityguide.md b/windows/client-management/mdm/policy-csp-mssecurityguide.md
index 04b7621dc4..2e2b488259 100644
--- a/windows/client-management/mdm/policy-csp-mssecurityguide.md
+++ b/windows/client-management/mdm/policy-csp-mssecurityguide.md
@@ -1,7 +1,7 @@
 ---
 title: MSSecurityGuide Policy CSP
 description: Learn more about the MSSecurityGuide Area in Policy CSP.
-ms.date: 03/12/2025
+ms.date: 04/30/2025
 ms.topic: generated-reference
 ---
 
@@ -222,7 +222,7 @@ ms.topic: generated-reference
 <!-- NetBTNodeTypeConfiguration-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- NetBTNodeTypeConfiguration-Applicability-End -->
 
 <!-- NetBTNodeTypeConfiguration-OmaUri-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-networklistmanager.md b/windows/client-management/mdm/policy-csp-networklistmanager.md
index 952086c203..cbfe6f3b95 100644
--- a/windows/client-management/mdm/policy-csp-networklistmanager.md
+++ b/windows/client-management/mdm/policy-csp-networklistmanager.md
@@ -1,7 +1,7 @@
 ---
 title: NetworkListManager Policy CSP
 description: Learn more about the NetworkListManager Area in Policy CSP.
-ms.date: 03/12/2025
+ms.date: 04/30/2025
 ms.topic: generated-reference
 ---
 
@@ -20,7 +20,7 @@ ms.topic: generated-reference
 <!-- AllNetworks_NetworkIcon-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- AllNetworks_NetworkIcon-Applicability-End -->
 
 <!-- AllNetworks_NetworkIcon-OmaUri-Begin -->
@@ -69,7 +69,7 @@ This policy setting allows you to specify whether users can change the network i
 <!-- AllNetworks_NetworkLocation-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- AllNetworks_NetworkLocation-Applicability-End -->
 
 <!-- AllNetworks_NetworkLocation-OmaUri-Begin -->
@@ -118,7 +118,7 @@ This policy setting allows you to specify whether users can change the network l
 <!-- AllNetworks_NetworkName-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- AllNetworks_NetworkName-Applicability-End -->
 
 <!-- AllNetworks_NetworkName-OmaUri-Begin -->
@@ -261,7 +261,7 @@ This policy setting provides the string that names a network. If this setting is
 <!-- IdentifyingNetworks_LocationType-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- IdentifyingNetworks_LocationType-Applicability-End -->
 
 <!-- IdentifyingNetworks_LocationType-OmaUri-Begin -->
@@ -310,7 +310,7 @@ This policy setting allows you to configure the Network Location for networks th
 <!-- UnidentifiedNetworks_LocationType-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- UnidentifiedNetworks_LocationType-Applicability-End -->
 
 <!-- UnidentifiedNetworks_LocationType-OmaUri-Begin -->
@@ -359,7 +359,7 @@ This policy setting allows you to configure the Network Location type for networ
 <!-- UnidentifiedNetworks_UserPermissions-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- UnidentifiedNetworks_UserPermissions-Applicability-End -->
 
 <!-- UnidentifiedNetworks_UserPermissions-OmaUri-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-settingssync.md b/windows/client-management/mdm/policy-csp-settingssync.md
index 65cf2fbf33..bd3593ba89 100644
--- a/windows/client-management/mdm/policy-csp-settingssync.md
+++ b/windows/client-management/mdm/policy-csp-settingssync.md
@@ -1,7 +1,7 @@
 ---
 title: SettingsSync Policy CSP
 description: Learn more about the SettingsSync Area in Policy CSP.
-ms.date: 03/12/2025
+ms.date: 04/30/2025
 ms.topic: generated-reference
 ---
 
@@ -140,39 +140,39 @@ If you don't set or disable this setting, syncing of the "language preferences"
 
 <!-- DisableLanguageSettingSync-End -->
 
-<!-- EnableWindowsbackup-Begin -->
-## EnableWindowsbackup
+<!-- EnableWindowsBackup-Begin -->
+## EnableWindowsBackup
 
-<!-- EnableWindowsbackup-Applicability-Begin -->
+<!-- EnableWindowsBackup-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
 | ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
-<!-- EnableWindowsbackup-Applicability-End -->
+<!-- EnableWindowsBackup-Applicability-End -->
 
-<!-- EnableWindowsbackup-OmaUri-Begin -->
+<!-- EnableWindowsBackup-OmaUri-Begin -->
 ```Device
-./Device/Vendor/MSFT/Policy/Config/SettingsSync/EnableWindowsbackup
+./Device/Vendor/MSFT/Policy/Config/SettingsSync/EnableWindowsBackup
 ```
-<!-- EnableWindowsbackup-OmaUri-End -->
+<!-- EnableWindowsBackup-OmaUri-End -->
 
-<!-- EnableWindowsbackup-Description-Begin -->
+<!-- EnableWindowsBackup-Description-Begin -->
 <!-- Description-Source-Not-Found -->
-<!-- EnableWindowsbackup-Description-End -->
+<!-- EnableWindowsBackup-Description-End -->
 
-<!-- EnableWindowsbackup-Editable-Begin -->
+<!-- EnableWindowsBackup-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
-<!-- EnableWindowsbackup-Editable-End -->
+<!-- EnableWindowsBackup-Editable-End -->
 
-<!-- EnableWindowsbackup-DFProperties-Begin -->
+<!-- EnableWindowsBackup-DFProperties-Begin -->
 **Description framework properties**:
 
 | Property name | Property value |
 |:--|:--|
 | Format | `chr` (string) |
 | Access Type | Add, Delete, Get, Replace |
-<!-- EnableWindowsbackup-DFProperties-End -->
+<!-- EnableWindowsBackup-DFProperties-End -->
 
-<!-- EnableWindowsbackup-AdmxBacked-Begin -->
+<!-- EnableWindowsBackup-AdmxBacked-Begin -->
 <!-- ADMX-Not-Found -->
 [!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
 
@@ -180,15 +180,15 @@ If you don't set or disable this setting, syncing of the "language preferences"
 
 | Name | Value |
 |:--|:--|
-| Name | EnableWindowsbackup |
+| Name | EnableWindowsBackup |
 | ADMX File Name | SettingSync.admx |
-<!-- EnableWindowsbackup-AdmxBacked-End -->
+<!-- EnableWindowsBackup-AdmxBacked-End -->
 
-<!-- EnableWindowsbackup-Examples-Begin -->
+<!-- EnableWindowsBackup-Examples-Begin -->
 <!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
-<!-- EnableWindowsbackup-Examples-End -->
+<!-- EnableWindowsBackup-Examples-End -->
 
-<!-- EnableWindowsbackup-End -->
+<!-- EnableWindowsBackup-End -->
 
 <!-- SettingsSync-CspMoreInfo-Begin -->
 <!-- Add any additional information about this CSP here. Anything outside this section will get overwritten. -->
diff --git a/windows/client-management/mdm/policy-csp-systemservices.md b/windows/client-management/mdm/policy-csp-systemservices.md
index 4a1ac1541c..dd77b65a34 100644
--- a/windows/client-management/mdm/policy-csp-systemservices.md
+++ b/windows/client-management/mdm/policy-csp-systemservices.md
@@ -1,7 +1,7 @@
 ---
 title: SystemServices Policy CSP
 description: Learn more about the SystemServices Area in Policy CSP.
-ms.date: 03/12/2025
+ms.date: 04/30/2025
 ms.topic: generated-reference
 ---
 
@@ -20,7 +20,7 @@ ms.topic: generated-reference
 <!-- ConfigureComputerBrowserServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureComputerBrowserServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureComputerBrowserServiceStartupMode-OmaUri-Begin -->
@@ -170,7 +170,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureIISAdminServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureIISAdminServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureIISAdminServiceStartupMode-OmaUri-Begin -->
@@ -220,7 +220,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureInfraredMonitorServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureInfraredMonitorServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureInfraredMonitorServiceStartupMode-OmaUri-Begin -->
@@ -270,7 +270,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureInternetConnectionSharingServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureInternetConnectionSharingServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureInternetConnectionSharingServiceStartupMode-OmaUri-Begin -->
@@ -320,7 +320,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureLxssManagerServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureLxssManagerServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureLxssManagerServiceStartupMode-OmaUri-Begin -->
@@ -370,7 +370,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureMicrosoftFTPServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureMicrosoftFTPServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureMicrosoftFTPServiceStartupMode-OmaUri-Begin -->
@@ -420,7 +420,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureRemoteProcedureCallLocatorServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureRemoteProcedureCallLocatorServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureRemoteProcedureCallLocatorServiceStartupMode-OmaUri-Begin -->
@@ -470,7 +470,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureRoutingAndRemoteAccessServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureRoutingAndRemoteAccessServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureRoutingAndRemoteAccessServiceStartupMode-OmaUri-Begin -->
@@ -520,7 +520,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureSimpleTCPIPServicesStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureSimpleTCPIPServicesStartupMode-Applicability-End -->
 
 <!-- ConfigureSimpleTCPIPServicesStartupMode-OmaUri-Begin -->
@@ -570,7 +570,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureSpecialAdministrationConsoleHelperServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureSpecialAdministrationConsoleHelperServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureSpecialAdministrationConsoleHelperServiceStartupMode-OmaUri-Begin -->
@@ -620,7 +620,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureSSDPDiscoveryServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureSSDPDiscoveryServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureSSDPDiscoveryServiceStartupMode-OmaUri-Begin -->
@@ -670,7 +670,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureUPnPDeviceHostServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureUPnPDeviceHostServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureUPnPDeviceHostServiceStartupMode-OmaUri-Begin -->
@@ -720,7 +720,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureWebManagementServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureWebManagementServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureWebManagementServiceStartupMode-OmaUri-Begin -->
@@ -770,7 +770,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureWindowsMediaPlayerNetworkSharingServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureWindowsMediaPlayerNetworkSharingServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureWindowsMediaPlayerNetworkSharingServiceStartupMode-OmaUri-Begin -->
@@ -820,7 +820,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureWindowsMobileHotspotServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureWindowsMobileHotspotServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureWindowsMobileHotspotServiceStartupMode-OmaUri-Begin -->
@@ -870,7 +870,7 @@ This setting determines whether the service's start type is Automatic(2), Manual
 <!-- ConfigureWorldWideWebPublishingServiceStartupMode-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ConfigureWorldWideWebPublishingServiceStartupMode-Applicability-End -->
 
 <!-- ConfigureWorldWideWebPublishingServiceStartupMode-OmaUri-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-userrights.md b/windows/client-management/mdm/policy-csp-userrights.md
index e5c1efb17d..710e7c41a9 100644
--- a/windows/client-management/mdm/policy-csp-userrights.md
+++ b/windows/client-management/mdm/policy-csp-userrights.md
@@ -1,7 +1,7 @@
 ---
 title: UserRights Policy CSP
 description: Learn more about the UserRights Area in Policy CSP.
-ms.date: 03/12/2025
+ms.date: 04/30/2025
 ms.topic: generated-reference
 ---
 
@@ -257,7 +257,7 @@ This user right allows a process to impersonate any user without authentication.
 <!-- AdjustMemoryQuotasForProcess-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- AdjustMemoryQuotasForProcess-Applicability-End -->
 
 <!-- AdjustMemoryQuotasForProcess-OmaUri-Begin -->
@@ -366,7 +366,7 @@ This user right determines which users can log on to the computer.
 <!-- AllowLogOnThroughRemoteDesktop-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- AllowLogOnThroughRemoteDesktop-Applicability-End -->
 
 <!-- AllowLogOnThroughRemoteDesktop-OmaUri-Begin -->
@@ -467,7 +467,7 @@ This user right determines which users can bypass file, directory, registry, and
 <!-- BypassTraverseChecking-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- BypassTraverseChecking-Applicability-End -->
 
 <!-- BypassTraverseChecking-OmaUri-Begin -->
@@ -582,7 +582,7 @@ This user right determines which users and groups can change the time and date o
 <!-- ChangeTimeZone-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ChangeTimeZone-Applicability-End -->
 
 <!-- ChangeTimeZone-OmaUri-Begin -->
@@ -1058,7 +1058,7 @@ This security setting determines which service accounts are prevented from regis
 <!-- DenyLogOnAsBatchJob-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- DenyLogOnAsBatchJob-Applicability-End -->
 
 <!-- DenyLogOnAsBatchJob-OmaUri-Begin -->
@@ -1590,7 +1590,7 @@ This user right determines which accounts can use a process to keep data in phys
 <!-- LogOnAsBatchJob-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- LogOnAsBatchJob-Applicability-End -->
 
 <!-- LogOnAsBatchJob-OmaUri-Begin -->
@@ -1639,7 +1639,7 @@ This security setting allows a user to be logged-on by means of a batch-queue fa
 <!-- LogOnAsService-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- LogOnAsService-Applicability-End -->
 
 <!-- LogOnAsService-OmaUri-Begin -->
@@ -1936,7 +1936,7 @@ This user right determines which users can use performance monitoring tools to m
 <!-- ProfileSystemPerformance-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ProfileSystemPerformance-Applicability-End -->
 
 <!-- ProfileSystemPerformance-OmaUri-Begin -->
@@ -2034,7 +2034,7 @@ This user right determines which users are allowed to shut down a computer from
 <!-- ReplaceProcessLevelToken-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ReplaceProcessLevelToken-Applicability-End -->
 
 <!-- ReplaceProcessLevelToken-OmaUri-Begin -->
@@ -2143,7 +2143,7 @@ This user right determines which users can bypass file, directory, registry, and
 <!-- ShutDownTheSystem-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 [10.0.26100] and later |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 with [KB5053657](https://support.microsoft.com/help/5053657) [10.0.22621.5126] and later <br> ✅ Windows 11, version 24H2 [10.0.26100] and later |
 <!-- ShutDownTheSystem-Applicability-End -->
 
 <!-- ShutDownTheSystem-OmaUri-Begin -->
diff --git a/windows/client-management/mdm/policy-csp-windowsai.md b/windows/client-management/mdm/policy-csp-windowsai.md
index a8007969a9..6f59fee325 100644
--- a/windows/client-management/mdm/policy-csp-windowsai.md
+++ b/windows/client-management/mdm/policy-csp-windowsai.md
@@ -1,7 +1,7 @@
 ---
 title: WindowsAI Policy CSP
 description: Learn more about the WindowsAI Area in Policy CSP.
-ms.date: 03/27/2025
+ms.date: 05/02/2025
 ms.topic: generated-reference
 ---
 
@@ -22,7 +22,7 @@ ms.topic: generated-reference
 <!-- AllowRecallEnablement-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 with [KB5052093](https://support.microsoft.com/help/5052093) [10.0.26100.3323] and later <br> ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 with [KB5055627](https://support.microsoft.com/help/5055627) [10.0.26100.3915] and later <br> ✅ Windows Insider Preview |
 <!-- AllowRecallEnablement-Applicability-End -->
 
 <!-- AllowRecallEnablement-OmaUri-Begin -->
@@ -91,7 +91,7 @@ This policy setting allows you to determine whether the Recall optional componen
 <!-- DisableAIDataAnalysis-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ✅ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 with [KB5052093](https://support.microsoft.com/help/5052093) [10.0.26100.3323] and later <br> ✅ Windows Insider Preview |
+| ✅ Device <br> ✅ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 with [KB5055627](https://support.microsoft.com/help/5055627) [10.0.26100.3915] and later <br> ✅ Windows Insider Preview |
 <!-- DisableAIDataAnalysis-Applicability-End -->
 
 <!-- DisableAIDataAnalysis-OmaUri-Begin -->
@@ -193,7 +193,7 @@ Click to Do lets people take action on content on their screens. When activated,
 |:--|:--|
 | Format | `int` |
 | Access Type | Add, Delete, Get, Replace |
-| Default Value  | 1 |
+| Default Value  | 0 |
 <!-- DisableClickToDo-DFProperties-End -->
 
 <!-- DisableClickToDo-AllowedValues-Begin -->
@@ -201,8 +201,8 @@ Click to Do lets people take action on content on their screens. When activated,
 
 | Value | Description |
 |:--|:--|
-| 0 | Click to Do is enabled. |
-| 1 (Default) | Click to Do is disabled. |
+| 0 (Default) | Click to Do is enabled. |
+| 1 | Click to Do is disabled. |
 <!-- DisableClickToDo-AllowedValues-End -->
 
 <!-- DisableClickToDo-GpMapping-Begin -->
@@ -226,7 +226,7 @@ Click to Do lets people take action on content on their screens. When activated,
 <!-- DisableCocreator-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ❌ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621.4870] and later <br> ✅ Windows 11, version 24H2 [10.0.26100.3360] and later <br> ✅ Windows Insider Preview |
 <!-- DisableCocreator-Applicability-End -->
 
 <!-- DisableCocreator-OmaUri-Begin -->
@@ -288,7 +288,7 @@ This policy setting allows you to control whether Cocreator functionality is dis
 <!-- DisableGenerativeFill-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ❌ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621.4870] and later <br> ✅ Windows 11, version 24H2 [10.0.26100.3360] and later <br> ✅ Windows Insider Preview |
 <!-- DisableGenerativeFill-Applicability-End -->
 
 <!-- DisableGenerativeFill-OmaUri-Begin -->
@@ -350,7 +350,7 @@ This policy setting allows you to control whether generative fill functionality
 <!-- DisableImageCreator-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ❌ User | ❌ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621.4870] and later <br> ✅ Windows 11, version 24H2 [10.0.26100.3360] and later <br> ✅ Windows Insider Preview |
 <!-- DisableImageCreator-Applicability-End -->
 
 <!-- DisableImageCreator-OmaUri-Begin -->
@@ -469,7 +469,7 @@ The property value is the Application User Model ID (AUMID) for the target appli
 <!-- SetDenyAppListForRecall-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ✅ User | ❌ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 with [KB5052093](https://support.microsoft.com/help/5052093) [10.0.26100.3323] and later <br> ✅ Windows Insider Preview |
+| ✅ Device <br> ✅ User | ❌ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 with [KB5055627](https://support.microsoft.com/help/5055627) [10.0.26100.3915] and later <br> ✅ Windows Insider Preview |
 <!-- SetDenyAppListForRecall-Applicability-End -->
 
 <!-- SetDenyAppListForRecall-OmaUri-Begin -->
@@ -538,7 +538,7 @@ For example: `code.exe;Microsoft.WindowsNotepad_8wekyb3d8bbwe!App;ms-teams.exe`
 <!-- SetDenyUriListForRecall-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ✅ User | ❌ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 with [KB5052093](https://support.microsoft.com/help/5052093) [10.0.26100.3323] and later <br> ✅ Windows Insider Preview |
+| ✅ Device <br> ✅ User | ❌ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 with [KB5055627](https://support.microsoft.com/help/5055627) [10.0.26100.3915] and later <br> ✅ Windows Insider Preview |
 <!-- SetDenyUriListForRecall-Applicability-End -->
 
 <!-- SetDenyUriListForRecall-OmaUri-Begin -->
@@ -603,7 +603,7 @@ Adding `https://www.WoodgroveBank.com` to the list would also filter `https://Ac
 <!-- SetMaximumStorageDurationForRecallSnapshots-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ✅ User | ❌ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 with [KB5052093](https://support.microsoft.com/help/5052093) [10.0.26100.3323] and later <br> ✅ Windows Insider Preview |
+| ✅ Device <br> ✅ User | ❌ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 with [KB5055627](https://support.microsoft.com/help/5055627) [10.0.26100.3915] and later <br> ✅ Windows Insider Preview |
 <!-- SetMaximumStorageDurationForRecallSnapshots-Applicability-End -->
 
 <!-- SetMaximumStorageDurationForRecallSnapshots-OmaUri-Begin -->
@@ -679,7 +679,7 @@ Snapshots aren't deleted until the maximum storage allocation for Recall is reac
 <!-- SetMaximumStorageSpaceForRecallSnapshots-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
-| ✅ Device <br> ✅ User | ❌ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 with [KB5052093](https://support.microsoft.com/help/5052093) [10.0.26100.3323] and later <br> ✅ Windows Insider Preview |
+| ✅ Device <br> ✅ User | ❌ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 24H2 with [KB5055627](https://support.microsoft.com/help/5055627) [10.0.26100.3915] and later <br> ✅ Windows Insider Preview |
 <!-- SetMaximumStorageSpaceForRecallSnapshots-Applicability-End -->
 
 <!-- SetMaximumStorageSpaceForRecallSnapshots-OmaUri-Begin -->
@@ -832,4 +832,4 @@ This policy setting allows you to turn off Windows Copilot.
 
 ## Related articles
 
-[Policy configuration service provider](policy-configuration-service-provider.md)
\ No newline at end of file
+[Policy configuration service provider](policy-configuration-service-provider.md)
diff --git a/windows/client-management/mdm/toc.yml b/windows/client-management/mdm/toc.yml
index 51966229d9..68a08b226b 100644
--- a/windows/client-management/mdm/toc.yml
+++ b/windows/client-management/mdm/toc.yml
@@ -986,6 +986,11 @@ items:
       items:
       - name: WindowsAutopilot DDF file
         href: windowsautopilot-ddf-file.md
+    - name: WindowsBackupAndRestore
+      href: windowsbackupandrestore-csp.md
+      items:
+      - name: WindowsBackupAndRestore DDF file
+        href: windowsbackupandrestore-ddf-file.md
     - name: WindowsDefenderApplicationGuard
       href: windowsdefenderapplicationguard-csp.md
       items:
diff --git a/windows/client-management/mdm/windowsbackupandrestore-csp.md b/windows/client-management/mdm/windowsbackupandrestore-csp.md
new file mode 100644
index 0000000000..159f7d68e6
--- /dev/null
+++ b/windows/client-management/mdm/windowsbackupandrestore-csp.md
@@ -0,0 +1,83 @@
+---
+title: WindowsBackupAndRestore CSP
+description: Learn more about the WindowsBackupAndRestore CSP.
+ms.date: 04/30/2025
+ms.topic: generated-reference
+---
+
+<!-- Auto-Generated CSP Document -->
+
+<!-- WindowsBackupAndRestore-Begin -->
+# WindowsBackupAndRestore CSP
+
+[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)]
+
+<!-- WindowsBackupAndRestore-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- WindowsBackupAndRestore-Editable-End -->
+
+<!-- WindowsBackupAndRestore-Tree-Begin -->
+The following list shows the WindowsBackupAndRestore configuration service provider nodes:
+
+- ./Device/Vendor/MSFT/WindowsBackupAndRestore
+  - [EnableWindowsRestore](#enablewindowsrestore)
+<!-- WindowsBackupAndRestore-Tree-End -->
+
+<!-- Device-EnableWindowsRestore-Begin -->
+## EnableWindowsRestore
+
+<!-- Device-EnableWindowsRestore-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
+<!-- Device-EnableWindowsRestore-Applicability-End -->
+
+<!-- Device-EnableWindowsRestore-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/WindowsBackupAndRestore/EnableWindowsRestore
+```
+<!-- Device-EnableWindowsRestore-OmaUri-End -->
+
+<!-- Device-EnableWindowsRestore-Description-Begin -->
+<!-- Description-Source-DDF -->
+Sets a policy to enable Windows Restore.
+<!-- Device-EnableWindowsRestore-Description-End -->
+
+<!-- Device-EnableWindowsRestore-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- Device-EnableWindowsRestore-Editable-End -->
+
+<!-- Device-EnableWindowsRestore-DFProperties-Begin -->
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `bool` |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value  | false |
+<!-- Device-EnableWindowsRestore-DFProperties-End -->
+
+<!-- Device-EnableWindowsRestore-AllowedValues-Begin -->
+**Allowed values**:
+
+| Value | Description |
+|:--|:--|
+| false (Default) | Windows Restore Not Configured. |
+| true | Windows Restore Enabled. |
+<!-- Device-EnableWindowsRestore-AllowedValues-End -->
+
+<!-- Device-EnableWindowsRestore-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- Device-EnableWindowsRestore-Examples-End -->
+
+<!-- Device-EnableWindowsRestore-End -->
+
+<!-- WindowsBackupAndRestore-CspMoreInfo-Begin -->
+<!-- Add any additional information about this CSP here. Anything outside this section will get overwritten. -->
+<!-- WindowsBackupAndRestore-CspMoreInfo-End -->
+
+<!-- WindowsBackupAndRestore-End -->
+
+## Related articles
+
+[Configuration service provider reference](configuration-service-provider-reference.md)
diff --git a/windows/client-management/mdm/windowsbackupandrestore-ddf-file.md b/windows/client-management/mdm/windowsbackupandrestore-ddf-file.md
new file mode 100644
index 0000000000..f5a3975bae
--- /dev/null
+++ b/windows/client-management/mdm/windowsbackupandrestore-ddf-file.md
@@ -0,0 +1,89 @@
+---
+title: WindowsBackupAndRestore DDF file
+description: View the XML file containing the device description framework (DDF) for the WindowsBackupAndRestore configuration service provider.
+ms.date: 04/30/2025
+ms.topic: generated-reference
+---
+
+<!-- Auto-Generated CSP Document -->
+
+# WindowsBackupAndRestore DDF file
+
+The following XML file contains the device description framework (DDF) for the WindowsBackupAndRestore configuration service provider.
+
+```xml
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE MgmtTree PUBLIC " -//OMA//DTD-DM-DDF 1.2//EN" "http://www.openmobilealliance.org/tech/DTD/DM_DDF-V1_2.dtd"[<?oma-dm-ddf-ver supported-versions="1.2"?>]>
+<MgmtTree xmlns:MSFT="http://schemas.microsoft.com/MobileDevice/DM">
+  <VerDTD>1.2</VerDTD>
+  <MSFT:Diagnostics>
+  </MSFT:Diagnostics>
+  <Node>
+    <NodeName>WindowsBackupAndRestore</NodeName>
+    <Path>./Device/Vendor/MSFT</Path>
+    <DFProperties>
+      <AccessType>
+        <Get />
+      </AccessType>
+      <Description>The root node for the Windows Backup and restore.</Description>
+      <DFFormat>
+        <node />
+      </DFFormat>
+      <Occurrence>
+        <One />
+      </Occurrence>
+      <Scope>
+        <Permanent />
+      </Scope>
+      <DFType>
+        <MIME />
+      </DFType>
+      <MSFT:Applicability>
+        <MSFT:OsBuildVersion>99.9.99999</MSFT:OsBuildVersion>
+        <MSFT:CspVersion>9.9</MSFT:CspVersion>
+        <MSFT:EditionAllowList>0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2;</MSFT:EditionAllowList>
+      </MSFT:Applicability>
+    </DFProperties>
+    <Node>
+      <NodeName>EnableWindowsRestore</NodeName>
+      <DFProperties>
+        <AccessType>
+          <Add />
+          <Delete />
+          <Get />
+          <Replace />
+        </AccessType>
+        <DefaultValue>false</DefaultValue>
+        <Description>Sets a policy to enable Windows Restore.</Description>
+        <DFFormat>
+          <bool />
+        </DFFormat>
+        <Occurrence>
+          <One />
+        </Occurrence>
+        <Scope>
+          <Dynamic />
+        </Scope>
+        <DFTitle>Enable Windows Restore</DFTitle>
+        <DFType>
+          <MIME />
+        </DFType>
+        <MSFT:AllowedValues ValueType="ENUM">
+          <MSFT:Enum>
+            <MSFT:Value>false</MSFT:Value>
+            <MSFT:ValueDescription>Windows Restore Not Configured</MSFT:ValueDescription>
+          </MSFT:Enum>
+          <MSFT:Enum>
+            <MSFT:Value>true</MSFT:Value>
+            <MSFT:ValueDescription>Windows Restore Enabled</MSFT:ValueDescription>
+          </MSFT:Enum>
+        </MSFT:AllowedValues>
+      </DFProperties>
+    </Node>
+  </Node>
+</MgmtTree>
+```
+
+## Related articles
+
+[WindowsBackupAndRestore configuration service provider reference](windowsbackupandrestore-csp.md)
diff --git a/windows/client-management/mdm/wirelessnetworkpreference-csp.md b/windows/client-management/mdm/wirelessnetworkpreference-csp.md
index b356a16a04..cd372050db 100644
--- a/windows/client-management/mdm/wirelessnetworkpreference-csp.md
+++ b/windows/client-management/mdm/wirelessnetworkpreference-csp.md
@@ -1,7 +1,7 @@
 ---
 title: WirelessNetworkPreference CSP
 description: Learn more about the WirelessNetworkPreference CSP.
-ms.date: 04/21/2025
+ms.date: 04/30/2025
 ms.topic: generated-reference
 ---
 
@@ -577,8 +577,8 @@ When evaluating eSIM profiles for connectivity, this value configures the amount
 |:--|:--|
 | Format | `int` |
 | Access Type | Get, Replace |
-| Allowed Values | Range: `[30-360]` |
-| Default Value  | 60 |
+| Allowed Values | Range: `[20-360]` |
+| Default Value  | 30 |
 <!-- Device-Parameters-CellularParameters-ProfileRegistrationTimerInSeconds-DFProperties-End -->
 
 <!-- Device-Parameters-CellularParameters-ProfileRegistrationTimerInSeconds-Examples-Begin -->
@@ -733,7 +733,7 @@ Nodes that indicate the status of the wireless connectivity management service.
 
 <!-- Device-Status-eSIMpolicyStatus-Description-Begin -->
 <!-- Description-Source-DDF -->
-An integer indicating the current status of the wireless connectivity management service. If the value is zero, there are no errors. \n\n 0 = No errors. \n 1 = No policies are configured. \n 2 = More than one policy has the same priority. \n 3 = More than one policy references the same PLMNID. \n 4 = Invalid PLMNID for one or more of the configured profiles. \n 5 = More than one eSIM profile stored in the eUICC with the same PLMN ID. \n 6 = Invalid configuration value for one or more of the cellular parameters. Please review CSP documentation. \n\n Warning: Any of these errors will result in a complete halt of the wireless connectivity management service.
+An integer indicating the current status of the wireless connectivity management service. If the value is zero, there are no errors. \n\n 0 = No errors. \n 1 = No policies are configured. \n 2 = More than one policy has the same priority. \n 3 = More than one policy references the same PLMN ID. \n 4 = Invalid PLMN ID for one or more of the configured profiles. \n 5 = More than one eSIM profile stored in the eUICC with the same PLMN ID. \n 6 = Invalid configuration value for one or more of the cellular parameters. Please review CSP documentation. \n\n Warning: Any of these errors will result in a complete halt of the wireless connectivity management service.
 <!-- Device-Status-eSIMpolicyStatus-Description-End -->
 
 <!-- Device-Status-eSIMpolicyStatus-Editable-Begin -->
@@ -811,7 +811,7 @@ Count of operational eSIM profiles stored in the eUICC.
 
 <!-- Device-Status-eSIMprofilesMatched-Description-Begin -->
 <!-- Description-Source-DDF -->
-Count of operational eSIM profiles stored on the eUICC whose PLMN matches one of the ConnectionProfileIDs setup under the ConnectionProfiles node. Only matched profiles with no errors will be counted. If more than one eSIM profile with the same PLMN ID is configured on the policy and/or more than one eSIM profile with the same PLMN ID is stored in the eUICC, then they won't be counted even if there is a match.
+Count of operational eSIM profiles stored on the eUICC whose PLMN ID matches one of the ConnectionProfileIDs setup under the ConnectionProfiles node. Only matched profiles with no errors will be counted. If more than one eSIM profile with the same PLMN ID is configured on the policy and/or more than one eSIM profile with the same PLMN ID is stored in the eUICC, then they won't be counted even if there is a match.
 <!-- Device-Status-eSIMprofilesMatched-Description-End -->
 
 <!-- Device-Status-eSIMprofilesMatched-Editable-Begin -->
diff --git a/windows/client-management/mdm/wirelessnetworkpreference-ddf-file.md b/windows/client-management/mdm/wirelessnetworkpreference-ddf-file.md
index e23616812e..01d64c2b80 100644
--- a/windows/client-management/mdm/wirelessnetworkpreference-ddf-file.md
+++ b/windows/client-management/mdm/wirelessnetworkpreference-ddf-file.md
@@ -1,7 +1,7 @@
 ---
 title: WirelessNetworkPreference DDF file
 description: View the XML file containing the device description framework (DDF) for the WirelessNetworkPreference configuration service provider.
-ms.date: 04/21/2025
+ms.date: 04/30/2025
 ms.topic: generated-reference
 ---
 
@@ -25,7 +25,7 @@ The following XML file contains the device description framework (DDF) for the W
       <AccessType>
         <Get />
       </AccessType>
-      <Description>Represents information associated with wireless networks prioritization including detailed connectivity priorities for specific cellular networks with a unique PLMN_ID.</Description>
+      <Description>Represents information associated with wireless networks prioritization including detailed connectivity priorities for specific cellular networks with a unique PLMN ID.</Description>
       <DFFormat>
         <node />
       </DFFormat>
@@ -157,7 +157,7 @@ The following XML file contains the device description framework (DDF) for the W
           <AccessType>
             <Get />
           </AccessType>
-          <Description>Count of operational eSIM profiles stored on the eUICC whose PLMN matches one of the ConnectionProfileIDs setup under the ConnectionProfiles node. Only matched profiles with no errors will be counted. If more than one eSIM profile with the same PLMN ID is configured on the policy and/or more than one eSIM profile with the same PLMN ID is stored in the eUICC, then they will not be counted even if there is a match.</Description>
+          <Description>Count of operational eSIM profiles stored on the eUICC whose PLMN ID matches one of the ConnectionProfileIDs setup under the ConnectionProfiles node. Only matched profiles with no errors will be counted. If more than one eSIM profile with the same PLMN ID is configured on the policy and/or more than one eSIM profile with the same PLMN ID is stored in the eUICC, then they will not be counted even if there is a match.</Description>
           <DFFormat>
             <int />
           </DFFormat>
@@ -178,7 +178,7 @@ The following XML file contains the device description framework (DDF) for the W
           <AccessType>
             <Get />
           </AccessType>
-          <Description>An integer indicating the current status of the wireless connectivity management service. If the value is zero, there are no errors. \n\n 0 = No errors. \n 1 = No policies are configured. \n 2 = More than one policy has the same priority. \n 3 = More than one policy references the same PLMNID. \n 4 = Invalid PLMNID for one or more of the configured profiles. \n 5 = More than one eSIM profile stored in the eUICC with the same PLMN ID. \n 6 = Invalid configuration value for one or more of the cellular parameters. Please review CSP documentation. \n\n Warning: Any of these errors will result in a complete halt of the wireless connectivity management service.</Description>
+          <Description>An integer indicating the current status of the wireless connectivity management service. If the value is zero, there are no errors. \n\n 0 = No errors. \n 1 = No policies are configured. \n 2 = More than one policy has the same priority. \n 3 = More than one policy references the same PLMN ID. \n 4 = Invalid PLMN ID for one or more of the configured profiles. \n 5 = More than one eSIM profile stored in the eUICC with the same PLMN ID. \n 6 = Invalid configuration value for one or more of the cellular parameters. Please review CSP documentation. \n\n Warning: Any of these errors will result in a complete halt of the wireless connectivity management service.</Description>
           <DFFormat>
             <int />
           </DFFormat>
@@ -326,7 +326,7 @@ The following XML file contains the device description framework (DDF) for the W
               <Get />
               <Replace />
             </AccessType>
-            <DefaultValue>60</DefaultValue>
+            <DefaultValue>30</DefaultValue>
             <Description>When evaluating eSIM profiles for connectivity, this value configures the amount of time (in seconds) that the agent will wait for network registration before considering this profile unsatisfactory and moving on to the next one.</Description>
             <DFFormat>
               <int />
@@ -341,7 +341,7 @@ The following XML file contains the device description framework (DDF) for the W
               <MIME />
             </DFType>
             <MSFT:AllowedValues ValueType="Range">
-              <MSFT:Value>[30-360]</MSFT:Value>
+              <MSFT:Value>[20-360]</MSFT:Value>
             </MSFT:AllowedValues>
           </DFProperties>
         </Node>

From 0e68821a2f63e699fd894ad3d9afc125c8c5bb1e Mon Sep 17 00:00:00 2001
From: Meghan Stewart <33289333+mestew@users.noreply.github.com>
Date: Mon, 5 May 2025 09:04:56 -0700
Subject: [PATCH 08/17] update

---
 windows/whats-new/deprecated-features.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/whats-new/deprecated-features.md b/windows/whats-new/deprecated-features.md
index 561e694b6f..3b4bdd7f15 100644
--- a/windows/whats-new/deprecated-features.md
+++ b/windows/whats-new/deprecated-features.md
@@ -47,7 +47,7 @@ The features in this article are no longer being actively developed, and might b
 
 | Feature | Details and mitigation  | Deprecation announced |
 |---|---|---|
-| Device metadata <!--9364071-->| Device metadata is deprecated and will be removed in a future release of Windows. For more information about the replacement for this functionality, see [Driver Package Container Metadata](/windows-hardware/drivers/install/driver-package-container-metadata). | April 2025 |
+| Device metadata <!--9364071-->| Device metadata is deprecated and will be removed in a future release of Windows. For more information about the replacement for this functionality, see [Driver Package Container Metadata](/windows-hardware/drivers/install/driver-package-container-metadata). | May 2025 |
 | Maps app <!--9853653--> | Maps app is deprecated. It will be removed from the Microsoft Store by July 2025 and will no longer be supported. For more information, see [Resources for deprecated features](deprecated-features-resources.md#maps-app). | April 2025 |
 | VBS enclaves for Windows 11, version 23H2 and earlier <!--9693593-->|  [VBS enclaves](/windows/win32/trusted-execution/vbs-enclaves) are being deprecated on Windows 11, version 23H2 and earlier versions of Windows. Support for VBS enclaves will continue for Windows 11, version 24H2 and later. </br> </br> **[Update May 2025]** Existing enclaves signed with the EKU 1.3.6.1.4.1.311.76.57.1.15 will continue to be supported for all  Windows 11, version 23H2 and earlier versions of Windows, so long as no changes are made to the enclave that requires a re-sign of it. If a re-sign of the enclave occurs, the new EKU will be used to re-sign and the enclave will only be supported on Windows 11, version 24H2 and later. Existing enclaves signed with EKU 1.3.6.1.4.1.311.76.57.1.15 will continue to function without disruption on the following operating systems until a re-sign is needed: </br> <ul><li>Windows 10, version 22H2 </li> <li> Windows 11, version 22H2 </li><li> Windows 11, version 23H2 </li><li>Windows 11, version 24H2 and later</li></ul>| April 2025 |
 | Windows UWP Map control and Windows Maps platform APIs <!--9853556--> | The [Windows UWP Map control](/uwp/api/windows.ui.xaml.controls.maps) and [Windows Maps platform APIs](/uwp/api/windows.services.maps) within Windows have been deprecated as of April 8, 2025. The Maps UWP Control and Maps platform support within Windows will continue to function but will not be updated. For more information, see [Resources for deprecated features](deprecated-features-resources.md#windows-uwp-map-control-and-windows-maps-platform-apis). | April 8, 2025 |

From 9b95e6a054cde22f25e6509c834cd70c536ed1d6 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Tue, 6 May 2025 10:58:51 -0600
Subject: [PATCH 09/17] Fix typo

---
 windows/client-management/mdm/policy-csp-filesystem.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-filesystem.md b/windows/client-management/mdm/policy-csp-filesystem.md
index 6aa34c4df9..6113c617a1 100644
--- a/windows/client-management/mdm/policy-csp-filesystem.md
+++ b/windows/client-management/mdm/policy-csp-filesystem.md
@@ -1,7 +1,7 @@
 ---
 title: FileSystem Policy CSP
 description: Learn more about the FileSystem Area in Policy CSP.
-ms.date: 04/30/2025
+ms.date: 05/06/2025
 ms.topic: generated-reference
 ---
 
@@ -145,7 +145,7 @@ Dev drive or developer volume is a volume optimized for performance of developer
 
 Disabling this setting will disallow creation of new developer volumes, existing developer volumes will mount as regular volumes.
 
-If this setting isn't configured the default policy is to enable developer volumes while allowing antivirus filter to attach on a deveveloper volume. Further, if not configured, a local administrator can choose to not have antivirus filter attached to a developer volume.
+If this setting isn't configured the default policy is to enable developer volumes while allowing antivirus filter to attach on a developer volume. Further, if not configured, a local administrator can choose to not have antivirus filter attached to a developer volume.
 
 A reboot is required for this setting to take effect.
 <!-- EnableDevDrive-Description-End -->

From 3bd47f2038409252b8ecd56d94793f7fcde89f1a Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Wed, 7 May 2025 10:24:07 -0400
Subject: [PATCH 10/17] update

---
 windows/configuration/taskbar/includes/example.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/windows/configuration/taskbar/includes/example.md b/windows/configuration/taskbar/includes/example.md
index 4a31f71fce..20782979f7 100644
--- a/windows/configuration/taskbar/includes/example.md
+++ b/windows/configuration/taskbar/includes/example.md
@@ -17,6 +17,7 @@ ms.topic: include
     <defaultlayout:TaskbarLayout>
       <taskbar:TaskbarPinList>
         <!-- your pins list goes here -->
+      </taskbar:TaskbarPinList>
     </defaultlayout:TaskbarLayout>
  </CustomTaskbarLayoutCollection>
 </LayoutModificationTemplate>

From 3b22c9740e2ca1207be29fdd8fec85f73e9e0ec2 Mon Sep 17 00:00:00 2001
From: "Vinay Pamnani (from Dev Box)" <vinpa@microsoft.com>
Date: Wed, 7 May 2025 11:28:11 -0600
Subject: [PATCH 11/17] Update appliesto

---
 windows/client-management/manage-notepad.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/windows/client-management/manage-notepad.md b/windows/client-management/manage-notepad.md
index 16adb1cb99..e36105a562 100644
--- a/windows/client-management/manage-notepad.md
+++ b/windows/client-management/manage-notepad.md
@@ -6,6 +6,8 @@ ms.subservice: windows-copilot
 ms.date: 04/30/2025
 ms.author: vinpa
 author: vinaypamnani-msft
+appliesto:
+- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client\" target="_blank">Windows 11</a>
 ---
 
 # Manage AI features in Notepad

From 9148e9bf69d5c0b73083ccfafa4c47052ff5a2b9 Mon Sep 17 00:00:00 2001
From: Frank Rojas <45807133+frankroj@users.noreply.github.com>
Date: Wed, 7 May 2025 19:31:31 -0400
Subject: [PATCH 12/17] Update date

Updated article last month and updated date to 04/08, but forgot to update the year from 2024 to 2025
---
 windows/deployment/mbr-to-gpt.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/mbr-to-gpt.md b/windows/deployment/mbr-to-gpt.md
index 2e0fd5f1de..1e7ca6d9b9 100644
--- a/windows/deployment/mbr-to-gpt.md
+++ b/windows/deployment/mbr-to-gpt.md
@@ -4,7 +4,7 @@ description: Use MBR2GPT.EXE to convert a disk from the Master Boot Record (MBR)
 ms.service: windows-client
 author: frankroj
 ms.author: frankroj
-ms.date: 04/08/2024
+ms.date: 05/07/2025
 manager: aaroncz
 ms.localizationpriority: high
 ms.topic: how-to

From 5029fed848dbdf52c1a567523a48345a0b9b5c1e Mon Sep 17 00:00:00 2001
From: "Vinay Pamnani (from Dev Box)" <vinpa@microsoft.com>
Date: Thu, 8 May 2025 09:55:04 -0600
Subject: [PATCH 13/17] Update link

---
 windows/client-management/manage-notepad.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/client-management/manage-notepad.md b/windows/client-management/manage-notepad.md
index e36105a562..1259fb7c81 100644
--- a/windows/client-management/manage-notepad.md
+++ b/windows/client-management/manage-notepad.md
@@ -20,7 +20,7 @@ This article provides information about managing AI features for Notepad in a co
 
 ## Download the Notepad administrative template (ADMX)
 
-The [Notepad Administrative Template (ADMX)](https://todo) can be downloaded from the Microsoft Download Center. The group policy settings contained in the ADMX file are machine-wide for all users.
+The [Notepad Administrative Template (ADMX)](https://download.microsoft.com/download/72ea16a9-4cc9-4032-945d-3a56a483d034/WindowsNotepadAdminTemplates.cab) can be downloaded from the Microsoft Download Center. The group policy settings contained in the ADMX file are machine-wide for all users.
 
 ## Policy settings
 
@@ -34,7 +34,7 @@ This policy setting allows you to control whether AI features are disabled in th
 **Supported versions**
 
 - Windows 11, version 22H2 or later.
-- Notepad [TBD]
+- Notepad version 11.2503.16.0 or later.
 
 ## Configure policies
 

From e83e627ff6114f526c679a09e701b12bb64e4c1d Mon Sep 17 00:00:00 2001
From: chcart <120026950+chcart@users.noreply.github.com>
Date: Thu, 8 May 2025 13:42:37 -0500
Subject: [PATCH 14/17] Update smart-card-group-policy-and-registry-settings.md
 to fix CCS

Registry key shows CCS instead of CurrentControlSet.  Customers are taking this literally and stuff is breaking.
---
 .../smart-card-group-policy-and-registry-settings.md          | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md b/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md
index b98266524f..ee0d629731 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md
@@ -357,8 +357,8 @@ The following table lists the keys and the corresponding values to turn off cert
 
 | Registry Key | Details |
 |--|--|
-| `HKEY_LOCAL_MACHINE\SYSTEM\CCS\Services\Kdc\UseCachedCRLOnlyAndIgnoreRevocationUnknownErrors` | Type = DWORD<br>Value = 1 |
-| `HKEY_LOCAL_MACHINE\SYSTEM\CCS\Control\LSA\Kerberos\Parameters\UseCachedCRLOnlyAndIgnoreRevocationUnknownErrors` | Type = DWORD<br>Value = 1 |
+| `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Kdc\UseCachedCRLOnlyAndIgnoreRevocationUnknownErrors` | Type = DWORD<br>Value = 1 |
+| `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Kerberos\Parameters\UseCachedCRLOnlyAndIgnoreRevocationUnknownErrors` | Type = DWORD<br>Value = 1 |
 
 ## Additional smart card Group Policy settings and registry keys
 

From 3314b982253a6a62019f397379f66ff09141fb29 Mon Sep 17 00:00:00 2001
From: mjay <MaksOlowski@live.de>
Date: Mon, 12 May 2025 14:39:19 +0200
Subject: [PATCH 15/17] Update configure-recovery-password-rotation.md

Fix typo in 'Microsoft' and lowercase 'policy'
---
 .../bitlocker/includes/configure-recovery-password-rotation.md  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/operating-system-security/data-protection/bitlocker/includes/configure-recovery-password-rotation.md b/windows/security/operating-system-security/data-protection/bitlocker/includes/configure-recovery-password-rotation.md
index d2d790df4b..55173efadc 100644
--- a/windows/security/operating-system-security/data-protection/bitlocker/includes/configure-recovery-password-rotation.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/includes/configure-recovery-password-rotation.md
@@ -16,7 +16,7 @@ Possible values are:
 - `2`: numeric recovery password rotation upon use is *on* for both Microsoft Entra joined devices and Microsoft Entra hybrid joined devices
 
 > [!NOTE]
-> The Policy is effective only when Micropsoft Entra ID or Active Directory backup for recovery password is configured to *required*
+> The policy is effective only when Microsoft Entra ID or Active Directory backup for recovery password is configured to *required*
 >
 > - For OS drive: enable *Do not enable BitLocker until recovery information is stored to AD DS for operating system drives*
 > - For fixed drives: enable "*Do not enable BitLocker until recovery information is stored to AD DS for fixed data drives*

From a4c88bfff9a32bfd6de0f696cdfef38956836afc Mon Sep 17 00:00:00 2001
From: Christine Eaton <40660908+ceaton-msft@users.noreply.github.com>
Date: Tue, 13 May 2025 14:40:58 +0100
Subject: [PATCH 16/17] Update windows-autopatch-hotpatch-updates.md

Added clarity around Arm64 preview & added info on CSP to align with IT Pro blog being released.
---
 .../manage/windows-autopatch-hotpatch-updates.md              | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-hotpatch-updates.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-hotpatch-updates.md
index 59e83f707a..3313aafdb0 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-hotpatch-updates.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-hotpatch-updates.md
@@ -50,7 +50,7 @@ VBS must be turned on for a device to be offered Hotpatch updates. For informati
 ### Arm 64 devices must disable compiled hybrid PE usage (CHPE) (Arm 64 CPU Only)
 
 > [!IMPORTANT]
-> **Arm 64 devices are in public preview**. It's being actively developed and might not be complete. They're made available on a "Preview" basis. You can test and use these features in production environments and scenarios and provide feedback.
+> **Hotpatch updates on Arm 64 devices are in public preview**. It's being actively developed and might not be complete. They're made available on a "Preview" basis. You can test and use these features in production environments and scenarios and provide feedback.
 
 This requirement only applies to Arm 64 CPU devices when using Hotpatch updates. Hotpatch updates aren't compatible with servicing CHPE OS binaries located in the `%SystemRoot%\SyChpe32` folder.
 
@@ -63,6 +63,8 @@ To disable CHPE, create and/or set the following DWORD registry key:
 Path: `HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management`
 DWORD key value: HotPatchRestrictions=1
 
+You can also use the CSP DisableCHPE (available on Windows Insider Preview). See [DisableCHPE](/windows/client-management/mdm/policy-csp-system#disablechpe).
+
 > [!NOTE]
 > There are no plans to support hotpatch updates on Arm64 devices with CHPE enabled. Disabling CHPE is required only for Arm64 devices. AMD and Intel CPUs don’t have CHPE.
 

From 3a7207cd08fb8f1b41fa89afd8193b5b0b00c9d3 Mon Sep 17 00:00:00 2001
From: Tiara Quan <95256667+tiaraquan@users.noreply.github.com>
Date: Tue, 13 May 2025 09:06:32 -0700
Subject: [PATCH 17/17] Update windows-autopatch-hotpatch-updates.md

---
 .../manage/windows-autopatch-hotpatch-updates.md                | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-hotpatch-updates.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-hotpatch-updates.md
index 3313aafdb0..4669de9482 100644
--- a/windows/deployment/windows-autopatch/manage/windows-autopatch-hotpatch-updates.md
+++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-hotpatch-updates.md
@@ -63,7 +63,7 @@ To disable CHPE, create and/or set the following DWORD registry key:
 Path: `HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management`
 DWORD key value: HotPatchRestrictions=1
 
-You can also use the CSP DisableCHPE (available on Windows Insider Preview). See [DisableCHPE](/windows/client-management/mdm/policy-csp-system#disablechpe).
+You can also use the CSP DisableCHPE (available on Windows Insider Preview). For more information, see [DisableCHPE](/windows/client-management/mdm/policy-csp-system#disablechpe).
 
 > [!NOTE]
 > There are no plans to support hotpatch updates on Arm64 devices with CHPE enabled. Disabling CHPE is required only for Arm64 devices. AMD and Intel CPUs don’t have CHPE.