Merge remote-tracking branch 'refs/remotes/origin/master' into atp-gaps

windows/device-security/bitlocker/bitlocker-group-policy-settings.md

@@ -237,7 +237,7 @@ On a computer with a compatible TPM, four types of authentication methods can be
 
 -   only the TPM for authentication
 -   insertion of a USB flash drive containing the startup key
--   the entry of a 4-digit to 20-digit personal identification number (PIN)
+-   the entry of a 6-digit to 20-digit personal identification number (PIN)
 -   a combination of the PIN and the USB flash drive
 
 There are four options for TPM-enabled computers or devices:
@@ -347,14 +347,14 @@ This policy setting is used to set a minimum PIN length when you use an unlock m
 </tr>
 <tr class="odd">
 <td align="left"><p><strong>When disabled or not configured</strong></p></td>
-<td align="left"><p>Users can configure a startup PIN of any length between 4 and 20 digits.</p></td>
+<td align="left"><p>Users can configure a startup PIN of any length between 6 and 20 digits.</p></td>
 </tr>
 </tbody>
 </table>
  
 **Reference**
 
-This policy setting is applied when you turn on BitLocker. The startup PIN must have a minimum length of 4 digits and can have a maximum length of 20 digits.
+This policy setting is applied when you turn on BitLocker. The startup PIN must have a minimum length of 6 digits and can have a maximum length of 20 digits.
 
 ### Disable new DMA devices when this computer is locked
 
@@ -527,7 +527,7 @@ This policy setting is used to control what unlock options are available for com
  
 **Reference**
 
-On a computer with a compatible TPM, two authentication methods can be used at startup to provide added protection for encrypted data. When the computer starts, it can require users to insert a USB drive that contains a startup key. It can also require users to enter a 4-digit to 20-digit startup PIN.
+On a computer with a compatible TPM, two authentication methods can be used at startup to provide added protection for encrypted data. When the computer starts, it can require users to insert a USB drive that contains a startup key. It can also require users to enter a 6-digit to 20-digit startup PIN.
 
 A USB drive that contains a startup key is needed on computers without a compatible TPM. Without a TPM, BitLocker-encrypted data is protected solely by the key material that is on this USB drive.
 

windows/device-security/change-history-for-device-security.md

@@ -11,7 +11,12 @@ author: brianlic-msft
 # Change history for device security
 This topic lists new and updated topics in the [Device security](index.md) documentation.
 
+## May 2017
+|New or changed topic |Description |
+|---------------------|------------|
+| [BitLocker Group Policy settings](bitlocker/bitlocker-group-policy-settings.md) | Changed startup PIN minimun length from 4 to 6. |
+
 ## March 2017
 |New or changed topic |Description |
 |---------------------|------------|
-|[Requirements and deployment planning guidelines for Device Guard](device-guard/requirements-and-deployment-planning-guidelines-for-device-guard.md) |Updated to include additional security qualifications starting with Window 10, version 1703.|
+|[Requirements and deployment planning guidelines for Device Guard](device-guard/requirements-and-deployment-planning-guidelines-for-device-guard.md) | Updated to include additional security qualifications starting with Windows 10, version 1703.|

windows/threat-protection/windows-defender-antivirus/windows-defender-security-center-antivirus.md

@@ -89,13 +89,15 @@ This section describes how to perform some of the most common tasks when reviewi
 
 4. Click **Advanced scan** to specify different types of scans, such as a full scan.
 
-
-**Download protection updates in the Windows Defender Security Center app**
+<a id="definition-version"></a>
+**Review the definition update version and download the latest updates in the Windows Defender Security Center app**
 1. Open the Windows Defender Security Center app by clicking the shield icon in the task bar or searching the start menu for **Defender**.
 
 2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar).
 
-3. Click **Protection updates**.
+3. Click **Protection updates**. The currently installed version is displayed along with some information about when it was downloaded. You can check this against the latest version available for manual download, or review the change log for that version.
+
+![Definition version number information](images/defender/wdav-wdsc-defs.png)
 
 4. Click **Check for updates** to download new protection updates (if there are any).
 
@@ -129,15 +131,16 @@ This section describes how to perform some of the most common tasks when reviewi
 5. Click the plus icon to choose the type and set the options for each exclusion. 
 
 <a id="detection-history"></a>
-**Review threat detection history in the Windows Defender Security Center app**
-1. Open the Windows Defender Security Center app by clicking the shield icon in the task bar or searching the start menu for **Defender**.
-
-2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar).
-
-3. Click **Scan history**.
-
-4. Click **See full history** under each of the categories (**Current threats**, **Quarantined threats**, **Allowed threats**).
-
+**Review threat detection history in the Windows Defender Security Center app**
+1. Open the Windows Defender Security Center app by clicking the shield icon in the task bar or searching the start menu for **Defender**.
+ 
+2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar).
+ 
+3. Click **Scan history**.
+ 
+4. Click **See full history** under each of the categories (**Current threats**, **Quarantined threats**, **Allowed threats**).
+ 
+