From 648b2362547e9af6948fe2fbaf0a7e6231794613 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Mon, 10 Apr 2017 14:33:51 -0700 Subject: [PATCH 01/11] change ocid belowfoldlink1 --- ...-requirements-windows-defender-advanced-threat-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/keep-secure/minimum-requirements-windows-defender-advanced-threat-protection.md b/windows/keep-secure/minimum-requirements-windows-defender-advanced-threat-protection.md index 9a231875f8..b632c08944 100644 --- a/windows/keep-secure/minimum-requirements-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/minimum-requirements-windows-defender-advanced-threat-protection.md @@ -117,4 +117,4 @@ If you're running Windows Defender as the primary antimalware product on your en If you're running a third-party antimalware client and use Mobile Device Management solutions or System Center Configuration Manager (current branch) version 1606, you'll need to ensure that the Windows Defender ELAM driver is enabled. For more information, see [Ensure that Windows Defender is not disabled by policy](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md#ensure-that-windows-defender-is-not-disabled-by-a-policy). ->Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=technet-wd-atp-abovefoldlink1) +>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=technet-wd-atp-minreq-belowfoldlink1) From 1e51f83c68df913a456816d2baace8058191a253 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Mon, 10 Apr 2017 15:14:02 -0700 Subject: [PATCH 02/11] add links to IT Center page --- .../windows-defender-advanced-threat-protection.md | 2 ++ .../whats-new/whats-new-windows-10-version-1703.md | 14 ++++++++------ 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/windows/keep-secure/windows-defender-advanced-threat-protection.md b/windows/keep-secure/windows-defender-advanced-threat-protection.md index 0a9feddff7..0963cb7037 100644 --- a/windows/keep-secure/windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/windows-defender-advanced-threat-protection.md @@ -27,6 +27,8 @@ localizationpriority: high Windows Defender Advanced Threat Protection (Windows Defender ATP) is a security service that enables enterprise customers to detect, investigate, and respond to advanced threats on their networks. +Get a quick, but in-depth overview of Windows Defender ATP for Windows 10 and the new capabilities in Windows 10, version 1703 see (Windows Defender ATP for Windows 10 Creators Update)[https://technet.microsoft.com/en-au/windows/mt782787]. + Windows Defender ATP uses the following combination of technology built into Windows 10 and Microsoft's robust cloud service: - **Endpoint behavioral sensors**: Embedded in Windows 10, these sensors diff --git a/windows/whats-new/whats-new-windows-10-version-1703.md b/windows/whats-new/whats-new-windows-10-version-1703.md index 3995354bb7..f10f250341 100644 --- a/windows/whats-new/whats-new-windows-10-version-1703.md +++ b/windows/whats-new/whats-new-windows-10-version-1703.md @@ -12,12 +12,12 @@ ms.assetid: dca7c655-c4f6-45f8-aa02-64187b202617 # What's new in Windows 10, version 1703 IT pro content -Below is a list of some of the new and updated content that discusses Information Technology (IT) pro features in Windows 10, version 1703 (also known as the Creators Update). +Below is a list of some of the new and updated content that discusses Information Technology (IT) pro features in Windows 10, version 1703 (also known as the Creators Update). For more general info about Windows 10 features, see [Features available only on Windows 10](https://www.microsoft.com/windows/features). For info about previous versions of Windows 10, see [What's New in Windows 10](index.md). Also see this blog post: [What’s new for IT pros in the Windows 10 Creators Update](https://blogs.technet.microsoft.com/windowsitpro/2017/04/05/whats-new-for-it-pros-in-the-windows-10-creators-update/). >[!NOTE] ->Windows 10, version 1703 contains all fixes included in previous cumulative updates to Windows 10, version 1607. For info about each version, see [Windows 10 release information](https://technet.microsoft.com/en-us/windows/release-info). For a list of removed features, see [Features that are removed or deprecated in Windows 10 Creators Update](https://support.microsoft.com/help/4014193/features-that-are-removed-or-deprecated-in-windows-10-creators-update). +>Windows 10, version 1703 contains all fixes included in previous cumulative updates to Windows 10, version 1607. For info about each version, see [Windows 10 release information](https://technet.microsoft.com/en-us/windows/release-info). For a list of removed features, see [Features that are removed or deprecated in Windows 10 Creators Update](https://support.microsoft.com/help/4014193/features-that-are-removed-or-deprecated-in-windows-10-creators-update).   ## Configuration @@ -121,6 +121,8 @@ New features in Windows Defender Advanced Threat Protection (ATP) for Windows 10 You can read more about ransomware mitigations and detection capability in Windows Defender Advanced Threat Protection in the blog: [Averting ransomware epidemics in corporate networks with Windows Defender ATP](https://blogs.technet.microsoft.com/mmpc/2017/01/30/averting-ransomware-epidemics-in-corporate-networks-with-windows-defender-atp/). +Get a quick, but in-depth overview of Windows Defender ATP for Windows 10 and the new capabilities in Windows 10, version 1703 see (Windows Defender ATP for Windows 10 Creators Update)[https://technet.microsoft.com/en-au/windows/mt782787]. + ### Windows Defender Antivirus Windows Defender is now called Windows Defender Antivirus, and we've [increased the breadth of the documentation library for enterprise security admins](../keep-secure/windows-defender-antivirus-in-windows-10.md). @@ -160,7 +162,7 @@ A new security policy setting ### Windows Hello for Business -You can now reset a forgotten PIN without deleting company managed data or apps on devices managed by [Microsoft Intune](https://www.microsoft.com/cloud-platform/microsoft-intune). +You can now reset a forgotten PIN without deleting company managed data or apps on devices managed by [Microsoft Intune](https://www.microsoft.com/cloud-platform/microsoft-intune). For Windows Phone devices, an adminisrator is able to initiate a remote PIN reset through the Intune portal. @@ -185,7 +187,7 @@ We recently added the option to download Windows 10 Insider Preview builds using With changes delivered in Windows 10, version 1703, [Express updates](../update/waas-optimize-windows-10-updates.md#express-update-delivery) are now fully supported with System Center Configuration Manager, starting with version 1702 of Configuration Manager, as well as with other third-party updating and management products that [implement this new functionality](https://technet.microsoft.com/windows-server-docs/management/windows-server-update-services/deploy/express-update-delivery-isv-support). This is in addition to current Express support on Windows Update, Windows Update for Business and WSUS. >[!NOTE] -> The above changes can be made available to Windows 10, version 1607, by installing the April 2017 cumulative update. +> The above changes can be made available to Windows 10, version 1607, by installing the April 2017 cumulative update. Delivery Optimization policies now enable you to configure additional restrictions to have more control in various scenarios. @@ -220,7 +222,7 @@ Some of the other new CSPs are: - The [Office CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/office-csp) enables a Microsoft Office client to be installed on a device via the Office Deployment Tool. For more information, see [Configuration options for the Office Deployment Tool](https://technet.microsoft.com/library/jj219426.aspx). -- The [EnterpriseAppVManagement CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/enterpriseappvmanagement-csp) is used to manage virtual applications in Windows 10 PCs (Enterprise and Education editions) and enables App-V sequenced apps to be streamed to PCs even when managed by MDM. +- The [EnterpriseAppVManagement CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/enterpriseappvmanagement-csp) is used to manage virtual applications in Windows 10 PCs (Enterprise and Education editions) and enables App-V sequenced apps to be streamed to PCs even when managed by MDM. IT pros can use the new [MDM Migration Analysis Tool (MMAT)](http://aka.ms/mmat) to determine which Group Policy settings have been configured for a user or computer and cross-reference those settings against a built-in list of supported MDM policies. MMAT can generate both XML and HTML reports indicating the level of support for each Group Policy setting and MDM equivalents. @@ -233,7 +235,7 @@ The Windows version of mobile application management (MAM) is a lightweight solu For more info, see [Implement server-side support for mobile application management on Windows](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/implement-server-side-mobile-application-management). ### MDM diagnostics - + In Windows 10, version 1703, we continue our work to improve the diagnostic experience for modern management. By introducing auto-logging for mobile devices, Windows will automatically collect logs when encountering an error in MDM, eliminating the need to have always-on logging for memory-constrained devices. Additionally, we are introducing [Microsoft Message Analyzer](https://www.microsoft.com/download/details.aspx?id=44226) as an additional tool to help Support personnel quickly reduce issues to their root cause, while saving time and cost. ### Application Virtualization for Windows (App-V) From ea4d90390d39a4eb48487d280ea90b766bdb05d3 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Wed, 12 Apr 2017 13:16:46 -0700 Subject: [PATCH 03/11] update reg key to add Data collection --- ...roxy-internet-windows-defender-advanced-threat-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md index 8ef29a6be5..399486b886 100644 --- a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md @@ -45,7 +45,7 @@ Configure a registry-based static proxy to allow only Windows Defender ATP senso The static proxy is configurable through Group Policy (GP). The group policy can be found under: **Administrative Templates > Windows Components > Data Collection and Preview Builds > Configure connected user experiences and telemetry**. -The policy sets two registry values `TelemetryProxyServer` as REG_SZ and `DisableEnterpriseAuthProxy` as REG_DWORD under the registry key `HKLM\Software\Policies\Microsoft\Windows\DisableEnterpriseAuthProxy`. +The policy sets two registry values `TelemetryProxyServer` as REG_SZ and `DisableEnterpriseAuthProxy` as REG_DWORD under the registry key `HKLM\Software\Policies\Microsoft\Windows\DisableEnterpriseAuthProxy\DataCollection`. The registry value `TelemetryProxyServer` takes the following string format: From 4fdcfe03cab0d1ec86fb75409122088562ec2af7 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 12 Apr 2017 15:16:39 -0700 Subject: [PATCH 04/11] volume IDs can be retrieved --- windows/deploy/mbr-to-gpt.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deploy/mbr-to-gpt.md b/windows/deploy/mbr-to-gpt.md index 76aa003b02..46c411919f 100644 --- a/windows/deploy/mbr-to-gpt.md +++ b/windows/deploy/mbr-to-gpt.md @@ -216,7 +216,7 @@ Before any change to the disk is made, MBR2GPT validates the layout and geometry - There are at most 3 primary partitions in the MBR partition table - One of the partitions is set as active and is the system partition - The BCD store on the system partition contains a default OS entry pointing to an OS partition -- The volume IDs can retrieved for each volume which has a drive letter assigned +- The volume IDs can be retrieved for each volume which has a drive letter assigned - All partitions on the disk are of MBR types recognized by Windows or has a mapping specified using the /map command-line option If any of these checks fails, the conversion will not proceed and an error will be returned. From 2a8686561e44bb4dbd71a38f17c399b39e0a454d Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 12 Apr 2017 15:52:35 -0700 Subject: [PATCH 05/11] header issue --- windows/deploy/resolve-windows-10-upgrade-errors.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deploy/resolve-windows-10-upgrade-errors.md b/windows/deploy/resolve-windows-10-upgrade-errors.md index a16acec410..2885df534c 100644 --- a/windows/deploy/resolve-windows-10-upgrade-errors.md +++ b/windows/deploy/resolve-windows-10-upgrade-errors.md @@ -2,7 +2,7 @@ title: Resolve Windows 10 upgrade errors - Windows IT Pro description: Resolve Windows 10 upgrade errors for ITPros. Technical information for IT professionals to help diagnose Windows setup errors. ms.assetid: DFEFE22C-4FEF-4FD9-BFC4-9B419C339502 -keywords: deploy, error, troubleshoot, windows, 10, upgrade, code, rollback +keywords: deploy, error, troubleshoot, windows, 10, upgrade, code, rollback, ITPro ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library From 31a1ac4c911766b9bcd29ded7e3aa2e9a3b66ea8 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 12 Apr 2017 16:08:54 -0700 Subject: [PATCH 06/11] added newline --- windows/deploy/resolve-windows-10-upgrade-errors.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/deploy/resolve-windows-10-upgrade-errors.md b/windows/deploy/resolve-windows-10-upgrade-errors.md index 2885df534c..ad2eada743 100644 --- a/windows/deploy/resolve-windows-10-upgrade-errors.md +++ b/windows/deploy/resolve-windows-10-upgrade-errors.md @@ -560,6 +560,7 @@ For more information, see [How to perform a clean boot in Windows](https://suppo + ### 0x800xxxxx Result codes starting with the digits 0x800 are also important to understand. These error codes indicate general operating system errors, and are not unique to the Windows upgrade process. Examples include timeouts, devices not functioning, and a process stopping unexpectedly. From 9cefbd8e8c55aeedcdb03effc18b302fbd4983a0 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 12 Apr 2017 16:16:15 -0700 Subject: [PATCH 07/11] added more newlines --- windows/deploy/resolve-windows-10-upgrade-errors.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/windows/deploy/resolve-windows-10-upgrade-errors.md b/windows/deploy/resolve-windows-10-upgrade-errors.md index ad2eada743..4a80ed05e9 100644 --- a/windows/deploy/resolve-windows-10-upgrade-errors.md +++ b/windows/deploy/resolve-windows-10-upgrade-errors.md @@ -563,8 +563,10 @@ For more information, see [How to perform a clean boot in Windows](https://suppo ### 0x800xxxxx + Result codes starting with the digits 0x800 are also important to understand. These error codes indicate general operating system errors, and are not unique to the Windows upgrade process. Examples include timeouts, devices not functioning, and a process stopping unexpectedly. +

See the following general troubleshooting procedures associated with a result code of 0x800xxxxx: From 10cd43def90d913026005137c1b6eff560313c79 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 12 Apr 2017 16:26:08 -0700 Subject: [PATCH 08/11] removed xxxxx --- windows/deploy/resolve-windows-10-upgrade-errors.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/windows/deploy/resolve-windows-10-upgrade-errors.md b/windows/deploy/resolve-windows-10-upgrade-errors.md index 4a80ed05e9..001d1c52bb 100644 --- a/windows/deploy/resolve-windows-10-upgrade-errors.md +++ b/windows/deploy/resolve-windows-10-upgrade-errors.md @@ -32,7 +32,7 @@ This topic contains a brief introduction to Windows 10 installation processes, a - [Analyze log files](#analyze-log-files): General procedures for log file analysis, and an example. - [Resolution procedures](#resolution-procedures): Causes and mitigation procedures associated with specific error codes. - [0xC1900101](#0xc1900101): Information about the 0xC1900101 result code. - - [0x800xxxxx](#0x800xxxxx): Information about result codes that start with 0x800. + - [0x800xxxxx](#0x800): Information about result codes that start with 0x800. - [Other result codes](#other-result-codes): Additional causes and mitigation procedures are provided for some result codes. - [Other error codes](#other-error-codes): Additional causes and mitigation procedures are provided for some error codes. @@ -561,12 +561,11 @@ For more information, see [How to perform a clean boot in Windows](https://suppo
-### 0x800xxxxx +### 0x800 Result codes starting with the digits 0x800 are also important to understand. These error codes indicate general operating system errors, and are not unique to the Windows upgrade process. Examples include timeouts, devices not functioning, and a process stopping unexpectedly. -

See the following general troubleshooting procedures associated with a result code of 0x800xxxxx: From c52326b4439d1e93be50375d65ab8181a376c109 Mon Sep 17 00:00:00 2001 From: Justinha Date: Wed, 12 Apr 2017 16:30:25 -0700 Subject: [PATCH 09/11] added new setting --- .../bitlocker-group-policy-settings.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/windows/keep-secure/bitlocker-group-policy-settings.md b/windows/keep-secure/bitlocker-group-policy-settings.md index 8f5aa0a1af..252b46ba59 100644 --- a/windows/keep-secure/bitlocker-group-policy-settings.md +++ b/windows/keep-secure/bitlocker-group-policy-settings.md @@ -37,6 +37,7 @@ The following policy settings can be used to determine how a BitLocker-protected - [Require additional authentication at startup](#bkmk-unlockpol1) - [Allow enhanced PINs for startup](#bkmk-unlockpol2) - [Configure minimum PIN length for startup](#bkmk-unlockpol3) +- [Disable new DMA devices when this computer is locked](#disable-new-dma-devices-when-this-computer-is-locked) - [Disallow standard users from changing the PIN or password](#bkmk-dpinchange) - [Configure use of passwords for operating system drives](#bkmk-ospw) - [Require additional authentication at startup (Windows Server 2008 and Windows Vista)](#bkmk-unlockpol4) @@ -355,6 +356,24 @@ This policy setting is used to set a minimum PIN length when you use an unlock m This policy setting is applied when you turn on BitLocker. The startup PIN must have a minimum length of 4 digits and can have a maximum length of 20 digits. +### Disable new DMA devices when this computer is locked + +This policy setting allows you to block direct memory access (DMA) for all hot pluggable PCI ports until a user signs in to Windows. + +| | | +|--------------------|----------------------| +| Policy description | This setting helps prevent attacks that use external PCI-based devices to access BitLocker keys. | +| Introduced | Windows 10, version 1703 | +| Drive type | Operating system drives | +| Policy path | Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Operating System Drives| +| Conflicts | None | +| When enabled | Every time the user locks the screen, DMA will be blocked on hot pluggable PCI ports until the user signs in again. | +| When disabled or not configured | DMA is available on hot pluggable PCI devices if the device is turned on, regardless of whether a user is signed in.| + +**Reference** + +This policy setting is only enforced when BitLocker or device encyption is enabled. + ### Disallow standard users from changing the PIN or password This policy setting allows you to configure whether standard users are allowed to change the PIN or password that is used to protect the operating system drive. From 6863fb9fd18a8c82cf9e0b7f6f6a864ac5d166d2 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 12 Apr 2017 16:31:05 -0700 Subject: [PATCH 10/11] changed to testing --- windows/deploy/resolve-windows-10-upgrade-errors.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/deploy/resolve-windows-10-upgrade-errors.md b/windows/deploy/resolve-windows-10-upgrade-errors.md index 001d1c52bb..7ead847f74 100644 --- a/windows/deploy/resolve-windows-10-upgrade-errors.md +++ b/windows/deploy/resolve-windows-10-upgrade-errors.md @@ -32,7 +32,7 @@ This topic contains a brief introduction to Windows 10 installation processes, a - [Analyze log files](#analyze-log-files): General procedures for log file analysis, and an example. - [Resolution procedures](#resolution-procedures): Causes and mitigation procedures associated with specific error codes. - [0xC1900101](#0xc1900101): Information about the 0xC1900101 result code. - - [0x800xxxxx](#0x800): Information about result codes that start with 0x800. + - [0x800xxxxx](#testing): Information about result codes that start with 0x800. - [Other result codes](#other-result-codes): Additional causes and mitigation procedures are provided for some result codes. - [Other error codes](#other-error-codes): Additional causes and mitigation procedures are provided for some error codes. @@ -561,7 +561,7 @@ For more information, see [How to perform a clean boot in Windows](https://suppo
-### 0x800 +### Testing Result codes starting with the digits 0x800 are also important to understand. These error codes indicate general operating system errors, and are not unique to the Windows upgrade process. Examples include timeouts, devices not functioning, and a process stopping unexpectedly. From 104c6472b4643a5ebefec017cf54ce69f9bec6ef Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 12 Apr 2017 16:43:05 -0700 Subject: [PATCH 11/11] removed paragraph html code --- windows/deploy/resolve-windows-10-upgrade-errors.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/deploy/resolve-windows-10-upgrade-errors.md b/windows/deploy/resolve-windows-10-upgrade-errors.md index 7ead847f74..ecd6b073b2 100644 --- a/windows/deploy/resolve-windows-10-upgrade-errors.md +++ b/windows/deploy/resolve-windows-10-upgrade-errors.md @@ -32,7 +32,7 @@ This topic contains a brief introduction to Windows 10 installation processes, a - [Analyze log files](#analyze-log-files): General procedures for log file analysis, and an example. - [Resolution procedures](#resolution-procedures): Causes and mitigation procedures associated with specific error codes. - [0xC1900101](#0xc1900101): Information about the 0xC1900101 result code. - - [0x800xxxxx](#testing): Information about result codes that start with 0x800. + - [0x800xxxxx](#0x800xxxxx): Information about result codes that start with 0x800. - [Other result codes](#other-result-codes): Additional causes and mitigation procedures are provided for some result codes. - [Other error codes](#other-error-codes): Additional causes and mitigation procedures are provided for some error codes. @@ -561,12 +561,12 @@ For more information, see [How to perform a clean boot in Windows](https://suppo -### Testing +### 0x800xxxxx Result codes starting with the digits 0x800 are also important to understand. These error codes indicate general operating system errors, and are not unique to the Windows upgrade process. Examples include timeouts, devices not functioning, and a process stopping unexpectedly. -

See the following general troubleshooting procedures associated with a result code of 0x800xxxxx: +See the following general troubleshooting procedures associated with a result code of 0x800xxxxx: