diff --git a/windows/configuration/basic-level-windows-diagnostic-events-and-fields-1703.md b/windows/configuration/basic-level-windows-diagnostic-events-and-fields-1703.md
index 819b8ca97a..6cf9614a7c 100644
--- a/windows/configuration/basic-level-windows-diagnostic-events-and-fields-1703.md
+++ b/windows/configuration/basic-level-windows-diagnostic-events-and-fields-1703.md
@@ -831,9 +831,8 @@ This event represents the basic metadata about a file on the system.  The file m
 
 The following fields are available:
 
-- **AppraiserVersion**  The version of the Appraiser file generating the events.
-- **AvDisplayName** The version of the Appraiser file generating the events.
-- **AvProductState** If the app is an anti-virus app, this is its display name.
+- **AvDisplayName** If the app is an anti-virus app, this is its display name.
+- **AvProductState** Represents state of antivirus program with respect to whether it's turned on and the signatures are up-to-date.
 - **BinaryType**  A binary type.  Example: UNINITIALIZED, ZERO_BYTE, DATA_ONLY, DOS_MODULE, NE16_MODULE, PE32_UNKNOWN, PE32_I386, PE32_ARM, PE64_UNKNOWN, PE64_AMD64, PE64_ARM64, PE64_IA64, PE32_CLR_32, PE32_CLR_IL, PE32_CLR_IL_PREFER32, PE64_CLR_64
 - **BinFileVersion**  An attempt to clean up FileVersion at the client that tries to place the version into 4 octets.
 - **BinProductVersion**  An attempt to clean up ProductVersion at the client that tries to place the version into 4 octets.
@@ -841,8 +840,8 @@ The following fields are available:
 - **CompanyName**  The company name of the vendor who developed this file.
 - **FileId**  A hash that uniquely identifies a file.
 - **FileVersion**  The File version field from the file metadata under Properties -> Details.
-- **HasUpgradeExe** Represents state of antivirus program with respect to whether it's turned on and the signatures are up-to-date.
-- **IsAv** A binary type. Example: UNINITIALIZED, ZERO_BYTE, DATA_ONLY, DOS_MODULE, NE16_MODULE, PE32_UNKNOWN, PE32_I386, PE32_ARM, PE64_UNKNOWN, PE64_AMD64, PE64_ARM64, PE64_IA64, PE32_CLR_32, PE32_CLR_IL, PE32_CLR_IL_PREFER32, PE64_CLR_64
+- **HasUpgradeExe** Does the anti-virus app have an upgrade.exe file?
+- **IsAv** Is the file an anti-virus reporting EXE?
 - **LinkDate**  The date and time that this file was linked on.
 - **LowerCaseLongPath**  The full file path to the file that was inventoried on the device.
 - **Name**  The name of the file that was inventoried.
@@ -1653,7 +1652,7 @@ The following fields are available:
 - **KvaShadow** Microcode info of the processor.
 - **MMSettingOverride** Microcode setting of the processor.
 - **MMSettingOverrideMask** Microcode setting override of the processor.
-- **ProcessorArchitecture**  Retrieves the processor architecture of the installed operating system. The complete list of values can be found in DimProcessorArchitecture.
+- **ProcessorArchitecture**  Retrieves the processor architecture of the installed operating system. 
 - **ProcessorClockSpeed**  Retrieves the clock speed of the processor in MHz.
 - **ProcessorCores**  Retrieves the number of cores in the processor.
 - **ProcessorIdentifier**  The processor identifier of a manufacturer.
@@ -1662,7 +1661,7 @@ The following fields are available:
 - **ProcessorPhysicalCores**  Number of physical cores in the processor.
 - **ProcessorUpdateRevision** The microcode version.
 - **SocketCount**  Number of physical CPU sockets of the machine.
-- **SpeculationControl** Clock speed of the processor in MHz.
+- **SpeculationControl** If the system has enabled protections needed to validate the speculation control vulnerability. 
 
 
 ### Census.Speech
diff --git a/windows/configuration/basic-level-windows-diagnostic-events-and-fields.md b/windows/configuration/basic-level-windows-diagnostic-events-and-fields.md
index e8411d0b05..06874ee41a 100644
--- a/windows/configuration/basic-level-windows-diagnostic-events-and-fields.md
+++ b/windows/configuration/basic-level-windows-diagnostic-events-and-fields.md
@@ -317,8 +317,8 @@ This event represents the basic metadata about a file on the system.  The file m
 The following fields are available:
 
 - **AppraiserVersion**  The version of the Appraiser file generating the events.
-- **AvDisplayName** The version of the Appraiser file generating the events.
-- **AvProductState** If the app is an anti-virus app, this is its display name.
+- **AvDisplayName** If the app is an anti-virus app, this is its display name.
+- **AvProductState** Represents state of antivirus program with respect to whether it's turned on and the signatures are up-to-date.
 - **BinaryType**  A binary type.  Example: UNINITIALIZED, ZERO_BYTE, DATA_ONLY, DOS_MODULE, NE16_MODULE, PE32_UNKNOWN, PE32_I386, PE32_ARM, PE64_UNKNOWN, PE64_AMD64, PE64_ARM64, PE64_IA64, PE32_CLR_32, PE32_CLR_IL, PE32_CLR_IL_PREFER32, PE64_CLR_64
 - **BinFileVersion**  An attempt to clean up FileVersion at the client that tries to place the version into 4 octets.
 - **BinProductVersion**  An attempt to clean up ProductVersion at the client that tries to place the version into 4 octets.
@@ -326,8 +326,8 @@ The following fields are available:
 - **CompanyName**  The company name of the vendor who developed this file.
 - **FileId**  A hash that uniquely identifies a file.
 - **FileVersion**  The File version field from the file metadata under Properties -> Details.
-- **HasUpgradeExe** Represents state of antivirus program with respect to whether it's turned on and the signatures are up-to-date.
-- **IsAv** A binary type. Example: UNINITIALIZED, ZERO_BYTE, DATA_ONLY, DOS_MODULE, NE16_MODULE, PE32_UNKNOWN, PE32_I386, PE32_ARM, PE64_UNKNOWN, PE64_AMD64, PE64_ARM64, PE64_IA64, PE32_CLR_32, PE32_CLR_IL, PE32_CLR_IL_PREFER32, PE64_CLR_64
+- **HasUpgradeExe** Does the anti-virus app have an upgrade.exe file?
+- **IsAv** Is the file an anti-virus reporting EXE?
 - **LinkDate**  The date and time that this file was linked on.
 - **LowerCaseLongPath**  The full file path to the file that was inventoried on the device.
 - **Name**  The name of the file that was inventoried.
@@ -1617,7 +1617,7 @@ The following fields are available:
 - **KvaShadow** Microcode info of the processor.
 - **MMSettingOverride** Microcode setting of the processor.
 - **MMSettingOverrideMask** Microcode setting override of the processor.
-- **ProcessorArchitecture**  Retrieves the processor architecture of the installed operating system. The complete list of values can be found in DimProcessorArchitecture.
+- **ProcessorArchitecture**  Retrieves the processor architecture of the installed operating system. 
 - **ProcessorClockSpeed**  Retrieves the clock speed of the processor in MHz.
 - **ProcessorCores**  Retrieves the number of cores in the processor.
 - **ProcessorIdentifier**  The processor identifier of a manufacturer.
@@ -1626,7 +1626,7 @@ The following fields are available:
 - **ProcessorPhysicalCores**  Number of physical cores in the processor.
 - **ProcessorUpdateRevision** The microcode version.
 - **SocketCount**  Number of physical CPU sockets of the machine.
-- **SpeculationControl** Clock speed of the processor in MHz.
+- **SpeculationControl** If the system has enabled protections needed to validate the speculation control vulnerability.
 
 
 ### Census.Security