added licensing info

2025-06-20 12:53:38 +00:00 · 2023-05-01 11:59:40 -04:00
parent 5468c14b64
commit fdb06c1b36
14 changed files with 28 additions and 10 deletions
--- a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md
+++ b/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md
@ -50,6 +50,8 @@ Microsoft Defender SmartScreen provide an early warning system against websites
 > [!IMPORTANT]
 > SmartScreen protects against malicious files from the internet. It does not protect against malicious files on internal locations or network shares, such as shared folders with UNC paths or SMB/CIFS shares.

+[!INCLUDE [microsoft-defender-smartscreen](../../../../includes/licensing/microsoft-defender-smartscreen.md)]
+
 ## Submit files to Microsoft Defender SmartScreen for review

 If you believe a warning or block was incorrectly shown for a file or application, or if you believe an undetected file is malware, you can [submit a file](https://www.microsoft.com/wdsi/filesubmission/) to Microsoft for review. For more information, see [Submit files for analysis](/microsoft-365/security/intelligence/submission-guide).
--- a/windows/security/threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen.md
+++ b/windows/security/threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen.md
@ -39,6 +39,8 @@ Enhanced Phishing Protection provides robust phishing protections for work or sc

 - **Easy management through Group Policy and Microsoft Intune:** Enhanced Phishing Protection works with Group Policy and mobile device management (MDM) settings to help you manage your organization's computer settings. Based on how you set up Enhanced Phishing Protection, you can customize which phishing protection scenarios will show users warning dialogs. For example, the Service Enabled setting determines whether the Enhanced Phishing Protection service is on or off. The feature will be in audit mode if the other settings, which correspond to notification policies, aren't enabled.

+[!INCLUDE [enhanced-phishing-protection-with-smartscreen](../../../../includes/licensing/enhanced-phishing-protection-with-smartscreen.md)]
+
 ## Configure Enhanced Phishing Protection for your organization

 Enhanced Phishing Protection can be configured via Microsoft Intune, Group Policy Objects (GPO) or Configuration Service Providers (CSP) with an MDM service. Follow the instructions below to configure your devices using either Microsoft Intune, GPO or CSP.
--- a/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md
+++ b/windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md
@ -1,5 +1,5 @@
 ---
-title: Control the health of Windows 10-based devices (Windows 10)
+title: Control the health of Windows devices
 description: This article details an end-to-end solution that helps you protect high-value assets by enforcing, controlling, and reporting the health of Windows 10-based devices.
 ms.prod: windows-client
 ms.date: 10/13/2017
@ -11,7 +11,7 @@ manager: dougeby
 ms.topic: conceptual
 ---

-# Control the health of Windows 10-based devices
+# Control the health of Windows devices

 **Applies to**

@ -327,6 +327,8 @@ For Windows 10-based devices, Microsoft introduces a new public API that will al

 For more information on device health attestation, see the [Detect an unhealthy Windows 10-based device](#detect-unhealthy) section.

+[!INCLUDE [device-health-attestation-service](../../../includes/licensing/device-health-attestation-service.md)]
+
 ### <a href="" id="hardware-req"></a>Hardware requirements

 The following table details the hardware requirements for both virtualization-based security services and the health attestation feature. For more information, see [Minimum hardware requirements](/windows-hardware/design/minimum/minimum-hardware-requirements-overview).
--- a/windows/security/threat-protection/security-policy-settings/account-lockout-policy.md
+++ b/windows/security/threat-protection/security-policy-settings/account-lockout-policy.md
@ -32,6 +32,8 @@ The following topics provide a discussion of each policy setting's implementatio
 >[!NOTE]
 >Account lockout settings for remote access clients can be configured separately by editing the Registry on the server that manages the remote access. For more information, see [How to configure remote access client account lockout](/troubleshoot/windows-server/networking/configure-remote-access-client-account-lockout).

+[!INCLUDE [account-lockout-policy](../../../../includes/licensing/account-lockout-policy.md)]
+
 ## In this section

 | Topic | Description |
--- a/windows/security/threat-protection/security-policy-settings/security-policy-settings.md
+++ b/windows/security/threat-protection/security-policy-settings/security-policy-settings.md
@ -71,6 +71,8 @@ The Security Settings extension of the Local Group Policy Editor includes the fo
 - **IP Security Policies on Local Computer.** Specify settings to ensure private, secure communications over IP networks by using cryptographic security services. IPsec establishes trust and security from a source IP address to a destination IP address.
 - **Advanced Audit Policy Configuration.** Specify settings that control the logging of security events into the security log on the device. The settings under Advanced Audit Policy Configuration provide finer control over which activities to monitor as opposed to the Audit Policy settings under Local Policies.

+[!INCLUDE [windows-security-policy-settings-and-auditing](../../../../includes/licensing/windows-security-policy-settings-and-auditing.md)]
+
 ## Policy-based security settings management

 The Security Settings extension to Group Policy provides an integrated policy-based management infrastructure to help you manage and enforce your security policies.
--- a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
@ -59,6 +59,8 @@ The blocklist is updated with each new major release of Windows, typically 1-2 t

 Customers who always want the most up-to-date driver blocklist can also use Windows Defender Application Control (WDAC) to apply the latest recommended driver blocklist contained in this article. For your convenience, we've provided a download of the most up-to-date vulnerable driver blocklist along with instructions to apply it on your computer at the end of this article. Otherwise, you can use the XML provided below to create your own custom WDAC policies.

+[!INCLUDE [microsoft-vulnerable-driver-blocklist](../../../../includes/licensing/microsoft-vulnerable-driver-blocklist.md)]
+
 ## Blocking vulnerable drivers using WDAC

 Microsoft recommends enabling [HVCI](/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity) or S mode to protect your devices against security threats. If this setting isn't possible, Microsoft recommends blocking [this list of drivers](#vulnerable-driver-blocklist-xml) within your existing Windows Defender Application Control policy. Blocking kernel drivers without sufficient testing can cause devices or software to malfunction, and in rare cases, blue screen. It's recommended to first validate this policy in [audit mode](/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies) and review the audit block events.
--- a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md
+++ b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md
@ -23,7 +23,7 @@ Windows Defender Firewall in Windows 8, Windows 7, Windows Vista, Windows Serv

 The Windows Defender Firewall with Advanced Security MMC snap-in is more flexible and provides much more functionality than the consumer-friendly Windows Defender Firewall interface found in the Control Panel. Both interfaces interact with the same underlying services, but provide different levels of control over those services. While the Windows Defender Firewall Control Panel program can protect a single device in a home environment, it doesn't provide enough centralized management or security features to help secure more complex network traffic found in a typical business enterprise environment.

-
+[!INCLUDE [windows-firewall](../../../../includes/licensing/windows-firewall.md)]

 ## Feature description

--- a/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
+++ b/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
@ -32,10 +32,10 @@ Windows Sandbox has the following properties:
 > [!IMPORTANT]
 > Windows Sandbox enables network connection by default. It can be disabled using the [Windows Sandbox configuration file](/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file#networking).

+[!INCLUDE [windows-sandbox](../../../../includes/licensing/windows-sandbox.md)]
+
 ## Prerequisites

- Windows 10, version 1903 and later, or Windows 11
- Windows Pro, Enterprise or Education edition
 - ARM64 (for Windows 11, version 22H2 and later) or AMD64 architecture
 - Virtualization capabilities enabled in BIOS
 - At least 4 GB of RAM (8 GB recommended)