From 4ac3b7a33f507fc3b3df91383f17a91bad33d296 Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Tue, 2 Apr 2019 13:22:06 -0700 Subject: [PATCH 1/2] add space --- windows/security/threat-protection/intelligence/phishing.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/intelligence/phishing.md b/windows/security/threat-protection/intelligence/phishing.md index dfc09b4fc9..8e7744a439 100644 --- a/windows/security/threat-protection/intelligence/phishing.md +++ b/windows/security/threat-protection/intelligence/phishing.md @@ -84,6 +84,7 @@ Enterprises should educate and train their employees to be wary of any communica Here are several telltale signs of a phishing scam: * The links or URLs provided in emails are **not pointing to the correct location** or are attempting to have you access a third-party site that is not affiliated with the sender of the email. For example, in the image below the URL provided does not match the URL that you will be taken to. + ![example of how exploit kits work](./images/URLhover.png) * There is a **request for personal information** such as social security numbers or bank or financial information. Official communications won't generally request personal information from you in the form of an email. From f31585fccd2c6bdb3f246cde6edccf5c4af2446a Mon Sep 17 00:00:00 2001 From: Justin Hall Date: Thu, 4 Apr 2019 14:40:09 -0700 Subject: [PATCH 2/2] fixed note --- .../enable-attack-surface-reduction.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction.md b/windows/security/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction.md index d499b7c268..469f6ba57b 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction.md @@ -36,8 +36,8 @@ You can exclude files and folders from being evaluated by most attack surface re You can specify individual files or folders (using folder paths or fully qualified resource names) but you can't specify which rules the exclusions apply to. ->[!IMPORTANT] The rule **Block executable files from running unless they meet a prevalence, age, or trusted list criterion** with GUID 01443614-cd74-433a-b99e-2ecdc07bfc25, it's owned by microsoft and is not specified by admins. It uses Microsoft CLoud's Protection to update its trusted list regularly. ->You can specify individual files or folders (using folder paths or fully qualified resource names) but you can't specify which rules or exclusions apply to. +>[!IMPORTANT] +>The rule **Block executable files from running unless they meet a prevalence, age, or trusted list criterion** with GUID 01443614-cd74-433a-b99e-2ecdc07bfc25, it's owned by microsoft and is not specified by admins. It uses Microsoft CLoud's Protection to update its trusted list regularly. You can specify individual files or folders (using folder paths or fully qualified resource names) but you can't specify which rules or exclusions apply to. ASR rules support environment variables and wildcards. For information about using wildcards, see [Use wildcards in the file name and folder path or extension exclusion lists](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus#use-wildcards-in-the-file-name-and-folder-path-or-extension-exclusion-lists).