What’s New and Changed

This section provides descriptions of and links to the Windows technical documents that have been revised to reflect the functionality of the latest product version.

New Documentation

Specification

Description

Release date

[MS-RDPEWA]: Remote Desktop Protocol: WebAuthn Virtual Channel Protocol

Specifies the Remote Desktop Protocol (RDP): WebAuthn Virtual Channel Protocol which provides a way for a user to do WebAuthn operations over the RDP protocol. It enables a server to send webauthn request to a client, the client can then use this request to talk to authenticators (platform as well as cross-platform) and reply with the response.

September 3, 2022

Updated Documentation

Service Releases

The following documents were updated for service releases after the April 2022 release for Windows 11, version 22H2 operating system.

Specifications with service release updates

Description

Release date

[MS-KILE]: Kerberos Protocol Extensions

Specifies the Microsoft implementation of the Kerberos Protocol Extensions, as specified in [RFC4120], by specifying any Windows behaviors that differ from the Kerberos Protocol, in addition to Windows extensions for interactive logon and the inclusion of authorization information expressed as group memberships and related information.

This document has been updated as follows:

To mitigate RC4 vulnerabilities the following changes were made.

●  Added AES256-CTS-HMAC-SHA1-96-SK to section 2.2.7 Supported Encryption Types Bit Flags.

●  Replaced SHOULD with MUST support the AES encryption types and removed RC4-HMAC-EXP [24] in section 3.1.5.2 Encryption Types.

●  Removed RC4 support in section 5.1.5 DES Downgrade Protection.

December 1, 2022

[MS-NRPC]: Netlogon Remote Protocol

Specifies the Netlogon Remote Protocol, an RPC interface that is used for user and machine authentication on domain-based networks; to replicate the user account database for operating systems earlier than Windows 2000 backup domain controllers; to discover, manage, and maintain domain relationships of domain members and domain controllers across domains.

This document has been updated as follows:

To mitigate RC4 vulnerabilities the following changes were made.

●  SealSecureChannel changed to this setting MUST be TRUE.

●  Section 3.1.4.6 Calling Methods Requiring Session-Key Establishment, in step 1 changed to Clients MUST request the (RPC) Privacy authentication level and in step 4 added RPC Integrity to the MUST deny request list.

●  RequireSignOrSeal changed to this setting MUST be TRUE and MUST be initialized to TRUE.

●  SignSecureChannel added this setting is deprecated.

●  In section 3.5.3 Initialization: changed RejectMD5Clients set to TRUE and SealSecureChannel MUST be TRUE.

November 8, 2022

[MS-DCOM]: Distributed Component Object Model (DCOM) Remote Protocol

Specifies the Distributed Component Object Model (DCOM) Remote Protocol, which exposes application objects via remote procedure calls (RPCs) and consists of a set of extensions layered on the Microsoft Remote Procedure Call Extensions.

This document has been updated as follows:

Updated to indicate that on Windows, the client can raise the authentication level requested by the application to  RPC_C_AUTHN_LEVEL_PKT_INTEGRITY, if it is less than that. Also specified that the Windows 11 Desktop v22H2 operating system supports this behavior.

November 7, 2022

[MS-DCOM]: Distributed Component Object Model (DCOM) Remote Protocol

Specifies the Distributed Component Object Model (DCOM) Remote Protocol, which exposes application objects via remote procedure calls (RPCs) and consists of a set of extensions layered on the Microsoft Remote Procedure Call Extensions.

This document has been updated as follows:

Updated to indicate that on Windows, the client can raise the authentication level requested by the application to  RPC_C_AUTHN_LEVEL_PKT_INTEGRITY, if it is less than that. Also specified the operating systems that support this behavior.

October 24, 2022

[MS-DCOM]: Distributed Component Object Model (DCOM) Remote Protocol

Specifies the Distributed Component Object Model (DCOM) Remote Protocol, which exposes application objects via remote procedure calls (RPCs) and consists of a set of extensions layered on the Microsoft Remote Procedure Call Extensions.

This document has been updated as follows:

Updated product behavior note 37 in section 2.2.22.2.8.1 to ensure that RPC_C_AUTHN_LEVEL_PKT_INTEGRITY authentication level will be the minimum auth level following evaluation of the authentication level of DCOM client calls. Also specified the operating systems that support this behavior.

October 11, 2022

[MS-DCOM]: Distributed Component Object Model (DCOM) Remote Protocol

Specifies the Distributed Component Object Model (DCOM) Remote Protocol, which exposes application objects via remote procedure calls (RPCs) and consists of a set of extensions layered on the Microsoft Remote Procedure Call Extensions.

This document has been updated as follows:

Updated to indicate that on Windows, the client can raise the authentication level requested by the application to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY, if it is less than that. Also specified the operating systems that support this behavior.

October 4, 2022

[MS-MDE2]: Mobile Device Enrollment Protocol Version 2

Specifies version 2 of the Mobile Device Enrollment Protocol (MDE), which enables enrolling a device with the DMS through an Enrollment Service (ES). The protocol includes the discovery of the Management Enrollment Service (MES) and enrollment with the ES.

This document has been updated as follows:

Updated product notes with RequestVersion and EnrollmentVersion version 5.0 support from Windows 11 (version 2) to Windows 11 (version 1) 2022 10C patch and later.

October 3, 2022

[MS-RDPBCGR]: Remote Desktop Protocol: Basic Connectivity and Graphics Remoting

Specifies the Remote Desktop Protocol: Basic Connectivity and Graphics Remoting, designed to facilitate user interaction with a remote computer system by transferring graphics display information from the remote computer to the user and transporting input from the user to the remote computer, where it may be injected locally.

This document has been updated as follows:

Added sections documenting the support for making Azure Active Directory RDP connections.

September 3, 2022

[MS-WCCE]: Windows Client Certificate Enrollment Protocol

Specifies the Windows Client Certificate Enrollment Protocol, which consists of a set of DCOM interfaces that enable clients to request various services from a certification authority (CA). These services enable X.509 (as specified in [X509]) digital certificate enrollment, issuance, revocation, and property retrieval.

This document has been updated as follows:

Added support for pre-signing of certificates at Certificate Authority (CA) using a dummy (or test) key.

September 3, 2022

[MS-MDM]: Mobile Device Management Protocol

Specifies the Mobile Device Management Protocol (MDM), a subset of the Open Mobile Association (OMA) standard protocol, which provides a mechanism for managing devices previously enrolled into a management system through the Microsoft Mobile Device Management Enrollment Protocol [MS-MDE].

This document has been updated as follows:

Section 2.1 Transport: Added Note 9 to indicate that when the ForceAadToken in the DMClient configuration service provider is set by the server the client adds a custom header. The format of the client's custom header that contains the Azure Active Domain (AAD) token is given.

June 14, 2022

[MS-FSA]: File System Algorithms

Specifies File System Algorithms in terms of an abstract model for how an object store can be implemented to support the Server Message Block (SMB) Version 1.0 Protocol [MS-SMB] and the Server Message Block (SMB) Version 2.0 Protocol [MS-SMB2].

This document has been updated as follows:

Updated changes in the FSCTL_SET_INTEGRITY_INFORMATION_EX operation after application of updates [MSKB-5014701], [MSKB-5014702], [MSKB-5014710].

May 27, 2022

[MS-FSCC]: File System Control Codes

Specifies the File System Control Codes that define the network format of native Windows structures that may be used within other protocols.

This document has been updated as follows:

Updated changes in the FSCTL_SET_INTEGRITY_INFORMATION_EX operation after application of updates [MSKB-5014701], [MSKB-5014702], [MSKB-5014710].

May 27, 2022

[MS-SMB2]: Server Message Block (SMB) Protocol Versions 2 and 3

Specifies the Server Message Block (SMB) Protocol Versions 2 and 3, which support the sharing of file and print resources between machines and extend the concepts from the Server Message Block Protocol.

This document has been updated as follows:

Added references to changes in the FSCTL_SET_INTEGRITY_INFORMATION_EX operation after application of updates [MSKB-5014701], [MSKB-5014702], [MSKB-5014710].

May 27, 2022

[MS-CRTD]: Certificate Templates Structure

Specifies the Certificate Templates Structure. This structure describes the syntax and interpretation of certificate templates, which forms the basis of certificate management for the Certificate Templates Protocol.

This document has been updated as follows:

Added a new enrollment-attribute flag CT_FLAG_NO_SECURITY_EXTENSION to the msPKI-Enrollment-Flag Attribute table, that when applied, instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. A behavior note is added to indicate that this enrollment flag is supported by the operating systems specified in [MSFT-CVE-2022-26931], each with its related KB article download installed.

May 10, 2022

[MS-PKCA]: Public Key Cryptography for Initial Authentication (PKINIT) in Kerberos Protocol

Specifies the Public Key Cryptography for Initial Authentication (PKINIT) in Kerberos Protocol. This protocol enables the use of public key cryptography in the initial authentication exchange of the Kerberos Protocol (PKINIT) and specifies the Windows implementation of PKINIT where it differs from [RFC4556].

This document has been updated as follows:

●  Section 3.1.5.2.1.5 Mapping Strength, added section for the KDC to search for strong mappings to map a certificate to a user.

●  Section 3.1.5.2.1.6 SID, added section for the KDC to find strong user mappings by using the certificate SID.

May 10, 2022

[MS-WCCE]: Windows Client Certificate Enrollment Protocol

Specifies the Windows Client Certificate Enrollment Protocol, which consists of a set of DCOM interfaces that enable clients to request various services from a certification authority (CA). These services enable X.509 (as specified in [X509]) digital certificate enrollment, issuance, revocation, and property retrieval.

This document has been updated as follows:

Created a new security extension and specified certificate authority (CA) server processing rules for enhanced security protections. A new template enrollment flag assists in coordinating how the processing rule security logic is applied. A behavior note is added to indicate that this security extension is supported by the operating systems specified in [MSFT-CVE-2022-26931], each with its related KB article download installed.

May 10, 2022

[MS-FSA]: File System Algorithms

Specifies File System Algorithms in terms of an abstract model for how an object store can be implemented to support the Server Message Block (SMB) Version 1.0 Protocol [MS-SMB] and the Server Message Block (SMB) Version 2.0 Protocol [MS-SMB2].

This document has been updated as follows:

Updated changes in the FSCTL_SET_INTEGRITY_INFORMATION_EX operation after application of updates [MSKB-5014019], [MSKB-5014021], [MSKB-5014022], [MSKB-5014023].

May 2, 2022

[MS-FSCC]: File System Control Codes

Specifies the File System Control Codes that define the network format of native Windows structures that may be used within other protocols.

This document has been updated as follows:

Updated changes in the FSCTL_SET_INTEGRITY_INFORMATION_EX operation after application of updates [MSKB-5014019], [MSKB-5014021], [MSKB-5014022], [MSKB-5014023].

May 2, 2022

[MS-MDM]: Mobile Device Management Protocol

Specifies the Mobile Device Management Protocol (MDM), a subset of the Open Mobile Association (OMA) standard protocol, which provides a mechanism for managing devices previously enrolled into a management system through the Microsoft Mobile Device Management Enrollment Protocol [MS-MDE].

This document has been updated as follows:

Section 3.2.5.1: Added a product note that support for user sessions on Windows 11, version 22H2 operating system (version2) multi-session Edition only in Windows Virtual Desktop was backported to Windows 11 (version 1). 

May 2, 2022

[MS-SMB2]: Server Message Block (SMB) Protocol Versions 2 and 3

Specifies the Server Message Block (SMB) Protocol Versions 2 and 3, which support the sharing of file and print resources between machines and extend the concepts from the Server Message Block Protocol.

This document has been updated as follows:

Added references to changes in the FSCTL_SET_INTEGRITY_INFORMATION_EX operation after application of updates [MSKB-5014019], [MSKB-5014021], [MSKB-5014022], [MSKB-5014023].

May 2, 2022

Technical Document Release

The following technical documents were updated for Windows 11 v22H2.

Specification

Description

Release date

[MS-CDP]: Connected Devices Platform Protocol Version 3

Specifies the Connected Devices Platform Protocol Version 3. This protocol provides a discovery system to authenticate and verify users and devices, as well as providing a message exchange between devices. It provides a transport-agnostic means of building connections among all of a user's devices, whether available through the cloud or through direct physical presence.

This document has been updated to document a BlueTooth MacAddress added to the UDP Presence Response to deduplicate devices.

October 3, 2022

[MS-ADTS]: Active Directory Technical Specification

Specifies the core functionality of Active Directory. Active Directory extends and provides variations of the Lightweight Directory Access Protocol (LDAP).

This document has been updated as follows:

●  Provided the ability to use LDAP limits to configure the maximum number of objects returned by the msds-TokenGroup* family constructed attributes.

●  Enabled information about root and child domains in trusting Active Directory forests to be queried and stored in existing msdsForestTrustInfo AD attribute; this information is then used for namespace filtering during NTLM pass-through authentications.

●  Checked UserAccountControl attributes on computer objects and set the default to UF_WORKSTATION_TRUST_ACCOUNT; if default not set, the Add method returns ERROR_DS_SECURITY_ILLEGAL_MODIFY.

●  Included additional authorization checks for LDAP Add-object and Modify-object operations.

●  Included SPN alias uniqueness updates to facilitate domain-wide userPrincipalName (UPN) and servicePrincipalName (SPN) uniqueness checking.

All these features are supported in Windows 11 v22H2 and later operating systems.

April 29, 2022

[MS-CDP]: Connected Devices Platform Protocol Version 3

Specifies the Connected Devices Platform Protocol Version 3. This protocol provides a discovery system to authenticate and verify users and devices, as well as providing a message exchange between devices. It provides a transport-agnostic means of building connections among all of a user's devices, whether available through the cloud or through direct physical presence.

This document has been updated as follows:

Added the PrincipalNameHash to the Presence Response UDP. PrincipalNameHash is a salted hash of the device id and the logged-on user's account email.

April 29, 2022

[MS-EFSR]: Encrypting File System Remote (EFSRPC) Protocol

Specifies the Encrypting File System Remote (EFSRPC) Protocol, which performs maintenance and management operations on encrypted data that is stored remotely and accessed over a network.

This document has been updated as follows:

Added product behavior notes throughout to indicate that the lsarpc endpoint has been removed in Windows 11 v22H2 and later.

April 29, 2022

[MS-FASP]: Firewall and Advanced Security Protocol

Specifies the Firewall and Advanced Security Protocol. The protocol manages firewall and advanced security components on remote computers.

This document has been updated as follows:

●  Updated operating system applicability in product behavior note <4> to specify support of Dynamic Keyword Addresses feature in Windows 11 v22H2 and Windows Server 2022 operating system.

●  Added new Firewall rule enforcement state to represent detection of duplicate Firewall rules, such that object policies already enforced by the server are not duplicated.

●  Updated Firewall Policy version table and policy listing in text to include policy v2.32 (0x0220), to coincide with the advent of Windows 11 v22H2 operating system.

April 29, 2022

[MS-MDE2]: Mobile Device Enrollment Protocol Version 2

Specifies version 2 of the Mobile Device Enrollment Protocol (MDE), which enables enrolling a device with the DMS through an Enrollment Service (ES). The protocol includes the discovery of the Management Enrollment Service (MES) and enrollment with the ES.

This document has been updated as follows:

Updated to version 5.0 with the following elements for this version of Windows Client:

●  Added a new product value to the OSEdition Enumeration for MS-MDM Windows Azure.

●  Added value 5.0 to RequestVersion for DiscoveryRequest.

●  Added value 5.0 to EnrollmentVersionfor DiscoveryResponse.

●  Added two new child elements the GetPoliciesResponse.

●  Added seven new ac: elements to the RequestSecurityToken using Federated Authentication.

●  Added seven new ac: elements to the RequestSecurityToken using On-Premise Authentication.

●  Added new Certificate Recovery section 3.6 with subsections.

●  Updated the RequestVersion number in the Discovery input message example.

●  Updated the EnrollmentVersion number in the Discovery output message.

●  Updated the code for the call to the RequestSecurityToken message example.

April 29, 2022

[MS-MDM]: Mobile Device Management Protocol

Specifies the Mobile Device Management Protocol (MDM), a subset of the Open Mobile Association (OMA) standard protocol, which provides a mechanism for managing devices previously enrolled into a management system through the Microsoft Mobile Device Management Enrollment Protocol [MS-MDE].

This document has been updated as follows:

●  Azure Details –Contains the following.

●  Message Processing Events and Sequencing Rules

●  Windows Azure Virtual Desktop (AVD) for Multi-users' User Setting Configuration
AVD supports multiple users that can log on simultaneously.

●  Device Session vs. User Session
Session modes: mixed, device, or user governs what settings that can be sent or received.

●  Azure AD Join
MDM supports only AADJ enrollment in AVD with the user token.

●  SyncApplicationVersion
Version 5.0 allows the client to run in multi-users AVD mode.

●  MultipleSession Poll Interval
Intervals set by the MDM server are specified by DM Client CSP.

●  SyncType Alert
Alert type 1224 CLIENT EVENT data has the session mode that the MDM server should send.

April 29, 2022

[MS-RDPBCGR]: Remote Desktop Protocol: Basic Connectivity and Graphics Remoting

Specifies the Remote Desktop Protocol: Basic Connectivity and Graphics Remoting, designed to facilitate user interaction with a remote computer system by transferring graphics display information from the remote computer to the user and transporting input from the user to the remote computer, where it may be injected locally.

This document has been updated as follows:

●  Added values for the version fields for RDP versions 10.10 and 10.11 for both clients and servers.

●  Documented new capabilities flags for the client or server to show it can skip the MCS Channel Join in the Channel Connection phase. Processing rules updated for handling the new flags.

April 29, 2022

[MS-RDPEAI]: Remote Desktop Protocol: Audio Input Redirection Virtual Channel Extension

Specifies the Remote Desktop Protocol: Audio Input Redirection Virtual Channel Extension, which transfers audio data from a client to a server.

This document has been updated as follows:

A value has been added to the Version PDU to indicate Version 2 of the protocol. Processing rules were updated for the new value.

April 29, 2022

[MS-RDPEGFX]: Remote Desktop Protocol: Graphics Pipeline Extension

Specifies the Remote Desktop Protocol: Graphics Pipeline Extension, a graphics protocol that is used to encode graphics display data generated in a remote terminal server session so that the data can be sent from the server and received, decoded, and rendered by a compatible client. The net effect is that a desktop or an application running on a remote terminal server appears as if it is running locally.

This document has been updated as follows:

Added a new capability set and provided processing rules for the new set.

April 29, 2022

[MS-WUSP]: Windows Update Services: Client-Server Protocol

Specifies the Windows Update Services: Client-Server Protocol, which enables machines to discover and download software updates over the Internet using the SOAP and HTTP protocols.

This document has been updated as follows:

●  Improved the gathering of metadata describing software update content, including the identification of software revisions, installed hardware devices, update relationships, and client metadata, in Windows update scenarios by:

●  Adding DeviceFlags to the SyncUpdates parameters to more easily detect and distinguish PNP versus non-PNP devices when gathering client device metadata.

●  Adding the DriverRank element to ensure uniformity with the base installed driver type of a device to determine how well a driver package matches the device.

●  Adding the callerAttributes element to optimize client/server communications by aligning the core metadata for a software revision obtained from the SyncUpdates method with additional metadata obtained from the GetExtendedUpdateInfo2 method, by sending callerAttributes in both calls.

These features are supported by Windows 11 v22H2 and later.

April 29, 2022

Technical Document Release

The following technical document was revised with product updates in November 2022 for Microsoft SQL Server 2022 and may have been revised for content issues.

Specification

Description

Release date

[MS-TDS]: Tabular Data Stream Protocol

Specifies the Tabular Data Stream (TDS) protocol versions 7 and 8, which is an application layer request/response protocol that facilitates interaction with a database server and provides for authentication and channel encryption; specification of requests in SQL (including Bulk Insert); invocation of a stored procedure, also known as a Remote Procedure Call (RPC); returning of data; and Transaction Manager Requests.

This document has been updated as follows:

●  Defined the difference between the TDS 7.x version family, in which encryption is optional and negotiated in the TDS layer, and the new TDS 8.0 version, in which encryption is mandatory and handled in the lower layer before TDS begins functioning.

●  Added prelogin features for communication between client and server to enhance the security and efficiency of login support.

●  Added support to the COLUMNENCRYPTION feature extension for the ability to allow clients to cache column encryption keys when enclave computations are required.

November 1, 2022

Content Updates

The following documents were republished in April 2022 to incorporate previous servicing release updates and/or other content issues.

Specification

Content updates

[MS-BKRP]: BackupKey Remote Protocol

List of Changes

[MS-CMRP]: Failover Cluster: Management API (ClusAPI) Protocol

List of Changes

[MS-DTYP]: Windows Data Types

List of Changes

[MS-EMF]: Enhanced Metafile Format

List of Changes

[MS-FSA]: File System Algorithms

List of Changes

[MS-FSCC]: File System Control Codes

List of Changes

[MS-KILE]: Kerberos Protocol Extensions

List of Changes

[MS-LSAD]: Local Security Authority (Domain Policy) Remote Protocol

List of Changes

[MS-NBTE]: NetBIOS over TCP (NBT) Extensions

List of Changes

[MS-NCNBI]: Network Controller Northbound Interface

List of Changes

[MS-NLMP]: NT LAN Manager (NTLM) Authentication Protocol

List of Changes

[MS-NRPC]: Netlogon Remote Protocol

List of Changes

[MS-PAC]: Privilege Attribute Certificate Data Structure

List of Changes

[MS-RPRN]: Print System Remote Protocol

List of Changes

[MS-RSVD]: Remote Shared Virtual Disk Protocol

List of Changes

[MS-SAMR]: Security Account Manager (SAM) Remote Protocol (Client-to-Server)

List of Changes

[MS-SCMR]: Service Control Manager Remote Protocol

List of Changes

[MS-SMB2]: Server Message Block (SMB) Protocol Versions 2 and 3

List of Changes

[MS-SPNG]: Simple and Protected GSS-API Negotiation Mechanism (SPNEGO) Extension

List of Changes

[MS-VHDX]: Virtual Hard Disk v2 (VHDX) File Format

List of Changes

[MS-WDHCE]: Wi-Fi Display Protocol: Hardware Cursor Extension

List of Changes

[MS-WKST]: Workstation Service Remote Protocol

List of Changes

Overview Documents Release

The following overview documents were updated in June 2022.

Specification

Description

Release date

[MS-AZOD]: Authorization Protocols Overview

Provides an overview of the functionality and relationship of the Authorization protocols, which control the process of granting access to resources once authentication has been accomplished. An authenticated request is not sufficient for access by itself; a corresponding decision must also be made to decide if a particular request is authorized. To accomplish this, several authorization models are provided under Windows. This document provides an overview of these models as implemented by [MS-PAC], [MS-AZMP], [MS-GPCAP], [MS-CAPR], [MS-CTA], [MS-DTYP], [MS-ADTS], [MS-COMA], and [MS-TDS].

This document has been updated as follows:

In section 3.1 Reading from a File on Remote CBAC Aware SMB2 Share, added reference to [MS-NEGOEX].

June 14, 2022

[MS-DOCO]: Windows Protocols Documentation Roadmap

Provides an overview of the Windows protocols documentation set. It provides a high-level roadmap for finding and navigating the documentation set and describes the content for each type of document.

This document has been updated as follows:

●  Section 4.1 Technical Specification Cross-Reference Matrix: Added citations to [MS-DHA] and [MS-MDM] and updated [MS-RNAS] protocol.

●  Section 4.2 Technical Area Cross-Reference Matrix: Added [MS-MDE] and [MS-MDM] under Networking.

June 14, 2022

[MS-WPO]: Windows Protocols Overview

Provides an overview of the Windows interoperability technologies and the protocols required for implementation. It also describes the intended functionality of the Windows interoperability protocols and technologies and provides examples of common user scenarios.

This document has been updated as follows:

In section 4 Device-Specific Protocols:

●  Added MS-CDP Connected Devices Platform Service V3.

●  Replaced MS-MDE with MS-MDE2 Mobile Device Enrollment Protocol Version 2.

June 14, 2022

[MS-WSUSOD]: Windows Server Update Services Protocols Overview

Provides a system overview of the protocols in the Windows Server Update Services (WSUS) system. The WSUS system implements the Windows Server Update Services: Client-Server Protocol specified in [MS-WUSP] and the Windows Server Update Services: Server-Server Protocol specified in [MS-WSUSSS]. These protocols enable communication between the Windows Server Update Services client and server to enable clients to discover software updates available on the server. They also enable communication between servers to propagate software update information, the updates, and administrative intent in a hierarchical deployment of the system.

This document has been updated as follows:

Updated section 3.3, Example 3 of this document to specify how to improve data collection with the use of the callerAttributes feature.

June 14, 2022

Reference Document Release

The following reference document was updated in November 2021.

Specification

Description

Release Date

[MS-ERREF]: Windows Error Codes

Describes the HRESULT values, Win32 error codes, and NTSTATUS values that are referenced in the protocol specifications throughout the Windows protocols documentation set.

This document has been updated as follows:

Expanded the description of the CERT_E_REVOKED error value to include information about device drivers with invalid certificates.

November 16, 2021