diff --git a/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection.md b/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection.md
index a864800546..eae20447d3 100644
--- a/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection.md
+++ b/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection.md
@@ -55,7 +55,7 @@ When tamper protection is turned on, these tamper-protected settings can't be ch
 - Automatic actions are taken on detected threats.
 - Notifications are visible in the Windows Security app on Windows devices.
 - Archived files are scanned.
-- [Exclusions cannot be modified or added ](manage-tamper-protection-intune.md#tamper-protection-for-antivirus-exclusions) (Applies to Intune or Configuration Manager)
+- [Exclusions cannot be modified or added ](manage-tamper-protection-intune.md#tamper-protection-for-antivirus-exclusions) (Applies to devices managed by Intune only or by Configuration Manager only. Co-Managed devices are not supported)
 
 *As of signature release `1.383.1159.0`, due to confusion around the default value for "Allow Scanning Network Files", tamper protection no longer locks this setting to its default value. In managed environments, the default value is `enabled`.*