update per review.

Author: BillWagner

xml/System.Web/HttpCookie.xml

@@ -404,8 +404,18 @@ The <xref:System.Web.HttpCookie.Path%2A> property extends the <xref:System.Web.H
       </ReturnValue>
       <Docs>
         <summary>Gets or sets the value for the SameSite attribute of the cookie.</summary>
-        <value>One of the enumeration values that represents the enforcement mode of the cookie. If the application targets the .NET Framework 4.7.2 or later versions, the default value is <see cref="F:System.Web.SameSiteMode.Lax" />; otherwise, the default value is <see cref="F:System.Web.SameSiteMode.None" />.</value>
-        <remarks>To be added.</remarks>
+        <value>One of the enumeration values that represents the enforcement mode of the cookie. The default value is <see cref="F:System.Web.SameSiteMode.None" />.</value>
+        <remarks>format type="text/markdown"><![CDATA[  
+  
+## Remarks
+
+The default value of this property was modifed by updates described in [KB article 4531182](https://support.microsoft.com/help/4531182/kb4531182) and [KB article 4524421](https://support.microsoft.com/help/4524421/kb4524421).
+
+Without these updates, the default value is <see cref="F:System.Web.SameSiteMode.None" />, which does not emit the `SameSite` cookie header. This conforms to [https://tools.ietf.org/html/draft-west-first-party-cookies-07#section-4.1](https://tools.ietf.org/html/draft-west-first-party-cookies-07#section-4.1).
+
+After these updates have been applied, the default value is `-1`, which corresponds to "Unspecified". This preserves the earlier behavior.
+]]></format>
+</remarks>
       </Docs>
     </Member>
     <Member MemberName="Secure">

xml/System.Web/SameSiteMode.xml

@@ -25,7 +25,7 @@ Without these updates, the <see cref="F:System.Web.SameSiteMode.None" /> value d
 
 After these updates have been applied, the <see cref="F:System.Web.SameSiteMode.None" /> value emits the `SameSite=None` cookie header. This new behavior conforms to [update](https://tools.ietf.org/html/draft-west-cookie-incrementalism-00). As part of this change, FormsAuth and SessionState cookies will be issued with SameSite = 'Lax' instead of the previous default of 'None', though these values can be overridden in web.config. 
 
-On systems where these updates have been applied, you can specify the previous behavior by setting the `SameSiteMode` to `(SameSiteMode)(-1)`.
+On systems where these updates have been applied, you can specify the previous behavior by setting the `SameSiteMode` to `(SameSiteMode)(-1)`. You can specify this behavior using the string `Unspecified` in web.config.
 ]]></format>
     </remarks>
   </Docs>