Windows 10 News You Can Use – April 2018

Posted on April 2, 2018 Updated on April 13, 2018

Windows 10 news you can use, April 2018 edition Providing insights into Windows 10 deployment & management, security & compliance, and productivity Also see other news related to Windows 10

1) Explore the results of a recent Forrester study and learn how to take advantage of new cloud functionality to improve the end user computing operations lifecycle and leverage the ease and flexibility of the cloud for device management. https://info.microsoft.com/ModernizeYourDeviceManagement.html

2) Afraid of Windows 10 with Azure AD join? Michael Niehaus demystifies AADJ and provides practical guidance to try it out!
Part 1: https://blogs.technet.microsoft.com/mniehaus/2018/01/19/afraid-of-windows-10-with-azure-ad-join-try-it-out-part-1
Part 2: https://blogs.technet.microsoft.com/mniehaus/2018/02/21/afraid-of-windows-10-with-azure-ad-join-try-it-out-part-2

3) In case you missed it, Microsoft Deployment Toolkit (MDT), build 8450 was released in late December, offering support for Windows 10, version 1709; the Windows Assessment and Deployment Kit (ADK) for Windows 10, version 1709; and System Center Configuration Manager, version 1710. https://blogs.technet.microsoft.com/msdeployment/2017/12/21/mdt-8450-now-available

4) Watch a free webinar to learn how EMS can help you manage and secure user identities, devices, apps, and data across all of your Windows devices, iOS, macOS, and Android. This one-hour session includes: 1) Securing access to company email, files, and apps stored in the cloud and on-premises, 2) Protecting company data on all endpoints, 3) Modernizing Windows 10 management.
https://resources.office.com/ww-landing-M365PD-Identity-Driven-UEM-with-EMS-Video.html?LCID=EN-US

5) With the 1710 update to ConfigMgr and the 1709 update to Windows 10, we’ve provided the foundations of our solution to bridge Windows modernization through Co-Management. This bridge is an entry-point for our customers to start their transitions to modern management – a path that leads traditional, domain-joined and ConfigMgr-managed solutions, to a deployment of Azure Active Directory and Intune. https://cloudblogs.microsoft.com/enterprisemobility/2018/02/07/the-future-is-on-the-other-side-of-this-bridge

6) The documentation team has an article with the current list of UWP provisioned (in-box) and installed (from the store on first logon) for various Windows 10 releases. But one thing that isn’t reflected in that documentation: the list of apps installed from the store can be different depending on the type of account you sign in with, by the SKU that you are using, and even by the region of the world the device is in. https://blogs.technet.microsoft.com/mniehaus/2018/03/13/more-on-included-windows-10-apps

7) An updated version of System Center Updates Publisher (SCUP) is now available which adds support for Windows 10 and Windows Server 2016. SCUP enables independent software vendors or line-of-business application developers to manage custom updates.
https://cloudblogs.microsoft.com/enterprisemobility/2018/03/21/system-center-updates-publisher-adds-support-for-new-oses

8) The AskPFEPlat team is here today with you in force. Recently they put together 10 Tips and Tricks from the Field – a collection of tips and tricks in our tool belt that they use on occasion. They wanted share these with all their readers in-an-effort to make your day a little easier. https://blogs.technet.microsoft.com/askpfeplat/2018/03/19/10-tips-and-tricks-from-the-field

9) Moving from project to process: digital transformation with Windows as a service.
https://techcommunity.microsoft.com/t5/Windows-10-Blog/Moving-from-project-to-process-digital-transformation-with/ba-p/175688

1) How to enable BitLocker Drive Encryption and automate the process for an AutoPilot device that is provisioned for a standard user using the Windows 10 Fall Creators Update version 1709. https://blogs.technet.microsoft.com/showmewindows/2018/01/18/how-to-enable-bitlocker-and-escrow-the-keys-to-azure-ad-when-using-autopilot-for-standard-users

2) Windows Defender System Guard: Making a leap forward in platform security with memory integrity.
https://techcommunity.microsoft.com/t5/Windows-Insider-Program/Windows-Defender-System-Guard-Making-a-leap-forward-in-platform/m-p/167303#M1256

3) Windows 10 in S-Mode coming soon to all editions of Windows 10. http://blogs.windows.com/windowsexperience/2018/03/07/windows-10-s-mode-coming-soon-editions-windows-10

4) Learn from the Windows Defender Research group about protecting corporate networks from cryptocurrency miners with the security capabilities in Windows 10. https://cloudblogs.microsoft.com/microsoftsecure/2018/03/13/invisible-resource-thieves-the-increasing-threat-of-cryptocurrency-miners

5) Announcing a set of new preview features for Windows Defender ATP, which includes capabilities such as Automated Investigation and Response (AIRS), advanced hunting tools for SecOps, role-based access controls, Azure ATP integration, insights into additional Win10 security capabilities, and more! https://techcommunity.microsoft.com/t5/What-s-New/WDATP-preview-features-are-now-ON/td-p/170598

6) Guided lab to get Windows Hello for Business to work on Windows 10 to show the user experience and provide some lessons learned. https://blogs.technet.microsoft.com/chadcox/2018/03/19/my-notes-on-setting-up-a-poc-windows-hello-for-business-lab-using-hybrid-key-trust

7) Over the last year, we’ve talked about how we’re investing in new innovations to address today’s challenging threat landscape, what we’ve delivered, and how it will change the dynamics. Today, I want to share the results of our new antivirus capabilities in Windows Defender Advanced Threat Protection (ATP) which are genuinely incredible because they will directly benefit the work you are doing. Read more on why Windows Defender Antivirus is the most deployed in the enterprise. https://cloudblogs.microsoft.com/microsoftsecure/2018/03/22/why-windows-defender-antivirus-is-the-most-deployed-in-the-enterprise

1) Windows 10 Tip: Three ways you can personalize your desktop with fun themes and colors.
http://blogs.windows.com/windowsexperience/2018/03/05/windows-10-tip-three-ways-can-personalize-desktop-fun-themes-colors

2) Windows 10 Tip: Clear your workspace in one of two simple steps.
http://blogs.windows.com/windowsexperience/2018/03/13/windows-10-tip-clear-your-workspace-in-two-simple-steps

3) Windows 10 Accessibility: What to expect in the year ahead. http://blogs.windows.com/windowsexperience/2018/03/19/windows-10-accessibility-what-to-expect-in-the-year-ahead

4) Windows 10 Tip: Six keyboard shortcuts to help you find what you’re looking for. http://blogs.windows.com/windowsexperience/2018/03/26/windows-10-tip-six-keyboard-shortcuts-to-help-you-find-what-youre-looking-for

• We are delighted to announce that we have released version 1802 for the Current Branch (CB) of System Center Configuration Manager that includes new features and product enhancements! https://cloudblogs.microsoft.com/enterprisemobility/2018/03/22/now-available-update-1802-for-system-center-configuration-manager
• Webinar: Learn how new Windows Defender ATP advancements can help you protect against the latest threats and enable your organization to detect and respond to highly sophisticated, advanced attacks. https://info.microsoft.com/WindowsDefenderATPdetectandrespondtohighlysophisticatedadvancedattacks-OnDemandRegistration.html
• Windows Defender Antivirus blocked more than 80,000 instances of several sophisticated trojans that exhibited advanced cross-process injection techniques, persistence mechanisms, and evasion methods. Behavior-based signals coupled with cloud-powered machine learning uncovered this new wave of infection attempts. Within the next 12 hours, more than 400,000 instances were recorded in the global encounters. https://cloudblogs.microsoft.com/microsoftsecure/2018/03/07/behavior-monitoring-combined-with-machine-learning-spoils-a-massive-dofoil-coin-mining-campaign
• Tips for getting started on your security deployment. Microsoft has provided a sampling of the most common security scenarios customers like you may be wanting to accomplish. To help you envision your plan, we provided the optimum combination of Microsoft 365 products and features you need to bring your scenarios to life with Microsoft security. https://cloudblogs.microsoft.com/microsoftsecure/2018/03/06/tips-for-getting-started-on-your-security-deployment
• FinFisher exposed: A security researcher’s tale of defeating traps, tricks, and complex virtual machines. https://cloudblogs.microsoft.com/microsoftsecure/2018/03/01/finfisher-exposed-a-researchers-tale-of-defeating-traps-tricks-and-complex-virtual-machines
• Microsoft Security Intelligence Report volume 23 is now available for download. The report is based on Microsoft’s analysis of on-premises systems and cloud services, focuses on threat trends since February 2017. Here are three key themes from the report: 1) Botnets continue to impact millions of computers globally. 2) Easy marks methods like phishing are commonly used by cybercriminals. 3) Ransomware remains a force to be reckoned with. Deep dive webcast on the report to be held April 10^th. https://cloudblogs.microsoft.com/microsoftsecure/2018/03/15/microsoft-security-intelligence-report-volume-23-is-now-available
• Microsoft has a service designed specifically to help you accelerate your Microsoft Security deployment across your organization: FastTrack for Microsoft 365. https://cloudblogs.microsoft.com/microsoftsecure/2018/03/20/accelerate-your-security-deployment-with-fasttrack-for-microsoft-365
• In this comprehensive overview of the Microsoft 365 Security offering, Brad Anderson (CVP, Enterprise Mobility) shares how he talks to customers about the unique and powerful M365 Security story. Brad offers an in-depth look at identity-driven security, information protection, threat protection, and security management.
  https://youtu.be/8321obNofgM

Windows 10 News You Can Use – March 2018

Posted on March 6, 2018 Updated on March 6, 2018

Windows 10 news you can use, March 2018 edition Providing insights into Windows 10 deployment & management, security & compliance, and productivity Also see other news related to Windows 10

1)      Windows Analytics now helps assess Meltdown and Spectre protections. https://blogs.windows.com/business/2018/02/13/windows-analytics-now-helps-assess-meltdown-and-spectre-protections

2)      Update 1802 for Configuration Manager [Technical Preview Branch] – includes new features and functionality for Windows 10 deployment and management! https://cloudblogs.microsoft.com/enterprisemobility/2018/02/13/update-1802-for-configuration-manager-technical-preview-branch-available-now

3)      Windows Update for Business offers an additional option to aid administrators in the critical pursuit of ensuring systems are kept up to date. Understanding what Windows Update for Business is and how it can be implemented either standalone or through integration with Configuration Manager is critical, so you make the best choice for your business.  Watch this easy-to-follow video tutorial on implementing and managing WUfB with SCCM. https://blogs.technet.microsoft.com/configurationmgr/2018/01/22/configmgr-current-branch-windows-update-for-business-video-tutorial

4)      Express Update is a capability of WSUS and the Windows Update Agent that was added to help reduced the overall network impact of these larger updates. Configuration Manager current branch 1702 (though 1710 and higher is recommended for best performance) added full support for Express. Understanding how Express works is important so that administrators know what to expect and can plan accordingly. Watch this easy-to-follow video for details of how Express works and how supporting Express is supported in a Configuration Manager environment. https://blogs.technet.microsoft.com/configurationmgr/2018/01/26/configmgr-current-branch-express-updates-video-tutorial

1)      Microsoft continues to work diligently with our industry partners to address the Spectre and Meltdown hardware-based vulnerabilities. Our top priority is clear: Help protect the safety and security of our customers’ devices and data. Today, I’d like to provide an update on some of that work, including Windows security update availability for additional devices, our role in helping distribute available Intel firmware (microcode), and progress driving anti-virus compatibility. http://blogs.windows.com/windowsexperience/2018/03/01/update-on-spectre-and-meltdown-security-updates-for-windows-devices

2)      Microsoft was named a “Visionary” in the 2018 Magic Quadrant for Endpoint Protection Platforms. According to Gartner “Visionaries deliver in the leading-edge features — such as cloud management, managed features and services, enhanced detection or protection capabilities, and strong incident response workflows — that will be significant in the next generation of products, and will give buyers early access to improved security and management.”
http://www.gartner.com/reprints/?id=1-4PY5MQU&ct=180130&st=sb

3)      Starting this summer, customers can add Windows Defender ATP Endpoint Detection & Response (EDR) functionality to their Windows 7, and Windows 8.1 devices, and get a holistic view across their endpoints. https://blogs.windows.com/business/2018/02/12/announcing-windows-defender-atp-support-for-windows-7-and-windows-8-1

4)      Learn how Windows Defender Antivirus and artificial intelligence stopped an Emotet outbreak on February 3^rd with intelligent, real-time protection against modern threats.
https://cloudblogs.microsoft.com/microsoftsecure/2018/02/14/how-artificial-intelligence-stopped-an-emotet-outbreak

5)      Monthly antimalware platform updates for Windows Defender Antivirus. While keeping up-to-date with signatures and engines is a best practice, a machine that is up-to-date with both definition/engine and platform updates can have a higher protection level than a machine that is just update-to-date with definition/engine updates. https://blogs.technet.microsoft.com/configurationmgr/2018/02/05/monthly-antimalware-platform-updates-for-windows-defender

6)      Fujitsu has teamed with Microsoft to build devices with Windows 10 Pro and industry-leading biometric options including Windows Hello and palm vein authentication to prevent security attacks in the modern workplace. http://blogs.windows.com/business/2018/02/08/fujitsu-microsoft-focused-advancing-security-modern-workplace

1)      Microsoft like to provide you with the latest planning tools to help guide you to the best deployment process for your business. The Windows 10 Adoption Planning Kit includes the following resources: 1) Gartner Report: Making Critical Deployment Choices for Windows 10 Success, 2) End-User Readiness Assets, 3) Microsoft FastTrack Program Flyer, 4) Microsoft Press Article: Deploying Windows 10 e-Book. https://info.microsoft.com/Windows10AdoptionPlanningKit.html

2)      Print to corporate printers from Azure AD joined Windows 10 devices! We’ve just released Microsoft Hybrid Cloud Print, a print solution built specifically for Azure Active Directory-joined and Intune-managed devices. Now people in your organization can use Azure AD-joined devices to discover on-premise printers, and can print from work or from home or from anywhere else they can connect to the internet. https://cloudblogs.microsoft.com/enterprisemobility/2018/02/01/so-cool-print-to-corporate-printers-from-azure-ad-joined-windows-10-devices

3)      Windows 10 Tip: 7 pro tips for getting started with Microsoft Edge as your PDF viewer.
http://blogs.windows.com/windowsexperience/2018/02/12/windows-10-tip-7-pro-tips-getting-started-microsoft-edge-pdf-viewer

• Developing an effective cyber strategy: At Microsoft, we are continuously evaluating the current threats faced by our customers and building products and services to help CISOs execute their strategies. The design of our products not only accounts for the techniques utilized by cyber attackers, but also incorporates features that address the human dynamics within an enterprise and the staff and retention challenges faced by security teams. https://cloudblogs.microsoft.com/microsoftsecure/2018/02/07/developing-an-effective-cyber-strategy
• Learn more about how Microsoft views the importance of cyber resilience for the modern enterprise, get prescriptive guidance on building a cyber resiliency plan and roadmap, and find out what Microsoft is doing to help enterprises rapidly become resilient to commonly encountered attacks and vulnerabilities. https://cloudblogs.microsoft.com/microsoftsecure/2018/02/12/cyber-resilience-for-the-modern-enterprise
• Inside the Microsoft Security Research Center (MSRC) – How we recognize our researchers.
  https://blogs.technet.microsoft.com/msrc/2018/02/02/inside-the-msrc-how-we-recognize-our-researchers
• Today, we are taking another important step forward in our ability to offer customers more choice and capability by making Intune APIs in Microsoft Graph generally available. This opens a new set of possibilities for our customers and partners to automate and integrate their workloads to reduce deployment times and improve the overall efficiency of device management.
  • Announcement:
  • https://cloudblogs.microsoft.com/enterprisemobility/2018/01/31/intune-apis-in-microsoft-graph-now-generally-available
  • Thoughts and highlights from Brad Anderson: https://cloudblogs.microsoft.com/enterprisemobility/2018/02/02/highlights-from-the-ga-of-the-intune-apis-in-microsoft-graph

• Microsoft has already documented the maximum supported scalability limits as well as the hardware guidelines needed to run Configuration Manager (current branch) sites in the very largest environment sizes. Now we are sharing a draft, unofficial whitepaper with supplemental performance guidance for Configuration Manager environments of all sizes. This document includes specific details and test results generated by the product team, as well as frequently asked questions for common performance issues. https://cloudblogs.microsoft.com/enterprisemobility/2018/02/22/public-preview-configuration-manager-performance-guidance-for-environments-of-all-sizes
• Microsoft is pleased to announce the final release of the recommended security configuration baseline settings for Microsoft Office Professional Plus 2016 and Office 365 ProPlus 2016 apps. https://blogs.technet.microsoft.com/secguide/2018/02/13/security-baseline-for-office-2016-and-office-365-proplus-apps-final

• In a 3-part series, we introduce what rapid cyberattacks are and illustrate how they are different in terms of execution and outcome, and hot to mitigate them.
  • Part 1 – overview of rapid cyber attacks: https://cloudblogs.microsoft.com/microsoftsecure/2018/02/05/overview-of-petya-a-rapid-cyberattack
  • Part 2 – overview of Petya, a rapid cyber attack: https://cloudblogs.microsoft.com/microsoftsecure/2018/01/23/overview-of-rapid-cyberattacks
  • Part 3 – How to mitigate rapid cyberattacks such as Petya and WannaCrypt:
    https://cloudblogs.microsoft.com/microsoftsecure/2018/02/21/how-to-mitigate-rapid-cyberattacks-such-as-petya-and-wannacrypt

Windows 10 News You Can Use – February 2018

Posted on February 1, 2018

Windows 10 news you can use, February 2018 edition Providing insights into Windows 10 deployment & management, security & compliance, and productivity

In other news related to Windows 10…

• Announcing changes to Office and Windows servicing and support.  Delivering a secure and productive modern workplace is a top priority for many of our commercial customers, and we’re committed to help. Today we’re announcing servicing extensions for Windows 10, changes to the Office 365 ProPlus system requirements, and new details on the next perpetual release of Office and Long-Term Servicing Channel (LTSC) release of Windows. https://blogs.technet.microsoft.com/windowsitpro/2018/02/01/changes-to-office-and-windows-servicing-and-support
• A decade ago, most cyber-attacks started with a piece of malware or a complex method to directly attack the infrastructure of a company. But this picture has changed and today all it takes is a sophisticated e-mail phishing for an identity. Learn how to disrupt attacks caused by social engineering. The built-in functionality of Enterprise Mobility + Security, Windows 10, Office 365, and Microsoft Azure enables organizations to disrupt these attacks. https://cloudblogs.microsoft.com/microsoftsecure/2018/01/10/how-to-disrupt-attacks-caused-by-social-engineering
• New! Microsoft 365 powered device lab kit. This updated version of the popular Windows 10 Deployment and Management lab features a fully-provisioned virtual lab environment with Windows 10 Fall Creators Update, Office 365, Enterprise Mobility + Security. Plus, 25 step-by-step lab guides covering AutoPilot, Windows Defender Application Guard, Windows Hello, Windows Analytics, and more. https://blogs.technet.microsoft.com/ausoemteam/2017/12/14/the-microsoft-365-powered-device-lab-kit-available-for-download
• Microsoft is pleased to announce the draft release of the recommended security configuration baseline settings for Microsoft Office Professional Plus 2016 and Office 365 ProPlus 2016 apps. https://blogs.technet.microsoft.com/secguide/2018/01/29/security-baseline-for-office-2016-and-office-365-proplus-apps-draft
• Over a year ago, we announced public preview of Intune on Azure and followed up six months ago with general availability of the new admin experience for Intune on Azure. Starting on April 2, 2018, we will turn off mobile device management (MDM) in the classic Silverlight console for those customers using Intune standalone and instead ask that you use Intune on Azure for all your MDM needs… including Windows 10 MDM. https://blogs.technet.microsoft.com/intunesupport/2018/01/03/plan-for-change-use-intune-on-azure-now-for-your-mdm-management

1.  Windows 10 1709 is now designated as a Semi-Annual Channel release (e.g. formerly known as Current Branch for Business).
   http://blogs.windows.com/windowsexperience/2018/01/11/windows-10-fall-creators-update-1709-fully-available
2. To gain insights into the health and performance of more than 300,000 Windows 10 devices, Microsoft began using Device Heath, a new service in Windows Analytics. Available through the Microsoft Operations Management Suite, Device Health analyzes telemetry and provides details about device and driver crashes. This data helps us monitor our environment and quickly resolve issues. https://www.microsoft.com/itshowcase/Article/Content/961/Improving-reliability-with-Windows-Analytics-Device-Health
3. Collecting members of the Local Administrators group via SCCM. https://blogs.technet.microsoft.com/benjamin/2018/01/27/collecting-members-of-the-local-administrators-group
4. An important feature for desktop application developers is the ability to view detailed analytics about application performance and its popularity with users. Until today, developers had difficulty accessing these analytics without cobbling together multiple tools. With the new Windows Desktop Program, developers now have a convenient, one-stop portal to view their desktop application analytics or access the data via an API. Statistics and charts quickly show how the applications are doing– from how many customers they’ve reached to detailed performance data on crashes and failures. With these analytics, developers can better track and prioritize fixes, monitor the distribution of their application, prepare and improve the overall experience for their customers. http://blogs.windows.com/buildingapps/2018/01/23/introducing-windows-desktop-program-desktop-application-analytics

1. Get an end-to-end look at the security features and technologies in Windows 10 that can help you protect your data, devices, and identity. Join Windows Security Senior Product Manager Chris Hallum as he walks you through the features and tools that have shipped to date and provides insight into what’s to come. This one-hour webcast will take from place Tuesday, February 6th from 10:00 a.m. to 11:00 a.m. Pacific Time and will cover protecting data on lost and stolen devices, replacing passwords with multi-factor authentication, using data separation, containment, and encryption to help prevent accidental data leaks, and much more. https://blogs.technet.microsoft.com/windowsitpro/2018/01/04/save-the-date-windows-10-security-webcast-feb-6
2. Understanding the performance impact of Spectre and Meltdown mitigations on Windows Systems.  Terry Myerson, Executive Vice President, Windows and Devices Group describes the discovered vulnerabilities as clearly as possible, discusses what customers can do to help keep themselves safe, and shares what Microsoft has learned so far about performance impacts. https://cloudblogs.microsoft.com/microsoftsecure/2018/01/09/understanding-the-performance-impact-of-spectre-and-meltdown-mitigations-on-windows-systems
   • Related: Use SCCM Configuration Baseline to confirm a system is protected against the Meltdown and Spectre vulnerabilities https://gallery.technet.microsoft.com/Speculation-Execution-Side-1483f621
   • Related: Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
3. Windows 10: Multi-layer defense against ransomware attacks. The year 2017 saw three global ransomware outbreaks driven by multiple propagation and infection techniques that are not necessarily new but not typically observed in ransomware. While there are technologies available on Windows 7 to mitigate attacks, Windows 10’s comprehensive set of platform mitigations and next-generation technologies cover these attack methods. https://cloudblogs.microsoft.com/microsoftsecure/2018/01/10/a-worthy-upgrade-next-gen-security-on-windows-10-proves-resilient-against-ransomware-outbreaks-in-2017
4. Customers that deployed Microsoft’s security baseline for Windows 10 v1709 might have experienced device and component failures. The BitLocker GPO settings recommended in the Windows security configuration baselines for Windows 10 include enabling “Disable new DMA devices when this computer is locked” to defend against Direct Memory Access (DMA) attacks. Windows’ internal implementation underlying that Group Policy setting was modified for v1709 to strengthen its enforcement. However, the change inadvertently led to some device and component failures on v1709 that are described in KB article 4057300, including potential problems with network adapters, audio devices, and pointing devices. https://blogs.technet.microsoft.com/secguide/2018/01/18/issue-with-bitlockerdma-setting-in-windows-10-fall-creators-update-v1709
5. Exposing fileless malware attacks with Windows Defender ATP and mitigating attacks against the endpoint with next-gen security technologies in Windows 10. https://cloudblogs.microsoft.com/microsoftsecure/2018/01/24/now-you-see-me-exposing-fileless-malware
6. Data privacy will continue to be a priority towards making Windows 10 the best and most secure experience. From improving in-product control, transparency and information about your privacy, while providing a complete list of the diagnostic data collected at the Basic level, among others, to launching the Microsoft Privacy Dashboard and the enhancements we’ve made since then, we want you to be able to easily see and manage your activity data online across multiple Microsoft services. http://blogs.windows.com/windowsexperience/2018/01/24/microsoft-introduces-new-privacy-tools-ahead-of-data-privacy-day
7. Looking for information on how Windows 10 Enterprise can enable and support HIPAA compliance, privacy, and security? Download the latest version of the “HIPAA Compliance with Microsoft Windows 10” white paper, which now includes the updates found in Windows 10, version 1709. https://blogs.technet.microsoft.com/windowsitpro/2018/01/09/hipaa-compliance-with-windows-10-enterprise
8. Rapid cyberattacks like Petya and WannaCrypt have reset our expectations on the speed and scope of damage that a cyberattack can inflict. The Microsoft Enterprise Cybersecurity Group Detection and Response team worked extensively to help customers respond to and recover from these kinds of attacks. In 2017, among the global enterprise customers that we worked with, these rapid cyberattacks took down most or all IT systems in just about one hour, resulting in $200M – 300M USD of damage at several customers. https://cloudblogs.microsoft.com/microsoftsecure/2018/01/23/overview-of-rapid-cyberattacks
9. There has been an increase in free versions of programs that purport to scan computers for various errors, and then use alarming, coercive messages to scare customers into buying a premium version of the same program. Starting March 1, 2018, Windows Defender Antivirus and other Microsoft security products will classify programs that display coercive messages as unwanted software, which will be detected and removed. https://cloudblogs.microsoft.com/microsoftsecure/2018/01/30/protecting-customers-from-being-intimidated-into-making-an-unnecessary-purchase

1. Windows 10 Tip: Add 3D to your PowerPoint presentation in 5 steps http://blogs.windows.com/windowsexperience/2018/01/29/windows-10-tip-add-3d-powerpoint-presentation-5-steps
2. Windows 10 Tip: Get started with the Mixed Reality Viewer app. http://blogs.windows.com/windowsexperience/2018/01/08/windows-10-tip-get-started-mixed-reality-viewer-app
3. Easily and securely manage devices –  Windows 10 helps to manage devices efficiently and cost effectively while reducing business disruptions, as you make new devices available to your employees. https://fasttrack.microsoft.com/microsoft365/productivitylibrary/Easily-and-securely-manage-devices
4. Fuel your creativity with powerful devices and apps – Use Surface Studio and Windows 10 to transform the way you sketch, model, and share your creative ideas. https://fasttrack.microsoft.com/microsoft365/productivitylibrary/Fuel-your-creativity-with-powerful-devices-and-apps
5. Use your device like a PC to stay productive and secure – Maintain the high level of productivity you need, wherever you are, by leveraging the seamless, secure mobile experience offered by Windows 10. https://fasttrack.microsoft.com/microsoft365/productivitylibrary/Use-your-device-like-a-PC-to-stay-productive-and-secure
6. Use integrated apps and devices to improve healthcare patient care – Gain secure, speedy access to lab results, specialist recommendations, patient notes, scheduling, and more from your Microsoft 365 powered device and your clinic’s integrated apps. https://fasttrack.microsoft.com/microsoft365/productivitylibrary/Use-integrated-apps-and-devices-to-improve-patient-care
7. Streamline healthcare lab operations while ensuring compliance – Improve your lab’s testing operations and ensure regulatory compliance by using powerful, modern devices. https://fasttrack.microsoft.com/microsoft365/productivitylibrary/Streamline-lab-operations-while-ensuring-compliance

Windows 10 News You Can Use – January 2018

Posted on January 3, 2018

Windows 10 news you can use, January 2018 edition Providing insights into Windows 10 deployment & management, security & compliance, and productivity

In other news related to Windows 10…

• With help from Microsoft security researchers, law enforcement agencies around the globe, in cooperation with Microsoft Digital Crimes Unit (DCU), announced the disruption of Gamarue, a widely distributed malware that has been used in networks of infected computers collectively called the Andromeda botnet. https://blogs.technet.microsoft.com/mmpc/2017/12/04/microsoft-teams-up-with-law-enforcement-and-other-partners-to-disrupt-gamarue-andromeda
• Microsoft named a leader in IDC’s MarketScape for Unified Endpoint Management (UEM). The report highlights UEM capabilities in EMS for Windows 10 management, strong identity and access management tie-ins with Azure AD, and Office 365 integration for security management and end-user experience. To get more details, you can access an excerpt of the IDC MarketScape report here. https://cloudblogs.microsoft.com/enterprisemobility/2017/12/04/microsoft-named-a-leader-in-idcs-marketscape-for-unified-endpoint-management-uem
• Microsoft 365 helps businesses increase trust and innovation through compliance with Compliance Manager (in preview). It performs a real-time risk assessment that reflects your compliance posture against data protection regulations (like the GDPR) when using Microsoft Cloud services, along with recommended actions and step-by-step guidance. https://blogs.office.com/en-us/2017/11/16/microsoft-365-helps-businesses-increase-trust-and-innovation-through-compliance-with-compliance-manager-preview
• The Microsoft 365 powered device Lab Kit is an updated version of the Windows 10 Deployment and Management lab kit. This lab is designed to help you plan your deployment of modern devices running Windows 10 Enterprise and Office 365 Pro Plus, managed by Enterprise Mobility + Security. https://technet.microsoft.com/en-us/windows/mt604890

1)      Visual Studio 2017 15.4 introduced the new Windows Application Packaging project to help you modernizing your application by using the new Windows 10 App Deployment Stack. http://blogs.windows.com/buildingapps/2017/12/04/extend-desktop-application-windows-10-features-using-new-visual-studio-application-packaging-project

2)      Add Conditional Access to your Windows 10 VPN with Intune and Azure AD. https://blogs.technet.microsoft.com/microscott/add-conditional-access-to-your-windows-10-vpn-with-intune-and-azure-ad

3)      Windows Analytics accelerates enterprise Windows 10 migration. With Update Compliance and Device Health services now generally available, Windows Analytics provides an end-to-end upgrade solution with actionable insights into device performance, reliability, and health, so enterprises can broadly migrate their devices from Windows 7 or Windows 8 to Windows 10 or update Windows 10 devices to the latest feature update (Windows 10, version 1709) quickly and with confidence. http://blogs.windows.com/business/2017/12/12/accelerate-windows-10-migration-windows-analytics

4)      Troubleshooting Windows AutoPilot (level 300/400). https://blogs.technet.microsoft.com/mniehaus/2017/12/13/troubleshooting-windows-autopilot-level-300400

5)      Blog post about file association configurations in Windows 10 that, after reading it, and you will be able to configure file associations in Windows 10 avoid this notification: An app default was reset. https://blogs.technet.microsoft.com/windowsinternals/2017/10/25/windows-10-how-to-configure-file-associations-for-it-pros

6)      Build your own Windows 10 VPN lab and configure it with Intune. https://blogs.technet.microsoft.com/microscott/build-your-own-windows-10-vpn-lab-and-configure-it-with-intune

7)      IT pros – join us on Tuesday, January 16th for an opportunity to “Ask Microsoft Anything” (AMA) about Windows Analytics. Members of the engineering and product teams will be standing by to answer your questions and listen to your feedback about Upgrade Readiness, Update Compliance, Device Health, and the future roadmap for Windows Analytics. https://techcommunity.microsoft.com/t5/Windows-Analytics-AMA/bd-p/WindowsAnalyticsAMA

8)      Different from the Windows Insider Program for Business, the Windows Insider Lab for Enterprise is intended for Windows Insiders who want to try new experimental and pre-release Enterprise Privacy and Security features. https://olympia.windows.com/Info/FAQ

9)      Using ConfigMgr co-management to offload Windows 10 updates to Microsoft Intune. https://blogs.technet.microsoft.com/arnabm/2017/12/12/using-configmgr-co-management-to-offload-windows-updates-to-intune

1)      Download the Windows Defender Advanced Threat Protection (WDATP) kit and learn how security solutions built into the operating system can help you detect, investigate, and respond to advanced attacks and data breaches on your networks. In addition, learn about the cost savings and business benefits enabled by WDATP. https://info.microsoft.com/ATPInformationKit-Registration.html

2)      In this blog, we explore how Windows Defender ATP (WDATP), makes use of AMSI inspection data to surface complex and evasive script-based attacks. We look at advanced attacks perpetrated by the highly skilled KRYPTON activity group and explore how commodity malware like Kovter abuses PowerShell to leave little to no trace of malicious activity on disk. From there, we look at how WDATP machine learning systems make use of enhanced insight about script characteristics and behaviors to deliver vastly improved detection capabilities. https://blogs.technet.microsoft.com/mmpc/2017/12/04/windows-defender-atp-machine-learning-and-amsi-unearthing-script-based-attacks-that-live-off-the-land

3)      Windows Defender Antivirus uses a layered approach to protection: tiers of advanced automation and machine learning models evaluate files in order to reach a verdict on suspected malware. While Windows Defender AV detects a vast majority of new malware files at first sight, we always strive to further close the gap between malware release and detection. In this blog post we’ll look at how additional automated analysis and machine learning models can further protect customers within minutes in rare cases where initial classification is inconclusive. https://blogs.technet.microsoft.com/mmpc/2017/12/11/detonating-a-bad-rabbit-windows-defender-antivirus-and-layered-machine-learning-defenses

4)      Microsoft Mechanics’ look at the recent updates to Windows Hello for Business. We’ll show you why it’s even more secure than a password. You’ll see new protections for when you are in a public place or for when you are away from your device. https://www.youtube.com/watch?v=G-GJuDWbBE8

5)      Learn how to address cybersecurity with these snackable security videos on the Microsoft in Business YouTube channel.  Includes Windows 10 security videos such as:

o   Why is Patching Important and What is Windows as a Service?

o   Why Layers of Security are Important

o   What is Windows Defender ATP?
6)      Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI. https://blogs.technet.microsoft.com/jepayne/2017/12/08/weffles

7)      The GDPR is compelling every organization to consider how it will respond to today’s security and compliance challenges. Read this white paper for an in-depth exploration of the GDPR and its implications for organizations, how the capabilities of Microsoft 365 Enterprise edition can help your organization approach GDPR compliance and accelerate your journey, and what you can do to get started now. https://resources.office.com/ww-landing-M365EGDPR-accelerate-your-GDPR-compliance-whitepaper.html?LCID=EN-US

1)      Windows 10 Tip: Get started with Continue on PC in the Microsoft Edge mobile app. http://blogs.windows.com/windowsexperience/2017/12/04/windows-10-tip-get-started-continue-pc-microsoft-edge-mobile-app

2)      We are again at the beginning of another major technology shift: the ability to be connected anytime, anywhere with Always Connected PCs that are instantly on, always connected with incredible battery life. http://blogs.windows.com/windowsexperience/2017/12/05/always-connected-pcs-enable-a-new-culture-of-work

3)      In the new world of work, advanced professions increasingly require high-performance computing capabilities. We’re working to ensure Windows meets your needs, even in demanding and mission-critical scenarios.  Join us for a look at the key benefits of Windows 10 Pro for Workstations, which was announced in August. http://blogs.windows.com/business/2017/12/15/windows-10-pro-workstations-power-advanced-workloads

4)      Windows 10 Tip: How to recover your pin and password from the lock screen. http://blogs.windows.com/windowsexperience/2017/12/18/windows-10-tip-recover-pin-password-lock-screen

Windows 10 News You Can Use – December 2017

Posted on December 2, 2017 Updated on April 9, 2018

Windows 10 news you can use, December 2017 edition Providing insights into Windows 10 deployment & management, security & compliance, and productivity

In other related news…

• By running Windows 10 with Office 365 ProPlus and Enterprise Mobility + Security, you can simplify the way you deploy and manage devices, deliver the latest innovations to users, and get robust insights to help you proactively run and manage your IT processes—with intelligent security built in every step of the way.  Register today to join us on Tuesday, December 5th from 10:00 a.m. to 11:00 a.m. Pacific Time to learn how to help protect your data and devices from the latest threats, transition to cloud-based management at your own pace, roll out updates for Windows and Office in a streamlined way without impacting user productivity, and more.
• Rapid cyberattacks like NotPetya and WannaCrypt were able to take down all IT systems at global enterprises in about an hour, creating a new challenge for IT and Security leadership and practitioners to manage. Join us to learn about these attacks and Microsoft’s prescriptive roadmap of recommended mitigations to protect your organization against this type of attack.
• Learn from Microsoft Mechanics about the spectrum of built-in security defenses that protect your users, information and devices. This rich capability set spans Windows 10, Office 365, enterprise mobility and security, while leveraging a number of services within Microsoft Azure. To go even deeper, check out Deep Dive into Microsoft 365 Intelligent Security.

1)      Do the employees in your enterprise forget their passwords? Good news! The new Windows 10 Fall Creators update allows users with Azure AD-joined (AADJ) devices to see a “Reset password” link on their lock screen. When they click this link, they will be brought to the same self-service password reset (SSPR) experience they see when signing in from a browser. https://cloudblogs.microsoft.com/enterprisemobility/2017/11/20/resetting-passwords-on-azure-ad-joined-devices-is-much-easier-with-the-latest-windows-update

2)      We are delighted to announce that we have released version 1710 for System Center Configuration Manager that includes new features and product enhancements! https://cloudblogs.microsoft.com/enterprisemobility/2017/11/20/now-available-update-1710-for-system-center-configuration-manager

3)      Step-by-step guide on how to use an Azure AD cloud-only identity to access an on-premises, non-cloud resource. https://blogs.technet.microsoft.com/askpfeplat/2017/11/21/mix-and-match-workfolders-azure-ad-and-aad-application-proxy

4)      Infographic: Start a practical move to modern Windows 10 management with Microsoft Enterprise Mobility + Security (EMS). See how you can use co-management with System Center Configuration Manager (ConfigMgr) and Intune to transition to a modern management approach in a controlled, iterative way.  https://gallery.technet.microsoft.com/Infographic-Start-a-43e7c705

5)      What’s new in Hyper-V for Windows 10 Fall Creators Update? https://blogs.technet.microsoft.com/virtualization/2017/11/13/whats-new-in-hyper-v-for-windows-10-fall-creators-update

6)      Windows 10 Deployment: Tips and Tricks from Microsoft IT. https://mva.microsoft.com/en-US/training-courses/windows-10-deployment-tips-and-tricks-from-microsoft-it-18012?l=SGQyyppQE_3312263987

7)      Architectural planning posters for Windows 10, including for clean install, in-place upgrades, AutoPilot, servicing, and protection solutions. https://docs.microsoft.com/en-us/windows/deployment/windows-10-architecture-posters

8)      How to upgrade ConfigMgr to the latest version along with upgrading OS and SQL. https://blogs.technet.microsoft.com/configurationmgr/2017/11/15/how-to-upgrade-configmgr-to-version-1702-with-os-and-sql-upgrade

1)      Microsoft Windows 10 offers many new native security and privacy capabilities that potentially reduce organizations’ reliance on third-party endpoint security solutions. When taken together, these capabilities improve the risk posture of your endpoint environment and significantly reduce exposure to OS- and application-level exploits. This report explains to risk and security professionals the best ways to utilize the new Windows 10 security features while keeping users’ privacy intact. https://reprints.forrester.com/#/assets/2/108/RES138138/reports

2)      We’re excited to announce three leading security companies – Bitdefender, Lookout, and Ziften – are partnering with us to enable Windows Defender Advanced Threat Protection (ATP) to detect, protect, and respond to security threads on macOS, Linux, iOS, and Android devices. http://blogs.windows.com/business/2017/11/08/microsoft-partners-extend-windows-defender-atp-across-platforms

3)      Clarifying the behavior of mandatory Address Space Layout Randomization (ASLR) using Windows Defender Exploit Guard (WDEG) in Windows 10. https://blogs.technet.microsoft.com/srd/2017/11/21/clarifying-the-behavior-of-mandatory-aslr

4)      Overview of new security capabilities in Windows 10 1709.

• Windows Defender Exploit Guard: Reducing the attack surface with next-generation host intrusion prevention
• Stopping ransomware where it counts: Protecting your data with Controlled folder access
• Making Microsoft Edge the most secure browser with Windows Defender Application Guard
• Introducing Windows Defender Application Control
• Hardening the system and maintaining integrity with Windows Defender System Guard

Windows 10 News You Can Use – November 2017

Posted on November 1, 2017 Updated on November 1, 2017

Windows 10 news you can use, November 2017 edition Providing insights into Windows 10 deployment & management, security & compliance, and productivity

In other related news…

• Windows 10, version 1709 is the fourth feature update for Windows 10, offering IT professionals a comprehensive set of intelligent security solutions, streamlined deployment and management options, and proactive insights to help protect data and devices, save time, and reduce costs. See what’s new for IT pros in 1709.
  https://blogs.technet.microsoft.com/windowsitpro/2017/10/17/whats-new-for-it-pros-in-windows-10-version-1709
• Did you miss Microsoft Ignite 2017 or want to watch session that you missed? If so, then have no fear!  Many of the Windows sessions (and decks) from Microsoft Ignite 2017 are now available online and on demand.
  https://blogs.technet.microsoft.com/windowsitpro/2017/10/09/windows-wrap-up-microsoft-ignite-2017.
• On Thursday, November 2nd, Nathan Mercer of Microsoft is hosting a webcast with everyone’s favorite deployment expert, Michael Niehaus, to walk you through what’s new in the Windows 10 Fall Creators Update. Together, they’ll go over the security improvements that will help you stay ahead of today’s advanced threats and safeguard your devices and data. They’ll also show you some of the cloud-based identity, device, and app management capabilities that can save you time and enable you to support corporate-owned and user-owned devices in a controlled, compliant, secure manner. Registration at https://blogs.technet.microsoft.com/windowsitpro/2017/10/10/see-whats-new-for-it-pros-in-windows-10-version-1709.

1)      Register today for exclusive access to a one-hour, demo-rich webcast showcasing solutions that can help you monitor and proactively improve your experience with Windows 10 upgrades, update deployment, and device management.  Webcast will be Tuesday 11/7/2017.
https://blogs.technet.microsoft.com/windowsitpro/2017/10/12/webcast-qa-proactive-insights-with-windows-analytics

2)      Administrative Templates (.admx) for Windows 10 Fall Creators Update (1709)
https://www.microsoft.com/en-us/download/details.aspx?id=56121

3)      Update 1710 for the Technical Preview Branch of System Center Configuration Manager has been released. Technical Preview Branch releases give you an opportunity to try out new Configuration Manager features in a test environment before they are made generally available.
https://cloudblogs.microsoft.com/enterprisemobility/2017/10/30/update-1710-for-configuration-manager-technical-preview-branch-available-now

1)      Microsoft Mechanics, live at Ignite 2017: Real tales of [recent] attacks and the defenses in Windows 10 to stop them
https://www.youtube.com/watch?v=bNPo_BA72Is&index=18&list=PLXtHYVsvn_b9vcbjK69horD5S4mrx_v4H

2)      Browser security beyond sandboxing
https://blogs.technet.microsoft.com/mmpc/2017/10/18/browser-security-beyond-sandboxing

3)      Final release of the recommended security configuration baseline settings for Windows 10 1709
https://blogs.technet.microsoft.com/secguide/2017/10/18/security-baseline-for-windows-10-fall-creators-update-v1709-final

4)      Mobile, collaborative, and secure—Using Windows Information Protection to protect corporate data.  IT Showcase case study (30-minute video) that outlines how Microsoft IT is using Windows Information Protection.
https://www.microsoft.com/itshowcase/Article/Content/970/Mobile-collaborative-and-secureUsing-Windows-Information-Protection-to-protect-corporate-data

5)      Forrester Research recently released a report (available for purchase) which explains to risk and security professionals the best ways to utilize the new Windows 10 security features while keeping users’ privacy intact.
https://www.forrester.com/report/Windows+10+Finally+Delivers+On+Microsofts+Security+Promises/-/E-RES138138

1)      What’s new [for the user experience] in the Windows 10 Fall Creators Update

• http://blogs.windows.com/windowsexperience/2017/10/17/whats-new-windows-10-fall-creators-update
• https://www.microsoft.com/en-us/windows/features

2)      What’s New in Microsoft Edge in the Windows 10 Fall Creators Update
http://blogs.windows.com/msedgedev/2017/10/17/edgehtml-16-fall-creators-update

3)      Designing devices for the new culture of work
http://blogs.windows.com/devices/2017/10/31/news-from-future-decoded-designing-devices-for-the-new-culture-of-work 

4)      Introducing Surface Book 2, the most powerful Surface Book ever
https://blogs.windows.com/windowsexperience/2017/10/17/windows-10-fall-creators-update-and-mixed-reality-headsets-available-today-announcing-surface-book-2 

5)      Windows 10 Tip: Work more efficiently with MyAnalytics, it can help you managed relationships with important people, prioritize your time and track the reach and influence of your email communications.
http://blogs.windows.com/windowsexperience/2017/10/09/windows-10-tip-work-efficiently-myanalytics

6)      Windows 10 Tip: Get started with the Windows 10 Maps app
http://blogs.windows.com/windowsexperience/2017/10/16/windows-10-tip-get-started-windows-10-maps-app