Latest Event Updates

Windows 10 News You Can Use – June 2017

Posted on Updated on

This June 2017 edition of Win10 news you can use is primarily based around security. Do note that item #1 is for an upcoming webcast that could be beneficial for you or others in your team to attend.

  1. Windows 10 deployment: Tips and Tricks from Microsoft IT – LIVE June 20 at 10AM PST – This webinar will focus on best practices and lessons learned, from application compatibility testing and upgrade strategies to smoothing the deployment path through end user readiness
    https://info.microsoft.com/en-us-landing-windows10deploymenttipsandtricksfrommicrosoftit.html

  2. R.I.P … Windows 10 1507 end of support. Next up is end of support for Win10 1511 (Anniversary Update).
    https://support.microsoft.com/en-us/help/4015562/windows-10-version-1507-will-no-longer-receive-security-updates

  3. Recently the Windows Defender Advanced Threat Protection (WDATP) research team noticed security alerts that demonstrated an intriguing attack pattern. These early alerts uncovered a well-planned, finely orchestrated cyberattack that targeted several high-profile technology and financial organizations.
    https://blogs.technet.microsoft.com/mmpc/2017/05/04/windows-defender-atp-thwarts-operation-wilysupply-software-supply-chain-cyberattack
  4. Announced last September in the Microsoft Edge Blog, Windows Defender Application Guard for Microsoft Edge is now available in Windows Insider Preview (Build 16188) for Enterprise users in the Fast Ring. Microsoft Edge running in Application Guard provides enterprises the maximum level of protection from malware and zero day attacks against Windows.
    https://blogs.windows.com/windowsexperience/2017/05/04/announcing-windows-10-insider-preview-build-16188-pc-build-15210-mobile

  5. Improvements for Enterprises in Microsoft Edge on the Windows 10 Creators Update
    https://blogs.windows.com/msedgedev/2017/05/04/improvements-enterprises-microsoft-edge-windows-10-creators-update

  6. The security capabilities of Windows 10, Windows Defender Antivirus, and Windows Defender Advanced Threat Protection are constantly evolving to protect against current and future threats. Download this white paper to learn how Microsoft uses data science, machine learning, automation, behavioral analysis, and expert threat researchers to forge the next generation of security solutions.
    https://info.microsoft.com/Windows-Defender-ML-Whitepaper-Registration.html
  7. Microsoft Secure Blog on “7 types of highly effective hackers (and what to do about them)”; get the free e-book (registration required) to learn about the seven different types of hackers and get recommendations on how you can better prepare your organization against their potential threats.
    https://blogs.microsoft.com/microsoftsecure/2017/05/22/7-types-of-highly-effective-hackers-and-what-to-do-about-them

Windows 10 News You Can Use – May 2017

Posted on Updated on

For this May 2017 edition of “Windows 10 news you can use”, the highlight is the release of the Windows 10 Creators Updates (aka R2, aka 1703). Since there is a lot of news surrounding the release, this newsletter is broken down into three sections.

General Win10 News

  1. ‘Ask Microsoft Anything’ (AMA) about Windows as a service event will give you the opportunity to connect with members of the Windows product and engineering teams, who will be on hand to answer your questions and listen to feedback – held on Thursday, May 4, 2017 from 9:00 a.m. to 10:00 a.m. PT
    https://blogs.technet.microsoft.com/windowsitpro/2017/04/24/save-the-date-windows-as-a-service-ama-on-may-4th
  2. Windows 10 IT Pro content map – A comprehensive list of resources designed to help IT professionals explore, plan for, deploy, manage, and support Windows 10
    https://www.microsoft.com/en-us/download/details.aspx?id=54962
  3. Announcing the Windows Insider Program for Business. Insiders can now register for Windows 10 Insider Preview Builds on their PC using their corporate credentials in Azure Active Directory. Using corporate credentials will enable you to increase the visibility of your organization’s feedback – especially on features that support productivity and business needs. You’ll also be able to better advocate for the needs of your organization, and have real-time dialogue with Microsoft on features critical to specific business needs.
    https://blogs.windows.com/windowsexperience/2017/04/07/announcing-windows-10-insider-preview-build-16170-pc
  4. A series of videos and blog posts are being published introduce you to the best of Microsoft Edge and share tips and tricks for making the most out of your browsing experience
    https://blogs.windows.com/windowsexperience/tag/a-week-with-microsoft-edge
  5. Announcement on the new release cadence of Office 365 ProPlus and SCCM along with Windows 10 branches
    https://blogs.windows.com/business/2017/04/20/windows-office-align-feature-release-schedules-benefit-customers
  6. Microsoft IT showcase – Enhancing remote access in Windows 10 with an automatic VPN profile
    https://www.microsoft.com/itshowcase/Article/Content/894/Enhancing-remote-access-in-Windows-10-with-an-automatic-VPN-profile

Windows 10 1703

  1. A consolidated description of content features and related resources for IT Pros to learn about what’s new in Windows 10, version 1703
  2. With the Creators Update, we’re upgrading Microsoft Edge with dozens of new features and under-the-hood improvements to make the best browser on Windows 10 faster, leaner, and more capable than ever.
    http://blogs.windows.com/msedgedev/2017/04/11/introducing-edgehtml-15
  3. New Microsoft Mechanics videos
  4. Microsoft shares what is collected in the Basic telemetry level. With telemetry enabled, Microsoft is giving back to customers with data-driven insights from the Windows Analytics suite to reduce the costs of deploying, servicing, and supporting Windows 10.
    https://blogs.windows.com/windowsexperience/2017/04/05/windows-10-privacy-journey-continues-more-transparency-and-controls-for-you

Windows 10 Security

  1. Windows 10 Security in Real Life – experts provide an in-depth look at the most secure Windows ever, and see how to put the new features to work for you right away, as you build up your Windows 10 security skills
    https://mva.microsoft.com/en-US/training-courses/windows-10-security-in-real-life-17127?l=Xz1vNy5XD_104300474
  2. Microsoft published a “ransomware response playbook”, which outlines a scenario-driven story about how WDATP can help protect against ransomware in the enterprise
    https://www.microsoft.com/en-us/download/details.aspx?id=55090
  3. Recent Gartner research explores the new Windows threat resistance security features that are important to security and risk management leaders
    http://www.gartner.com/reprints/?id=1-3XQ818D&ct=170411&st=sb
  4. A new, more thorough Windows Defender Antivirus library on TechNet with an impressive 47 topics and 164 pages!
    https://technet.microsoft.com/en-us/itpro/windows/keep-secure/windows-defender-antivirus-in-windows-10

Windows 10 News You Can Use – April 2017

Posted on Updated on

For this month’s edition of Windows 10 news that you can use, I’m excited to share that the Windows 10 Creators Update (aka RS2, aka 1703) has arrived!  Announcement: https://blogs.windows.com/windowsexperience/2017/03/29/windows-10-creators-update-coming-april-11-surface-expands-markets.  Additionally, there is a webcast on April 27th, which will cover changes and new features in further detail – register for it at https://aka.ms/w10itpro/new-in-v1703-webcast.

For the rest of this month’s news:

  1. The Microsoft Edge security team employs a layered strategy to protect you from vulnerabilities that could be used to compromise your device or personal data.  In this post, we’ll explore some of the significant improvements we’ve made in the Windows 10 Creators Update to strengthen our next line of defense: the Microsoft Edge sandbox.
    http://blogs.windows.com/msedgedev/2017/03/23/strengthening-microsoft-edge-sandbox
  2. If you upgraded in-place to Win10 x64 from Win7 x64, then it’s highly likely the disk is in the MBR format. With the release of the Win10 Creators Update (v. 1703), the disk conversion MBR to GPT tool is now ready to be used so that you can convert BIOS to UEFI.
    https://technet.microsoft.com/en-us/itpro/windows/deploy/mbr-to-gpt
  3. Win10 virtual hands-on labs let you try out Windows 10 setup, deployment, and management scenarios using a cloud-based private virtual machine environment. Each lab presents you with a series of instructions, and access to one or more virtual machines, with no additional software or setup required.
    https://blogs.technet.microsoft.com/windowsitpro/2017/03/02/get-free-hands-on-experience-with-windows-10-virtual-labs
  4. Easy to follow Win10 technical demonstration videos – Explore the new features and improvements in Windows 10, and find tips and tricks to simplify deployment.
    https://technet.microsoft.com/en-us/windows/dn708062
  5. Windows Defender Antivirus protection evaluation guide.  Related, if you would like a demo or to personally test out the Block at First Sight capabilities to protect against zero-day malware, then let me know so that I can provide you with instructions to mimic polymorphic malware.
    https://www.microsoft.com/en-us/download/details.aspx?id=54795
  6. Features that are removed or deprecated in Windows 10 Creators Update 1703. This list is intended for IT professionals who are updating operating systems in a commercial environment.
    https://support.microsoft.com/en-us/help/4014193/features-that-are-removed-or-deprecated-in-windows-10-creators-update
  7. On-demand video for Best Practices on Win10 deployment.  Refresh your memory on what Windows as a Service means, and understand how it applies to your own business. Get an overview of the management features and integrations in Windows 10 that make it simpler but also more flexible, such as In-Place Upgrade, Dynamic Provisioning, Azure Active Directory, and Mobile Device Management. Learn more about App-V and UE-V, which makes management of applications and settings more streamlined.
    https://info.microsoft.com/en-us-wbnr-Windows10DeploymentBestPractices-register.html
  8. Windows 10 Deployment and Management Lab Kit updated and good through June 1, 2017.  Note this is still using Win10 1607 as that is the CBB.
    https://www.microsoft.com/en-us/evalcenter/evaluate-windows-10-deployment-and-management-lab-kit

 

Inventory of systems that are using Offline Files

Posted on Updated on

If you need a mechanism by which to identity or inventory systems that have cached files using Offline Files, you can retrieve details through WMI in Win32_OfflineFilesItem.  ConfigMgr inventory can be easily expanded to collect this data for reporting.  Below is an example screen shot from my lab on a Win7 system that has a cached offline file.  Be aware, and keep in mind that you may risk exposing confidential information based upon the server or file name. 

 offlinefiles_wmi

 

p.s. happy Pi day

Windows 10 News You Can Use – March 2017

Posted on

This March 2017 edition of “news you can use” for Windows 10 is chalked full of many resources as it was an active month in February!  To help break apart such a large list, I have split it into three sections – Win10 news and resources, combating new security threats with Win10, and training / how-to guides.

Windows 10 News & Resources

  1. Signup for the new Win10 IT Professional insider newsletter! Get the latest news, resources, tools, and guidance to help you explore and deploy Windows 10; migrate from Windows 8.1 or Windows 7; and manage your existing Windows client infrastructures successfully—and with less effort.
    https://technet.microsoft.com/en-us/windows/ee837411
  2. Windows 10 security experts share how to stay ahead of the catalysts shaping the cyber landscape
    http://blogs.windows.com/business/2017/02/13/security-trends-windows-10
  3. FastTrack for Windows 10 announced
    https://blogs.windows.com/business/2017/01/23/get-fasttrack-deploy-windows-10
  4. The whitepaper on the “total economic impact” of Windows 10 was updated and refreshed in December 2016.  This Microsoft-commissioned report by Forrester demonstrates how deploying Windows 10 can help reduce costs and provide significant benefits to your organization. The report found an ROI of 233% with a payback period of only 14 months. Download now to read more!
    http://wincom.blob.core.windows.net/documents/Windows%2010%20TEI%20Study.pdf
  5. Infographic: Simplify Windows 10 management and lower TCO
    https://gallery.technet.microsoft.com/Infographic-Simplify-37e77674
  6. For those using and creating Provisioning Packages, the Windows Image Configuration Designer is now available as a universal application.  So it’s not necessary to download and install from the Windows ADK!
    https://www.microsoft.com/store/apps/9nblggh4tx22

Windows 10 and Surface stomp on security threats with new enterprise innovations

These are key announcements from blog post: https://blogs.windows.com/business/2017/02/10/windows-10-surface-stomp-security-threats-new-enterprise-innovations

  1. NSA adds Windows 10 and Surface to list for classified use – Surface Pro 3, Surface Pro 4 and Surface Book have been added to the NSA’s Commercial Solutions for Classified Programs (CSfC) list. Additional information on the NSA site: https://www.nsa.gov/resources/everyone/csfc/components-list
  2. Enhanced security capabilities with Surface Enterprise Management Mode (SEMM).  SEMM will protect PCs at the UEFI level – “so a lot of the attacks you would expect attackers to use in order to just re-enable the camera without the user knowing, won’t even work, because the device is disabled at a fundamental, hardware level”.
  3. Extending device management in Windows 10 using MDM software, administrators will be able to apply settings and configurations from the Security Baseline Policies list. Previously, those settings were only available through Group Policy.
  4. New MDM Migration Analytics Tool designed to help customers figure out migrating from Group Policy to MDM. It scans a system for all of the policies applied to it, tries to map those policies to their MDM equivalents, and spits out a report of the results.
  5. The quest for No More Passwords with Windows Hello – Now available with on-premises Active Directory not just Azure AD.
  6. Additionally, the Dynamic Lock feature in Windows Hello connects a user’s smartphone to their Windows 10 device, and automatically locks the device when the phone’s Bluetooth signal drifts far away.
  7. The Upgrade Analytics “tool” is being rolled into a suite of tools called Windows Analytics.  Upgrade Analytics itself is being rebranded as Upgrade Readiness.
  8. Windows Analytics will now include  Update Compliance – free insights that provide a holistic view of Windows 10 update compliance for both monthly quality updates and new feature updates. This free resource will help organizations monitor deployment progress, identify issues and provide insights about their fully-patched, secure Windows 10 device environment.

Windows 10 Training and Guides

  1. New how-to articles and guides available from Microsoft!
  2. Stop malware with Windows 10 Device Guard
    https://mva.microsoft.com/en-US/training-courses/dropping-the-hammer-on-malware-with-windows-10-device-guard-16926
  3. Microsoft Mechanics video: A look at Advanced Threat Analytics in the datacenter
    https://youtu.be/RAS-TI6PUrg

Windows 10 News You Can Use – February 2017

Posted on Updated on

  1. NSS Labs reports showing that Microsoft Edge (in Windows 10) blocks more phishing sites and socially engineered malware than Chrome or Firefox. Available for download from http://www.nsslabs.com/browser-security.
  2. New evidence and stories on enterprise detection and response (EDR) against threat actors:
  3. Microsoft IT Showcase – Windows Defender ATP for EDR helps detect sophisticated threats https://www.microsoft.com/itshowcase/Article/Content/854/Windows-Defender-ATP-helps-detect-sophisticated-threats
  4. Desktop as a Service (DaaS) – Virtualization of Win10 in the cloud, fast provisioning and flexibility
  5. Two new videos in the Win10 IT pro series have been published online!
  6. Windows Hello supports a growing variety of secured companion devices
    https://blogs.windows.com/windowsexperience/2017/01/12/windows-hello-supports-growing-variety-secured-companion-devices
  7. BIOS legacy to UEFI conversion tool.
    • Although not specifically called out in the 15007 Build Blog, it looks like the In-Place UEFI tool announced in December has rolled out in 15007.
    • See below and also this Blog from a partner.
    • This is available on the fast build of the latest release. Let us know what you think!
  8. Windows 10 achieves FIPS 140-2 compliance.
    http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2017.htm

Windows 10 News You Can Use – January 2017

Posted on

Happy new year to one and all!  Welcome to my first 2017 edition of “news you can use” for Windows 10.  I originally set out to compile and share these bits of information that I see come through the wire, with the hopes that it would be beneficial to you as well.