Month: August 2019
|Windows 10 news you can use, August 2019 edition
Insights into Windows 10 deployment & management, security & compliance, and productivity & accessibility.
Also see other news related to Windows 10.
|Deployment & Management|
- Evolving Windows 10 servicing and quality: the next steps. As part of our commitment to transparency, we are providing an overview of how we plan to further optimize the delivery of our next feature update. The next feature update for Windows 10 (known in the Windows Insider Program as 19H2) will be a scoped set of features for select performance improvements, enterprise features and quality enhancements. https://blogs.windows.com/windowsexperience/2019/07/01/evolving-windows-10-servicing-and-quality-the-next-steps
- The next feature update for Windows 10 (internal code name: 19H2) will have a new update option that will be available to devices running Windows 10, version 1903. 19H2 will be a scoped release with a smaller set of enhancements focused primarily on select performance improvements, enterprise features, and quality enhancements. For commercial customers, read the article to understand the impacts.
- Windows Autopilot for existing devices now supports Hybrid Azure AD Join.
- Improving the Office app experience in virtual environments, including Windows 10 VDI and Windows Virtual Desktop.
- Use Desktop Analytics and machine learning to get current and stay current, now available in public preview. With Desktop Analytics, it’s easier to deploy with confidence and keep your PCs up to date with the latest Windows 10 capabilities your employees need.
- The blog for Windows Analytics has been retired. Visit the new Tech Community site for Desktop Analytics!
- Guide to try out Windows Autopilot white glove pre-provisioning with Windows 10, version 1903.
- MSIX Packaging Tool update – the July 2019 release includes popular customer asks, such as (1) support for apps that require restarts, (2) signing certification information as a global setting, and (3) setting the minimum version for converted apps to 1709 when you turn off enforce store versioning requirements.
- Getting started with FSLogix profile containers on Azure Files in Windows Virtual Desktop.
- Tactical considerations for creating Windows 10 deployment rings.
- Microsoft Intune is excited to announce the general availability of administrative templates support for Windows 10 device configuration profiles. This feature received wide adoption during the public preview because it helps Windows administrators use the settings they are familiar with in group policy editor when they transition to cloud-attached management.
- The Microsoft Mechanics team has published a series of video tutorials to show you how to prepare, deploy, and optimize Windows Virtual Desktop.
- Administrative Templates (.admx) for Windows 10 May 2019 Update (1903) now available.
- MSIX Labs and Training Videos – Now Available! The MSIX Training Labs contain a series of hands-on exercises geared at enabling people to become more familiar with different aspects of MSIX. From the MSIX packaging tool, to adding a package support framework, or just becoming familiar with some of the command line tools, the labs are a great place to get started for folks looking to learn more about MSIX.
- Upgrading Windows 10 devices with installation media different than the original OS install language. In this post, we will look at a scenario where a hypothetical multilingual organization wants to deploy Windows 10 to devices across multiple geographies in multiple languages. We’ll then outline the options that can be used to work around device install language issues and successfully deploy a Windows 10 feature update.
- Improvements for enterprises signing MSIX packages (Insider Preview). MSIX requires packages to be signed in order to be deployed. This helps us to offer integrity on the package being deployed and to ensure the contents being deployed are what was packaged from the developer or IT Pro. While this is great, some customers found it problematic acquiring certificates within their enterprise. In an upcoming Windows release will improve the tooling to enable signing of MSIX packages from your Azure Active Directory tenant.
|Security & Compliance|
- Microsoft Defender ATP alert categories are now aligned with MITRE ATT&CK framework tactics.
- Delivering major enhancements in Windows Defender Application Control with the Windows 10 v1903.
- Dismantling a fileless campaign: Microsoft Defender ATP next-gen protection exposes Astaroth attack.
- Microsoft Intune is excited to announce general availability of Windows MDM Security Baselines. A new version of security baselines is also being released at the same time, identified as MDM Security Baseline for Spring 2019 Update (19H1). This is a new template that includes several new settings and some other updates.
- Upgrading Windows 10 devices with installation media different than the original OS install language. In this post, we will look at a scenario where a hypothetical multilingual organization wants to deploy Windows 10 to devices across multiple geographies in multiple languages. We’ll then outline the options that you can use to work around device install language issues and successfully deploy a Windows 10 feature update.
- Microsoft Defender ATP (MDATP) supports network connection monitoring from different levels of the operating system network stack. A challenging case is when the network uses a forward proxy as a gateway to the internet. The proxy acts as if it was the target endpoint. In these cases, simple network connection monitors will audit the connections with the proxy which is correct but has lower investigation value. MDATP supports advanced HTTP level sensor. By enabling this sensor, MDATP will expose a new type of events that surfaces the real target domain names.
- Comprehensive protection for your credentials with Credential Guard and HVCI. The goal of Windows Defender Credential Guard is to make it incredibly difficult for malware to move laterally in an enterprise network and gain higher privileges. The theory is simple: prevent malware from stealing passwords, hopping boxes, and elevating privileges. An attacker is dead in the water if they can’t get credentials in the first place.
- Yet another step in building a world without passwords. Now announcing that you can go passwordless with the Public Preview of FIDO2 security keys support in Azure Active Directory. It means that you can now try out passwordless capabilities that allow you to roll out, at scale, FIDO2 security keys that will authenticate a user on a Windows 10 Azure AD joined device.
- Oftentimes, organizations require better control over their raw data. To answer this need, Microsoft Defender Advanced Threat Protection (MDATP) allows you to stream Advanced hunting events to Azure Event Hubs or to an Azure storage account. In this blog, I am going to demonstrate how to stream your Advanced hunting events to Azure storage account and set an Azure blob storage lifecycle rule to move old data to low-cost storage.
- Microsoft Defender ATP (MDATP) Evaluation lab is now available in public preview! The evaluation lab allows you to create up to three machines with a click of a button. Each machine is provisioned for you by Microsoft Defender ATP and is available for all your testing needs for three days. They’ll come with the latest and greatest Windows 10 installed, they’ll be onboarded to your environment, and configured with all the Microsoft security baseline settings in place in audit mode.
- Most machine learning models are trained on a mix of malicious and clean features. Attackers routinely try to throw these models off balance by stuffing clean features into malware. Monotonic models are resistant against adversarial attacks because they are trained differently: they only look for malicious features. The magic is this: Attackers can’t evade a monotonic model by adding clean features. To evade a monotonic model, an attacker would have to remove malicious features. One of the latest innovations in our protection technology is the addition of a class of hardened malware detection machine learning models called monotonic models to Microsoft Defender ATP‘s Antivirus.
- Protect your device from malware with Windows Sandbox. Have you ever downloaded a program from a website or opened an email attachment thinking it was from someone you know, only to find out it was infected with a virus? Such actions can wreak serious havoc. Windows Sandbox allows you to run a program or open a file while keeping it apart from your device—almost as if it were on a totally separate computer.
- Modern security teams need to proactively, efficiently, and effectively hunt for threats across multiple attack vectors. To address this need, we’re giving a glimpse of new capabilities coming soon to threat hunting technology currently available in Microsoft Defender Advanced Threat Protection (MDATP).
- How Windows Defender Antivirus integrates hardware-based system integrity for informed, extensive endpoint protection. Recently, the Microsoft Defender ATP (MDATP) research team found a malicious system driver enabling a token swap attack that could lead to privilege escalation. In this blog, we’ll share our analysis of the said attack and discuss how Windows Defender Antivirus uses its unique visibility into system behaviors to detect dangerous kernel threats.
- Microsoft Defender ATP (MDATP) includes a sandbox in each customer tenant, to detonate files in a safe environment and provides a rich and readable report of what the file can do – gain persistence, communicate to IP addresses, change the registry, etc… but in some case you want to run such analyses in your own sandbox or do reverse engineering work, with MDATP you can now download and inspect any file found on your network.
|Productivity & Accessibility|
- Video (0:58) – It’s easy to forget what we were working on, especially when it was days or weeks ago. Timeline for Windows 10 PCs helps you jump back into something you were doing – like working on a document or browsing a website.
- Sync your settings in Windows 10 allows some of the common personalization preferences to be synced to the cloud and applied to any PC you sign in to with your Microsoft account. By letting Windows 10 sync your settings, you can have a more consistent experience no matter which device you happen to be using.
- Windows 10 Tip: Your Phone app gives you more to do with messages and photos.
- Video (1:52) – Microsoft is moving past old ideas of sound design and designing sound with all senses in mind. Recognizing the way sound moves us, emotionally and physically, we are taking a different path to designing for sound holistically.
- Thanks to the Windows 10 May 2019 Update, you’ll be able to take full advantage of the newest version of the Sticky Notes app. With this most recent version, you can sync and backup notes across your phone, laptop and desktop — all your devices.
- Video (2:17) – Windows 101: Four simple ways to switch between Windows apps.
- Video (0:43) – Introduction to Dictation in Windows 10.Use dictation to convert spoken words into text anywhere on your PC. Dictation uses speech recognition, which is built into Windows 10, so there’s nothing you need to download or install to use it.
- Video (2:04) – Making the mouse pointers easier to see. These new settings aren’t just for users with low vision, learn the different ways you can use these settings.
- Windows 10 Tip: The release of Emoji version 12.0 aims to better represent people with disabilities. You’ll now see mechanical limbs, sign language and hearing aids; as well as manual and motorized wheelchairs and two different versions of service animals.
- Capture and share videos with Game bar. Did you know that you could do more than just gaming? Videos are everywhere. We watch them for instruction and entertainment. With Windows 10, it has become super easy to take screenshots of your screen using the Snip & Sketch tool. But what if you want to record live video action? Game bar can do that too.
|In other news related to Windows 10…|
- The next version of Microsoft Edge: Enterprise evaluation and roadmap. Includes topics such as (1) cross-platform, modern web, (2) integrated IE11 mode, (3) simplifying deployment and management, (4) protecting customers’ data and privacy, and (4) user productivity at work.
- Microsoft’s Threat & Vulnerability Management solution is generally available as of June 30! We have been working closely with customers for more than a year to incorporate their real needs and feedback to better address vulnerability management. Our goal is to empower defenders with the tools they need to better protect against evolving threats, and we believe this solution will help provide that additional visibility and agility they need.
- Microsoft Defender ATP for Mac is here! Generally available as of June 28, 2019.
- Preparing your enterprise to eliminate passwords.
- Microsoft Security Response Center: a proactive approach to more secure code.
- Video (3:33) – Meet Abhi Gupta, a data and intelligence engineer has been using numbers and data analytics to Microsoft for better overall user experiences.
- CISO series: Better cybersecurity requires a diverse and inclusive approach to AI and machine learning.