Windows 10 News You Can Use – August 2019

Posted on August 1, 2019

Windows 10 news you can use, August 2019 edition Insights into Windows 10 deployment & management, security & compliance, and productivity & accessibility. Also see other news related to Windows 10.

1. Evolving Windows 10 servicing and quality: the next steps. As part of our commitment to transparency, we are providing an overview of how we plan to further optimize the delivery of our next feature update. The next feature update for Windows 10 (known in the Windows Insider Program as 19H2) will be a scoped set of features for select performance improvements, enterprise features and quality enhancements. https://blogs.windows.com/windowsexperience/2019/07/01/evolving-windows-10-servicing-and-quality-the-next-steps
2. The next feature update for Windows 10 (internal code name: 19H2) will have a new update option that will be available to devices running Windows 10, version 1903. 19H2 will be a scoped release with a smaller set of enhancements focused primarily on select performance improvements, enterprise features, and quality enhancements. For commercial customers, read the article to understand the impacts.
   https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Moving-to-the-next-Windows-10-feature-update-for-commercial/ba-p/732968
3. Windows Autopilot for existing devices now supports Hybrid Azure AD Join.
   https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-Autopilot-for-existing-devices-now-supports-Hybrid-Azure/ba-p/730408
4. Improving the Office app experience in virtual environments, including Windows 10 VDI and Windows Virtual Desktop.
   https://www.microsoft.com/en-us/microsoft-365/blog/2019/07/01/improving-office-app-experience-virtual-environments
5. Use Desktop Analytics and machine learning to get current and stay current, now available in public preview. With Desktop Analytics, it’s easier to deploy with confidence and keep your PCs up to date with the latest Windows 10 capabilities your employees need.
   https://www.microsoft.com/en-us/microsoft-365/blog/2019/07/08/desktop-analytics-machine-learning-get-current-stay-current
6. The blog for Windows Analytics has been retired. Visit the new Tech Community site for Desktop Analytics!
   https://techcommunity.microsoft.com/t5/Desktop-Analytics-Blog/Welcome-to-the-Tech-Community-for-Desktop-Analytics/ba-p/742982
7. Guide to try out Windows Autopilot white glove pre-provisioning with Windows 10, version 1903.
   https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Try-out-Windows-Autopilot-white-glove-pre-provisioning/ba-p/740502
8. MSIX Packaging Tool update – the July 2019 release includes popular customer asks, such as (1) support for apps that require restarts, (2) signing certification information as a global setting, and (3) setting the minimum version for converted apps to 1709 when you turn off enforce store versioning requirements.
   https://techcommunity.microsoft.com/t5/MSIX-Blog/MSIX-Packaging-Tool-July-2019-Release-Now-Available/ba-p/744006
9. Getting started with FSLogix profile containers on Azure Files in Windows Virtual Desktop.
   https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Getting-started-with-FSLogix-profile-containers-on-Azure-Files/ba-p/746477
10. Tactical considerations for creating Windows 10 deployment rings.
    https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Tactical-considerations-for-creating-Windows-deployment-rings/ba-p/746979
11. Microsoft Intune is excited to announce the general availability of administrative templates support for Windows 10 device configuration profiles. This feature received wide adoption during the public preview because it helps Windows administrators use the settings they are familiar with in group policy editor when they transition to cloud-attached management.
    https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Microsoft-Intune-announces-general-availability-of/ba-p/737412
12. The Microsoft Mechanics team has published a series of video tutorials to show you how to prepare, deploy, and optimize Windows Virtual Desktop.
    https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-Virtual-Desktop-How-to-set-up-your-environment/ba-p/757140
13. Administrative Templates (.admx) for Windows 10 May 2019 Update (1903) now available.
    https://www.microsoft.com/en-us/download/details.aspx?id=58495
14. MSIX Labs and Training Videos – Now Available! The MSIX Training Labs contain a series of hands-on exercises geared at enabling people to become more familiar with different aspects of MSIX. From the MSIX packaging tool, to adding a package support framework, or just becoming familiar with some of the command line tools, the labs are a great place to get started for folks looking to learn more about MSIX.
    https://techcommunity.microsoft.com/t5/MSIX-Blog/MSIX-Labs-and-Training-Videos-Now-Available/ba-p/768407
15. Upgrading Windows 10 devices with installation media different than the original OS install language. In this post, we will look at a scenario where a hypothetical multilingual organization wants to deploy Windows 10 to devices across multiple geographies in multiple languages. We’ll then outline the options that can be used to work around device install language issues and successfully deploy a Windows 10 feature update.
    https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Upgrading-Windows-10-devices-with-installation-media-different/ba-p/746126
16. Improvements for enterprises signing MSIX packages (Insider Preview). MSIX requires packages to be signed in order to be deployed. This helps us to offer integrity on the package being deployed and to ensure the contents being deployed are what was packaged from the developer or IT Pro.  While this is great, some customers found it problematic acquiring certificates within their enterprise.  In an upcoming Windows release will improve the tooling to enable signing of MSIX packages from your Azure Active Directory tenant.
    https://techcommunity.microsoft.com/t5/MSIX-Blog/Improvements-for-enterprises-signing-MSIX-packages-Insider/ba-p/772386

1. Microsoft Defender ATP alert categories are now aligned with MITRE ATT&CK framework tactics.
   https://techcommunity.microsoft.com/t5/Microsoft-Defender-ATP/Microsoft-Defender-ATP-alert-categories-are-now-aligned-with/ba-p/732748
2. Delivering major enhancements in Windows Defender Application Control with the Windows 10 v1903.
   https://www.microsoft.com/security/blog/2019/07/01/delivering-major-enhancements-in-windows-defender-application-control-with-the-windows-10-may-2019-update
3. Dismantling a fileless campaign: Microsoft Defender ATP next-gen protection exposes Astaroth attack.
   https://www.microsoft.com/security/blog/2019/07/08/dismantling-a-fileless-campaign-microsoft-defender-atp-next-gen-protection-exposes-astaroth-attack
4. Microsoft Intune is excited to announce general availability of Windows MDM Security Baselines. A new version of security baselines is also being released at the same time, identified as MDM Security Baseline for Spring 2019 Update (19H1). This is a new template that includes several new settings and some other updates.
   https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Microsoft-Intune-announces-general-availability-of-security/ba-p/737427
5. Upgrading Windows 10 devices with installation media different than the original OS install language. In this post, we will look at a scenario where a hypothetical multilingual organization wants to deploy Windows 10 to devices across multiple geographies in multiple languages. We’ll then outline the options that you can use to work around device install language issues and successfully deploy a Windows 10 feature update.
   https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Upgrading-Windows-10-devices-with-installation-media-different/ba-p/746126
6. Microsoft Defender ATP (MDATP) supports network connection monitoring from different levels of the operating system network stack. A challenging case is when the network uses a forward proxy as a gateway to the internet. The proxy acts as if it was the target endpoint. In these cases, simple network connection monitors will audit the connections with the proxy which is correct but has lower investigation value. MDATP supports advanced HTTP level sensor. By enabling this sensor, MDATP will expose a new type of events that surfaces the real target domain names.
   https://techcommunity.microsoft.com/t5/Microsoft-Defender-ATP/MDATP-Monitoring-network-connection-behind-forward-proxy-Public/ba-p/758274
7. Comprehensive protection for your credentials with Credential Guard and HVCI. The goal of Windows Defender Credential Guard is to make it incredibly difficult for malware to move laterally in an enterprise network and gain higher privileges. The theory is simple: prevent malware from stealing passwords, hopping boxes, and elevating privileges. An attacker is dead in the water if they can’t get credentials in the first place.
   https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Comprehensive-protection-for-your-credentials-with-Credential/ba-p/765314
8. Yet another step in building a world without passwords. Now announcing that you can go passwordless with the Public Preview of FIDO2 security keys support in Azure Active Directory. It means that you can now try out passwordless capabilities that allow you to roll out, at scale, FIDO2 security keys that will authenticate a user on a Windows 10 Azure AD joined device.
   https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Yet-another-step-in-building-a-world-without-passwords/ba-p/746784
9. Oftentimes, organizations require better control over their raw data. To answer this need, Microsoft Defender Advanced Threat Protection (MDATP) allows you to stream Advanced hunting events to Azure Event Hubs or to an Azure storage account. In this blog, I am going to demonstrate how to stream your Advanced hunting events to Azure storage account and set an Azure blob storage lifecycle rule to move old data to low-cost storage.
   https://techcommunity.microsoft.com/t5/Microsoft-Defender-ATP/MDATP-Streaming-API-Public-Preview-DIY-example/ba-p/769427
10. Microsoft Defender ATP (MDATP) Evaluation lab is now available in public preview! The evaluation lab allows you to create up to three machines with a click of a button. Each machine is provisioned for you by Microsoft Defender ATP and is available for all your testing needs for three days. They’ll come with the latest and greatest Windows 10 installed, they’ll be onboarded to your environment, and configured with all the Microsoft security baseline settings in place in audit mode.
    https://techcommunity.microsoft.com/t5/Microsoft-Defender-ATP/Microsoft-Defender-ATP-Evaluation-lab-is-now-available-in-public/ba-p/770271
11. Most machine learning models are trained on a mix of malicious and clean features. Attackers routinely try to throw these models off balance by stuffing clean features into malware. Monotonic models are resistant against adversarial attacks because they are trained differently: they only look for malicious features. The magic is this: Attackers can’t evade a monotonic model by adding clean features. To evade a monotonic model, an attacker would have to remove malicious features. One of the latest innovations in our protection technology is the addition of a class of hardened malware detection machine learning models called monotonic models to Microsoft Defender ATP‘s Antivirus.
    https://www.microsoft.com/security/blog/2019/07/25/new-machine-learning-model-sifts-through-the-good-to-unearth-the-bad-in-evasive-malware
12. Protect your device from malware with Windows Sandbox. Have you ever downloaded a program from a website or opened an email attachment thinking it was from someone you know, only to find out it was infected with a virus? Such actions can wreak serious havoc. Windows Sandbox allows you to run a program or open a file while keeping it apart from your device—almost as if it were on a totally separate computer.
    https://community.windows.com/en-us/stories/protect-your-device-from-malware-with-windows-sandbox
13. Modern security teams need to proactively, efficiently, and effectively hunt for threats across multiple attack vectors. To address this need, we’re giving a glimpse of new capabilities coming soon to threat hunting technology currently available in Microsoft Defender Advanced Threat Protection (MDATP).
    https://www.microsoft.com/security/blog/2019/07/29/evolution-of-microsoft-threat-protection-july-update
14. How Windows Defender Antivirus integrates hardware-based system integrity for informed, extensive endpoint protection. Recently, the Microsoft Defender ATP (MDATP) research team found a malicious system driver enabling a token swap attack that could lead to privilege escalation. In this blog, we’ll share our analysis of the said attack and discuss how Windows Defender Antivirus uses its unique visibility into system behaviors to detect dangerous kernel threats.
    https://www.microsoft.com/security/blog/2019/07/31/how-windows-defender-antivirus-integrates-hardware-based-system-integrity-for-informed-extensive-endpoint-protection
15. Microsoft Defender ATP (MDATP) includes a sandbox in each customer tenant, to detonate files in a safe environment and provides a rich and readable report of what the file can do – gain persistence, communicate to IP addresses, change the registry, etc… but in some case you want to run such analyses in your own sandbox or do reverse engineering work, with MDATP you can now download and inspect any file found on your network.
    https://techcommunity.microsoft.com/t5/Microsoft-Defender-ATP/Download-files-for-in-depth-investigation/ba-p/782078

1. Video (0:58) – It’s easy to forget what we were working on, especially when it was days or weeks ago. Timeline for Windows 10 PCs helps you jump back into something you were doing – like working on a document or browsing a website.
   https://www.youtube.com/watch?v=HvTJ8kGRi18
2. Sync your settings in Windows 10 allows some of the common personalization preferences to be synced to the cloud and applied to any PC you sign in to with your Microsoft account. By letting Windows 10 sync your settings, you can have a more consistent experience no matter which device you happen to be using.
   https://community.windows.com/en-us/stories/sync-your-settings-for-a-consistent-Windows-10-experience
3. Windows 10 Tip: Your Phone app gives you more to do with messages and photos.
   https://blogs.windows.com/windowsexperience/2019/07/01/windows-10-tip-your-phone-app-gives-you-more-to-do-with-messages-and-photos
4. Video (1:52) – Microsoft is moving past old ideas of sound design and designing sound with all senses in mind. Recognizing the way sound moves us, emotionally and physically, we are taking a different path to designing for sound holistically.
   https://www.youtube.com/watch?v=FQwAbIZKmc0
5. Thanks to the Windows 10 May 2019 Update, you’ll be able to take full advantage of the newest version of the Sticky Notes app. With this most recent version, you can sync and backup notes across your phone, laptop and desktop — all your devices.
   https://blogs.windows.com/windowsexperience/2019/07/22/windows-10-tip-sticky-notes-synced
6. Video (2:17) – Windows 101: Four simple ways to switch between Windows apps.
   https://community.windows.com/en-us/videos/windows-101-four-simple-ways-to-switch-between-windows-apps/J4s8Emhyo9g
7. Video (0:43) – Introduction to Dictation in Windows 10.Use dictation to convert spoken words into text anywhere on your PC. Dictation uses speech recognition, which is built into Windows 10, so there’s nothing you need to download or install to use it.
   https://www.youtube.com/watch?v=Gvv1wVUvt9U
8. Video (2:04) – Making the mouse pointers easier to see. These new settings aren’t just for users with low vision, learn the different ways you can use these settings.
   https://community.windows.com/en-us/videos/audio-description-making-the-mouse-pointers-easier-to-see/uw2d4jyshkU
9. Windows 10 Tip: The release of Emoji version 12.0 aims to better represent people with disabilities. You’ll now see mechanical limbs, sign language and hearing aids; as well as manual and motorized wheelchairs and two different versions of service animals.
   https://blogs.windows.com/blog/2019/07/29/windows-10-tip-emoji-12-%f0%9f%8e%89%e2%9c%a8%f0%9f%8e%8a
10. Capture and share videos with Game bar. Did you know that you could do more than just gaming? Videos are everywhere. We watch them for instruction and entertainment. With Windows 10, it has become super easy to take screenshots of your screen using the Snip & Sketch tool. But what if you want to record live video action? Game bar can do that too.
    https://community.windows.com/en-us/stories/capture-and-share-videos-with-game-bar

• The next version of Microsoft Edge: Enterprise evaluation and roadmap. Includes topics such as (1) cross-platform, modern web, (2) integrated IE11 mode, (3) simplifying deployment and management, (4) protecting customers’ data and privacy, and (4) user productivity at work.
  https://blogs.windows.com/msedgedev/2019/07/16/microsoft-edge-enterprise-evaluation-roadmap
• Microsoft’s Threat & Vulnerability Management solution is generally available as of June 30! We have been working closely with customers for more than a year to incorporate their real needs and feedback to better address vulnerability management. Our goal is to empower defenders with the tools they need to better protect against evolving threats, and we believe this solution will help provide that additional visibility and agility they need.
  https://www.microsoft.com/security/blog/2019/07/02/microsofts-threat-vulnerability-management-now-helps-thousands-of-customers-to-discover-prioritize-and-remediate-vulnerabilities-in-real-time
• Microsoft Defender ATP for Mac is here!  Generally available as of June 28, 2019.
  https://techcommunity.microsoft.com/t5/Microsoft-Defender-ATP/Microsoft-Defender-ATP-for-Mac-is-here/ba-p/743891
• Preparing your enterprise to eliminate passwords.
  https://www.microsoft.com/security/blog/2019/07/11/preparing-your-enterprise-to-eliminate-passwords
• Microsoft Security Response Center: a proactive approach to more secure code.
  https://msrc-blog.microsoft.com/2019/07/16/a-proactive-approach-to-more-secure-code
• Video (3:33) – Meet Abhi Gupta, a data and intelligence engineer has been using numbers and data analytics to Microsoft for better overall user experiences.
  https://community.windows.com/en-us/videos/meet-abhi-using-numbers-and-data-to-create-better-customer-experiences/1tX8RHixpMM
• CISO series: Better cybersecurity requires a diverse and inclusive approach to AI and machine learning.
  https://www.microsoft.com/security/blog/2019/07/31/ciso-series-cybersecurity-requires-diverse-inclusive-ai-machine-learning

Windows 10 news you can use, July 2019

Posted on July 1, 2019

Windows 10 news you can use, July 2019 edition. Insights into Windows 10 deployment & management, security & compliance, and productivity & accessibility.

1. Microsoft is often asked to help customers choose between Windows 10 Enterprise or Windows 10 Pro. Specifically to clarify the differences between the two editions, and the impact those differences might have to your organization. With that in mind, we decided to take a closer look at these conversations—and the key considerations when it comes to deciding between Windows 10 Enterprise and Windows 10 Pro for your organization—by talking with Nick and Shawn, two technical specialists focusing in Windows deployments.
   https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-Enterprise-vs-Windows-10-Pro-Modern-management/ba-p/720445
2. Webinar (59:52) – experts at Microsoft Core Services Engineering and Operations answered questions about their modern desktop and device management. They discussed the processes and tools used to support a wide range of scenarios as well as the use of Intune, SCCM, WUfB, Azure AD, and transition to modern management.
   https://www.microsoft.com/en-us/itshowcase/it-expert-roundtable-modern-desktop-and-device-management
3. Video (10:19) – A lot has evolved since the Windows Virtual Desktop (WVD) preview kicked off in March 2019. In this episode we review the progress the team has made to create a much easier Azure portal experience to setup and manage your WVD Host Pools.
   https://channel9.msdn.com/Shows/Tuesdays-With-Corey/Preview-Portal-update-to-Windows-Virtual-Desktop
4. Video (1:05) – Will the new chromium-based Microsoft Edge still be connected to Windows updates? Chris Heilmann talks about how Microsoft Edge updates will be delivered going forward.
   https://channel9.msdn.com/Blogs/One-Dev-Minute/Will-Edge-still-be-connected-to-Windows-updates–One-Dev-Question

1. Video (58:40) – In today’s world, device health is a pillar of security. Unmanaged devices are a powerful entry point for malicious parties, and it is vital that only healthy devices can access critical apps and data. Learn about device health, device security at Microsoft, and key investment areas Microsoft are pursuing.
   https://www.microsoft.com/en-us/itshowcase/speaking-of-security-device-health
2. Microsoft’s vision for Windows is one of a passwordless platform—a world where users don’t have to deal with the pains of a password. With the release of Windows 10, version 1903, we’re bringing Windows 10 closer to delivering our passwordless user and security promises, with new features that we’re excited for you to try.
   https://www.microsoft.com/security/blog/2019/06/10/advancing-windows-10-passwordless-platform
3. New documentation for building secure, privileged access workstations! Secured isolated workstations are critically important for the security of sensitive roles like administrators, developers, and operators of critical services. Build a secure client workstation with these detailed step by step instructions, including how to set up starting security controls.
   https://docs.microsoft.com/en-us/azure/active-directory/devices/concept-azure-managed-workstation
4. When hardening your deployment of Windows 10, how should you prioritize the hardware you buy, policies you enforce, controls you configure, and behavior your staff exhibit? To help you prioritize your endpoint hardening work, Microsoft is introducing a new taxonomy for security configurations for Windows 10.
   https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-security-configuration-framework/windows-security-configuration-framework
5. Beginning with Configuration Manager 1905 TP, you can install and manage the MBAM
   https://docs.microsoft.com/en-us/sccm/core/get-started/2019/technical-preview-1905#bkmk_bitlocker
6. Inside out: Get to know the advanced technologies at the core of Microsoft Defender ATP next generation protection. Much like how MDATP integrates multiple capabilities to address the complex security challenges in modern enterprises, Windows Defender AV next-generation protection engines provide industry-best detection and blocking capabilities.
   https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection
7. The evolution of Microsoft Threat Protection, June update. Game-changing capabilities for endpoint security with Microsoft Defender ATP (MDATP): protections for macOS, live response (new incident response action for SecOps teams), and how to try out the live response feature.
   https://www.microsoft.com/security/blog/2019/06/20/evolution-of-microsoft-threat-protection-june-update

1. Join us as we interview Windows enthusiasts around the world to hear how they’re putting Windows to work.
   https://community.windows.com/en-us/stories/Rohit-Langde
2. Microsoft Edge Experiment: Battery Life | Windows 10 May 2019 Update.
   https://www.youtube.com/watch?v=G9f5uzCi9k8
3. Video (0:18) on how to quickly share files with another PC during meetings.
   https://www.youtube.com/watch?v=k0NLIHdoh5Q
4. Video (3:43) on how wireless projection works in Windows 10.
   https://community.windows.com/en-us/videos/how-wireless-projection-works-in-windows-10/I7L_3tj9x6k
5. At Microsoft, we’re on a journey to empower every person on the planet, including people with disabilities, to achieve more. What’s new in the Windows 10 May 2019 Update for accessibility.
   https://blogs.windows.com/windowsexperience/2019/06/13/whats-new-in-windows-10-accessibility
6. New Windows 10 users – those who have new devices, new user accounts and clean installs – will see the new, greatly simplified, Start layout by default when they start up.
   https://blogs.windows.com/windowsexperience/2019/06/17/windows-10-tip-start-simplified
7. Video (4:06) – Remember the small things with Microsoft Sticky Notes. This app makes it easy to unclutter your desktop and sync your notes securely across your devices, so you can access them on any device.
   https://community.windows.com/en-us/videos/remember-the-small-things-with-microsoft-sticky-notes/fZj0WLxj-T0
8. Control the action with your eyes on Windows 10 PCs through four new games.
   https://blogs.windows.com/windowsexperience/2019/06/18/control-the-action-with-your-eyes-in-4-new-eyes-first-games-on-windows-10-pcs
9. Windows 10 Tip: light theme with the Windows 10 May 2019 Update.
   https://blogs.windows.com/windowsexperience/2019/06/24/windows-10-tip-new-windows-light-theme
10. Video (2:53) – Volume conversions using the Calculator app.
    https://community.windows.com/en-us/videos/windows-101-volume-conversions-using-the-calculator-app/rqCJJD054gg
11. Easier navigation with Windows 10 tablet mode. Using Tablet mode in Windows 10 can make it easier to browse the web and it can also free up room on your screen. But it isn’t just for touchscreen devices. This article will go over how to enter/exit Tablet mode followed by an overview of the information needed to navigate it.
    https://community.windows.com/en-us/stories/easier-navigation-with-windows-10-tablet-mode
12. Check out the most recent and greatest Edge features. From being able to mute tabs, to clutter-free printing, to various grammar tools.
    https://www.youtube.com/watch?v=i0gIzCZoaRU

• SCCM and Intune—now managing 175 million devices!
  https://www.microsoft.com/en-us/microsoft-365/blog/2019/06/24/sccm-intune-managing-175-million-devices
• Video (6:29) – Passwords are inherently insecure and requiring employees to change their corporate password every few months is frustrating and futile. By eliminating passwords, security is improved and employees have a much better experience. In this video the CISO at Microsoft, talks about why he is eliminating passwords.
  https://www.microsoft.com/en-us/itshowcase/microsofts-ciso-series-eliminating-passwords
• Video (25:02) – Windows 10 co-management vs. co-existence. Learn about Windows PCs in the modern workplace and what it means to manage them. They spend time delving into the reasons why co-management is better than co-existence and why ONLY Intune and ConfigMgr can provide co-management.
  https://channel9.msdn.com/Series/Endpoint-Zone/Endpoint-zone-1906-co-management-vs-co-existence
• Introducing Microsoft Edge preview builds for Windows 7, Windows 8, and Windows 8.1.
  https://blogs.windows.com/msedgedev/2019/06/19/introducing-microsoft-edge-preview-builds-for-windows-7-windows-8-and-windows-8-1
• New!  Microsoft channel for Windows Virtual Desktop on YouTube with 5 bite-sized videos to get you started.
  https://www.youtube.com/playlist?list=PLXPr7gfUMmKwKljQ3Zv0iVVftSZ6l8bKA
• Experts estimate that ransomware attacks are up over 600 percent. For most companies, the issue isn’t if a cyberattack is going to happen, but when. Some security experts advise that the best way to recover from a security breach is to plan for it before it happens. The team from Microsoft Security takes you through 1) strategies for building a plan for a cybersecurity attack, 2) four tips for sharing information with your customers, and 3) how to mitigate or prevent cyber incidents.
  https://www.microsoft.com/security/blog/2019/06/17/how-to-recover-from-a-security-breach

Windows 10 News You Can Use – June 2019

Posted on June 3, 2019

Windows 10 news you can use, June 2019 edition Providing insights into Windows 10 deployment & management, security & compliance, and productivity. Also see other news related to Windows 10.

What’s new in Windows 10, version 1903, and how to get it.

• For IT Pros: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/What-s-new-for-IT-pros-in-Windows-10-version-1903/ba-p/622024
• Windows Autopilot: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/The-latest-news-on-Windows-Autopilot/ba-p/614704
• Windows Update for Business: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/What-s-new-in-Windows-Update-for-Business-in-Windows-10-version/ba-p/622064
• ADK: https://docs.microsoft.com/windows-hardware/get-started/what-s-new-in-kits-and-tools
• Features removed: https://docs.microsoft.com/windows/deployment/planning/windows-10-1903-removed-features
• Windows Health Dashboard (i.e. known issues list): https://docs.microsoft.com/en-us/windows/release-information/status-windows-10-1903
• How to get the Windows 10 May 2019 Update: https://blogs.windows.com/blog/2019/05/21/how-to-get-the-windows-10-may-2019-update
• Updating Windows 10, version 1903 using Configuration Manager or WSUS: https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Updating-Windows-10-version-1903-using-Configuration-Manager-or/ba-p/639100

Calling all IT professionals! Join Microsoft on Tuesday, June 4th for a chance to get your questions about Windows 10 deployment, security, update management, device management, and productivity—and the latest Windows 10 feature update (1903)—answered by the experts behind the Windows 10 features and solutions built for IT.
https://techcommunity.microsoft.com/t5/Windows-10-AMA/June-4th-Windows-10-version-1903-AMA-for-IT-pros/m-p/624101

1. Deployment rings: The hidden [strategic] gem of Windows as a service. In speaking with customers who have successfully changed their internal IT culture by moving from project to process, we’ve learned that one of the keys to a successful, more self-service, peer-support-driven model is to create deployment rings for Windows 10 feature updates, and the adoption and use of data driven insights and analysis, in conjunction with the deployment rings.
   https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Deployment-rings-The-hidden-strategic-gem-of-Windows-as-a/ba-p/659622
2. Webcast Thursday 6/6/19: All you need to know about Windows Virtual Desktop.
   https://aka.ms/discoverWVD
3. Ask Microsoft Anything event 6/12/19: Windows Virtual Desktop.
   https://techcommunity.microsoft.com/t5/Windows-10-AMA/June-12th-Windows-Virtual-Desktop-AMA/m-p/623052#M372
4. All the news from Build 2019 on Microsoft Edge: A first look at new productivity concepts, privacy tools, and Internet Explorer mode for seamless enterprise compatibility.
   https://blogs.windows.com/msedgedev/2019/05/06/edge-chromium-build-2019-pwa-ie-mode-devtools
5. Video (0:50) introducing the future of Microsoft Edge.
   https://www.youtube.com/watch?v=dKmzyj-ovkg
6. Microsoft Mechanics video (17:51) stay ahead of Windows and Office deployments and updates with SCCM. See what’s new, get an explanation on your desktop deployment options, and hear about proven guidance for automating the process to move forward from older versions of Windows and Office. Microsoft 365 Director Jeremy Chapman runs it all down – from app delivery updates, to networking enhancements, deeper tool integration and better user experiences.
   https://www.youtube.com/watch?v=CYRnAmCD7ls
7. Video (30:40) in this really demo heave episode of The Endpoint Zone with Brad Anderson we look at when to use ConfigMgr and/or Intune and why co-management is a unique thing, that only Intune and ConfigMgr can do to manage Windows 10. Plus, why you would use them over other UEM solutions.
   https://channel9.msdn.com/Series/Endpoint-Zone/Endpoint-Zone-May-2019
8. Video (6:42) a Microsoft Mechanics look at the new Windows Autopilot capability called white glove in Windows 10 1903. Also, the latest Windows 10 Autopilot features that we’ve delivered in Windows 10 1809 and beyond.
   https://www.youtube.com/watch?v=nE5XSOBV0rI
9. Increasing transparency: the Windows health dashboard. As part of our commitment to increasing transparency, the new Windows release health dashboard is now live, offering timely information on the current rollout status and known issues (open and resolved) across both feature and monthly updates. The new dashboard provides a single page for each currently supported version of Windows so you can quickly search for issues by keyword, including any safeguard holds on updates, see the current status of each issue, and find important announcements. Watch this video (3:43) introducing the new Windows release health dashboard.
   https://community.windows.com/en-us/videos/the-windows-release-health-dashboard-more-than-just-known-issues/mTnAb9XjMPY
10. Starting with Windows 10, version 1903, devices utilizing the Update Compliance analytics service can now determine which of their managed devices are not receiving a feature update due to a hardware or software compatibility issue identified by Microsoft.
    https://docs.microsoft.com/en-us/windows/deployment/update/update-compliance-feature-update-status

1. Microsoft is excited to announce enhancements to BitLocker management capabilities in both Microsoft Intune and System Center Configuration Manager (SCCM), coming in the second half of 2019. Whether your management infrastructure is on-premises or in the cloud, robust BitLocker management is required for today’s enterprises to secure modern endpoints.
   https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Microsoft-expands-BitLocker-management-capabilities-for-the/ba-p/544329
2. With the release of Windows 10, version 1903, Windows Hello is a FIDO2 Certified authenticator. FIDO2 enables developers to leverage standards-based protocols and devices to provide users easy authentication to online services—in both mobile and desktop environments. https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-Hello-FIDO2-certification-gets-you-closer-to/ba-p/534592
3. Detecting credential theft through memory access modelling with Microsoft Defender ATP. MDATP, Microsoft’s unified endpoint protection platform, uses multiple approaches to detect credential dumping. In this post, we’ll discuss one of them: a statistical approach that models memory access to the Local Security Authority Subsystem Service (lsass.exe) process.
   https://www.microsoft.com/security/blog/2019/05/09/detecting-credential-theft-through-memory-access-modelling-with-microsoft-defender-atp
4. Announcing the all new Attack Surface Analyzer 2.0! It can help you identify potential security risks introduced by changes to an operating system’s security configuration by identifying changes in key area.
   https://www.microsoft.com/security/blog/2019/05/15/announcing-new-attack-surface-analyzer-2-0
5. Windows 10 attack surface reduction (ASR) rules help prevent malware from infecting computers with malicious code. Some of these rules aim to reduce your attack surface while you’re using Office applications. We’re extending a few of these ASR rules to include Office 365 desktop apps from the Microsoft Store.
   https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Updates-to-attack-surface-reduction-rules-for-Office-apps/ba-p/568951
6. Conducting a thorough forensic investigation of compromised machines is integral to incident response. However, it can be a challenging task because it requires the device to be in the corporate network and for additional software to be deployed, or for SecOps to have physical access to the device. That changes today, with the public preview of live response capabilities in Microsoft Defender ATP. Live response gives SecOps instantaneous access to a compromised machine regardless of location using a remote shell and gather any required forensic information.
   https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Incident-response-at-your-fingertips-with-Microsoft-Defender-ATP/ba-p/614894
7. In “Step 9. Protect your OS” of the Top 10 actions to secure your environment blog series, we provide resources to help you configure Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) to defend your Windows, macOS, Linux, iOS, and Android devices from advanced threats.
   https://www.microsoft.com/security/blog/2019/05/21/step-9-protect-your-os-top-10-actions-secure-your-environment
8. Windows Defender Application Guard, the hardware-based isolation technology on Windows 10 that allows Microsoft Edge to isolate browser-based attacks, is now available as a browser extension for Google Chrome and Mozilla Firefox.
   https://www.microsoft.com/security/blog/2019/05/23/new-browser-extensions-for-integrating-microsofts-hardware-based-isolation
9. Announcing an update to Microsoft Defender ATP: unified indicators of compromise (IoCs) experience. We’ve unified several different IoC lists and made the lists more accessible for interactive (portal) and automated (API) use. In addition, we aligned all detection and enforcement means to honor the unified list. The new schema supports several actions such as allow, alert-only, and alert and block. It also supports RBAC for fine-grained control over user access.
   https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Microsoft-Defender-ATP-unified-indicators-of-compromise-IoCs/ba-p/656415

1. Although the default settings for power use will probably work fine for most people, knowing how to conserve your battery can come in handy. Read on to learn how to find your power icon, learn tips and tricks for saving your battery life, troubleshoot common scenarios, and stay in control of your power options.
   https://community.windows.com/en-us/stories/windows-10-power-settings
2. Windows 10 Tip: Microsoft Edge toolbar for PDF actions.
   https://blogs.windows.com/windowsexperience/2019/05/13/windows-10-tip-microsoft-edge-pdf-improvements
3. Whether you’ve got your arms full of books or want to find an important document without scrolling through Search, Ease of Access dictation allows you to do it all hands-free.
   https://community.windows.com/en-us/stories/windows-10-dictation
4. For IT Pros: After upgrading to Win10 Insider build #18272 or later, Windows Console (E.g. launch Cmd, PowerShell, WSL, etc.) supports zoom in-and-out features. Hit and hold CTRL while scrolling your mouse wheel / trackpad.  You’ll also notice that Console now honors your Light/Dark Theme settings: If you are using the Dark Theme, your Console’s scrollbar is also dark-themed!
   https://devblogs.microsoft.com/commandline/windows-console-ctrl-scroll-to-zoom-and-dark-theme-scrollbar
5. Windows 101: Turning on airplane mode in Windows 10.
   https://community.windows.com/en-us/videos/windows-101-turning-on-airplane-mode-in-windows-10/YxbuvmlpJYo

• Gartner: 2018 update on How to Quantify the Changing Value of Windows 10 Enterprise E3 and E5.
  https://www.gartner.com/doc/reprints?id=1-6H0KMU1&ct=190402&st=sb
• Gartner SWOT analysis: Microsoft is now a security vendor. Technology product managers at security services providers can use this document to identify opportunities to reshape their product roadmaps and integrations based on Microsoft’s changed approach to security.
  https://www.gartner.com/doc/reprints?id=1-6494BWN&ct=190116&st=sb
• Today, we’re announcing general availability of Microsoft Search, an intelligent, enterprise search experience from Microsoft that applies the artificial intelligence technology (AI) from Bing and deep personalized insights surfaced by the Microsoft Graph, to make search more effective.
  https://techcommunity.microsoft.com/t5/Microsoft-SharePoint-Blog/Welcome-to-Microsoft-Search-intelligent-search-for-the-modern/ba-p/509097
• Windows has long been a leader in powering dedicated devices. Many of the ATMs, cash registers, and airport kiosks around the world run Windows Embedded 7. That operating system is based on Windows 7, whose support is ending on January 14, 2020. Similarly, Windows Embedded 7 extended support will end soon.  Now is the time to move to modern Windows 10 IoT—safer, smarter, cloud-ready.
  https://www.microsoft.com/en-us/microsoft-365/blog/2019/01/14/move-to-modern-windows-10-iot-safer-smarter-cloud-ready
• Experience provides guidance about which practices will reduce the odds of a security incident, and there are tools that can measure how effectively those practices have been implemented. The fourth e-book in this series, Understand & improve your security posture, delves into the tools available in Microsoft 365 to measure and improve enterprise security.
  https://www.microsoft.com/security/blog/2019/04/29/understand-improve-security-posture-microsoft-365
  https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2OdHf
• Microsoft Build 2019 on-demand sessions now available. Watch your favorite sessions again or catch up on a topic you missed.
  https://insider.windows.com/en-us/articles/microsoft-build-2019-sessions
• Introducing the first Microsoft Edge preview builds for macOS.
  https://blogs.windows.com/msedgedev/2019/05/20/microsoft-edge-macos-canary-preview
• Microsoft Defender ATP for Mac now in open public preview.
  https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Microsoft-Defender-ATP-for-Mac-now-in-open-public-preview/ba-p/634603
• New Windows IoT solutions at Computex show ingenuity at the intelligent edge.
  https://blogs.windows.com/windowsexperience/2019/05/28/new-windows-iot-solutions-at-computex-show-ingenuity-at-the-intelligent-edge
• Channel9 video (25:00) covering how the Windows Subsystem for Linux (WSL) can access and modify Linux files from Windows applications, going into deep dive level details on the underlying architecture.
  https://channel9.msdn.com/Shows/Going+Deep/How-WSL-accesses-Linux-files-from-Windows

Windows 10 News You Can Use – May 2019

Posted on May 6, 2019 Updated on May 6, 2019

Windows 10 news you can use, May 2019 edition Providing insights into Windows 10 deployment & management, security & compliance, and productivity. Also see other news related to Windows 10.

The next generation of Microsoft Edge! In December, we announced our intention to adopt the Chromium open source project in the development of Microsoft Edge on the desktop. Our goal is to work with the larger Chromium open source community to create better web compatibility for our customers and less fragmentation of the web for all web developers. Today we’re embarking on the next step in this journey – our first Canary and Developer builds are ready for download on Windows 10 PCs. Canary builds are preview builds that will be updated daily, while Developer builds are preview builds that will be updated weekly. Beta builds will come online in the future. Support for Mac and all supported versions of Windows will also come over time.
https://blogs.windows.com/windowsexperience/2019/04/08/microsoft-edge-preview-builds-the-next-step-in-our-oss-journey

1. Introducing the Microsoft Edge Insider Channels. The new Microsoft Edge builds are available through preview channels that we call “Microsoft Edge Insider Channels.” We are starting by launching the first two Microsoft Edge Insider Channels, Canary and Dev, which you can download and try at the Microsoft Edge Insider site. These channels are available starting today on all supported versions of Windows 10, with more platforms coming soon.
   https://blogs.windows.com/msedgedev/2019/04/08/microsoft-edge-preview-channel-details
2. Windows defines two main policies, Quick removal and Better performance, that control how the system interacts with external storage devices such as USB thumb drives or Thunderbolt-enabled external drives. Beginning in Windows 10 version 1809, the default policy is Quick removal. In earlier versions of Windows, the default policy was Better performance.
   https://support.microsoft.com/en-us/help/4495263/windows-10-1809-change-in-default-removal-policy-for-external-media
3. The benefits of Windows 10 Dynamic Update. Dynamic Update can help organizations and end users alike ensure that their Windows 10 devices have the latest feature update content (as part of an in-place upgrade)—and preserve precious features on demand (FODs) and language packs (LPs) that may have been previously installed. Further, Dynamic Update also eliminates the need to install a separate quality update as part of the in-place upgrade process. From an IT perspective, using Dynamic Update reduces the need to apply separate updates to recently installed systems and makes it easier to get your devices up to date with the latest available quality update in one step.
   https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/The-benefits-of-Windows-10-Dynamic-Update/ba-p/467847
4. Configuring Windows 10 defaults via Windows Autopilot using an MSI.
   https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Configuring-Windows-10-defaults-via-Windows-Autopilot-using-an/ba-p/457063
5. Configuring even more Windows 10 defaults via Windows Autopilot using an MSI.
   https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Configuring-more-Windows-10-stuff-via-Windows-Autopilot-using-an/ba-p/467861
6. Microsoft Helps video (1:30) on how to create a report of Mobile Device Manager (MDM) logs to diagnose enrollment or device management issues in Windows 10 devices managed by Intune.
   https://www.youtube.com/watch?v=WKxlcjV4TNE
7. Microsoft Helps video (10:27) on tips to manage and deploy updates for Surface and Window 10, including allowing firmware and security updates while holding off on feature updates as your organization evaluates each new release of Windows 10. This video walks through 5 management practices: an Overview of Defer Feature Updates, Windows feature update cycle, Office and Windows Configuration Manager update cycle, security updates, and Update compatibility with apps and hardware.
   https://www.youtube.com/watch?v=LK6RMRPJ4To
8. Microsoft Helps video (6:11) on how Windows Autopilot can transform how you deploy Surface and Windows 10 devices in your organization. Windows Autopilot set ups and pre-configures new devices, getting them ready to use. You can also use Windows Autopilot to reset, repurpose and recover devices. We’ll cover how it works as well as the user experience once they receive the device. Content includes: traditional vs. modern deployment, how Autopilot works, and setting up a device.
   https://www.youtube.com/watch?v=8D8ZN1RKChk

1. Microsoft Defender ATP built-in threat summary and health reports. The threat protection reporting dashboard provides alert information over time, as well as aggregated threat protection views. Knowing the trends and summaries in your organization can help identify where focused improvements can be made.
   https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Microsoft-Defender-ATP-built-in-threat-summary-and-health/ba-p/392088
2. Third-party kernel drivers are becoming a more appealing target for attackers and an important area of research for security analysts. A vulnerability in a signed third-party driver could have a serious impact: it can be abused by attackers to escalate privileges or, more commonly, bypass driver signature enforcement—without the complexity of using a more expensive zero-day kernel exploit in the OS itself. We discovered such a driver while investigating an alert raised by Microsoft Defender Advanced Threat Protection’s kernel sensors. In this blog post, we’d like to share our journey from investigating one Microsoft Defender ATP alert to discovering a vulnerability, cooperating with the vendor, and protecting customers.
   https://www.microsoft.com/security/blog/2019/03/25/from-alert-to-driver-vulnerability-microsoft-defender-atp-investigation-unearths-privilege-escalation-flaw
3. Microsoft Threat Experts is the managed threat hunting service in Microsoft Defender Advanced Threat Protection (ATP). It provides security operations centers (SOCs) with expert-level oversight and analysis to help ensure that critical threats in their unique environments are identified, investigated, and resolved. Get more details about the service here: Announcing Microsoft Threat Experts. Today, we are announcing the general availability of Microsoft Threat Experts targeted attack notification capability. Targeted attack notification, one of Microsoft Threat Experts’ two components, provides proactive hunting, prioritization, and alerts that are tailored to organizations. These alerts include as much information as can be quickly delivered to bring attention to critical threats, including timeline, scope of breach, and methods, to further empower SOCs to identify and respond to threats quickly and accurately.
   https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Microsoft-Threat-Experts-reaches-general-availability/ba-p/502493
4. Introducing the security configuration framework: A prioritized guide to hardening Windows 10.
   https://www.microsoft.com/security/blog/2019/04/11/introducing-the-security-configuration-framework-a-prioritized-guide-to-hardening-windows-10
5. Preview! Windows Defender Application Guard as browser extensions in Google Chrome and Mozilla Firefox. To extend our container technology to other browsers and provide customers with a comprehensive solution to isolate potential browser-based attacks, we have designed and developed Windows Defender Application Guard extensions for Google Chrome and Mozilla Firefox.
   https://docs.microsoft.com/en-us/windows-insider/at-work-pro/wip-4-biz-whats-new#windows-defender-application-guard-as-browser-extensions-in-google-chrome-and-mozilla-firefox
6. MDATP Threat & Vulnerability Management now publicly available! This is a new Microsoft Defender ATP component that helps effectively identify, assess, and remediate endpoint weaknesses and provides both security administrators and security operations teams with unique value, including: real-time endpoint detection and response (EDR) insights correlated with endpoint vulnerabilities, invaluable machine vulnerability context during incident investigations, built-in remediation processes through Microsoft Intune and SCCM.
   https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/MDATP-Threat-amp-Vulnerability-Management-now-publicly-available/ba-p/460977
7. At the RSA conference, we announced the general availability for Microsoft Defender ATP’s integration with Microsoft Cloud App Security – delivering a native integration to discover the cloud apps used in your organization. This is the first step towards enabling a seamless, zero deployment, native cloud app security solution that works any time any-where.
   https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Microsoft-Defender-ATP-amp-Microsoft-Cloud-App-Security/ba-p/457239
8. Announcing the general availability of Microsoft Defender ATP APIs – a rich and complete set of APIs geared to fulfill the needs of security operations teams, enabling interoperability with enterprise security applications and automation. These capabilities enable customers to integrate and orchestrate defenses across their solution stack and management systems to orchestrate Microsoft Defender ATP; enabling security teams to effectively respond to modern threats.
   https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Announcing-Microsoft-Defender-ATP-API-updates/ba-p/473462
9. In an ideal world, all your critical devices would be seen by, reported on, and protected by Microsoft Defender ATP, however we’re aware that there are legitimate scenarios where devices simply can’t be connected to the Internet or a management service. As such, we have released a whitepaper with all the info you need to understand how security is impacted by the unique challenges of being disconnected. It talks about the types of disconnected devices, and — most importantly — provides guidance on the various features and protection technologies you can use from Microsoft to protect these disconnected devices.
   https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Protecting-disconnected-devices-with-Microsoft-Defender-ATP/ba-p/500341

1. Windows 10 Tip: Dark theme in File Explorer.
   https://blogs.windows.com/windowsexperience/2019/04/01/windows-10-tip-dark-theme-in-file-explorer
2. Windows 10 Tip: Snip & Sketch. Since it’s available in the Microsoft Store, Snip & Sketch can update faster and more frequently. It’s already had four app updates with new features since it was introduced in the October 2018 Update.
   https://blogs.windows.com/windowsexperience/2019/04/08/windows-10-tip-snip-sketch
3. Windows 10 Tip: What’s new in Skype (consumer) for Windows 10 PCs.
   https://blogs.windows.com/windowsexperience/2019/04/15/windows-10-tip-whats-new-in-skype-for-windows-10-pcs
4. Windows 10 makes wireless projection
   https://community.windows.com/en-us/videos/windows-10-makes-wireless-projection-easy/MmOtnAToalo
5. Stay organized with Sticky Notes in Windows 10.
   https://community.windows.com/en-us/stories/windows-10-sticky-notes
6. Customize Microsoft Edge for better browsing.
   https://community.windows.com/en-us/stories/microsoft-edge-settings
7. Video (4:05) Windows 10 wireless projection makes it easy to present your work, share memories, and watch your favorite movies on a big screen without stepping out the door.
   https://www.youtube.com/watch?v=MmOtnAToalo
8. Video (2:48) Windows 101: Windows Calculator for easy length conversions.
   https://www.youtube.com/watch?v=0Uq1icFOmTs
9. Windows 10 Tip: See your top sites in the Jump List.
   https://blogs.windows.com/windowsexperience/2019/04/29/windows-10-tip-see-your-top-sites-in-the-jump-list

• Evolution of Windows IoT: The foundation for your intelligent edge.
  https://blogs.windows.com/windowsexperience/2019/04/03/evolution-of-windows-iot-the-foundation-for-your-intelligent-edge
• We’re excited to announce that the Microsoft 365 security center (https://security.microsoft.com) experience is now generally available and is providing customers with a world class platform and experience for securing the modern workplace across identity, devices, data, apps, and infrastructure.
  https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Microsoft-365-Security-Center-reaches-general-availability/ba-p/389656
• Video Tutorial: ConfigMgr current branch and the Microsoft cloud platform. The first session (in an 11-part series) is an introduction to the way ConfigMgr integrates with services in the Microsoft cloud platform. We discuss the options, introduce some terms and set the stage for the remaining sessions in the series.
  https://techcommunity.microsoft.com/t5/Configuration-Manager-Blog/Video-Tutorial-ConfigMgr-current-branch-and-the-Microsoft-cloud/ba-p/393355
• Secure access to your enterprise with Microsoft 365 Enterprise E5. The first e-book, Secure access to your enterprise, tells the story of Christina, Vice President of Operations, who is savvy about security, but is also very busy. The e-book gives you a real-world perspective on how the requirements of her job can put the enterprise at risk, even when she does everything right. Learn how Azure Active Directory (Azure AD) integrates with other security products in Microsoft 365 to reduce the likelihood that a user’s password will be stolen, detect when a user has been compromised, and to give you back control when a user is compromised.
  https://www.microsoft.com/security/blog/2019/04/03/secure-access-microsoft-365-enterprise-e5
• Microsoft Mechanics’ video (11:43) on an early look at Microsoft Threat Protection.  Harnesses trillions of threat signals from the Microsoft Intelligent Security Graph to secure your workplace using Microsoft Threat Protection. Security CVP Rob Lefferts shows you the unified single console for visibility of security threats across your identities, endpoints, email, user data, SaaS apps, infrastructure and more. See how this helps build and investigate a connected account of what’s going on in your environment. This includes built-in protections and how new AI-powered security playbooks dynamically hardens your environment through automated workflows.
  https://www.youtube.com/watch?v=3ge1aAm1jX0
• Surface Hub 2S advances Microsoft’s vision to empower teams in today’s modern workplace.
  https://blogs.windows.com/devices/2019/04/17/surface-hub-2s-advances-microsofts-vision-to-empower-teams-in-todays-modern-workplace
• Microsoft Edge on iOS and Android now supports conditional access and single sign-on.
  https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Microsoft-Edge-on-iOS-and-Android-now-supports-conditional/ba-p/476091

Windows 10 News You Can Use – April 2019

Posted on April 1, 2019

Windows 10 news you can use, April 2019 edition Providing insights into Windows 10 deployment & management, security & compliance, and productivity.

Helping IT reduce costs, increase security, and boost employee productivity, by Jared Spataro, Corporate Vice President for Microsoft 365.
https://www.microsoft.com/en-us/microsoft-365/blog/2019/03/21/helping-it-reduce-costs-increase-security-boost-employee-productivity

1. Windows 10, version 1809 designated for broad deployment.
   https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-version-1809-designated-for-broad-deployment/ba-p/389540
2. Minimize the impact of Windows 7 and Office 2010 End of Support on your business – a Microsoft webinar (recorded 3/21/19) will explore how businesses of all sizes can achieve more by shifting to a modern desktop.
   https://resources.office.com/en-us-landing-MinimizeTheImpactOfWindows7AndOffice2010.html
3. Installing and using DTrace, a dynamic tracing framework that allows an admin or developer to get a real-time look into a system either in user or kernel mode. Using these dynamically inserted trace points, you can filter on conditions or errors, write code to analyze lock patterns, detect deadlocks, etc.
   https://techcommunity.microsoft.com/t5/Windows-Kernel-Internals/DTrace-on-Windows/ba-p/362902
4. Announcing the public preview of Microsoft Windows Virtual Desktop. Now, all customers can access this service—the only service that delivers simplified management, a multi-session Windows 10 experience, optimizations for Office 365 ProPlus, and support for Windows Server Remote Desktop Services (RDS) desktops and apps. With Windows Virtual Desktop, you can deploy and scale your Windows desktops and apps on Azure in minutes and enjoy built-in security.
   https://www.microsoft.com/en-us/microsoft-365/blog/2019/03/21/windows-virtual-desktop-public-preview
5. On this [Microsoft Mechanics] show (12:43), we’ll take a closer look at Windows Virtual Desktop, now in public preview. See how you can give your users the only Windows 10 multi-session experience virtualized in the cloud and available on any device. Scott Manchester demonstrates how WVD delivers the best Office experience with multi-session virtual scenarios that virtualize persistent storage in a multi-session environment. Keep watching for a sneak peak of the next generation admin experience for WVD in the Azure portal.
   https://www.youtube.com/watch?v=30dOLcZ4_9U
6. With the public preview for Windows Virtual Desktop now available, we wanted to provide a quick overview of the steps required to get your environment up and running.
   https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Getting-started-with-Windows-Virtual-Desktop/ba-p/391054
7. In this [Microsoft Mechanics] show (16:17), CVP Brad Anderson demonstrates cold-booting his personal, highly-managed and secured Windows 10 device in under 20 seconds. We’ll also show new options to get to managed remote Windows sessions and apps across devices using the new Windows Virtual Desktop. And we show new streamlined management experiences for Microsoft 365 administrators as well as what you can do to set baseline protections and device configurations quickly using built-in Security Baselines in Microsoft Intune.
   https://www.youtube.com/watch?v=V1YfK0Kdhzs
8. What’s new to manage and secure your devices with Configuration Manager and Microsoft Intune.
   https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/What-s-new-in-Configuration-Manager-and-Microsoft-Intune-to/ba-p/369852

1. On November 29, 2018, MITRE published the results of their evaluation of several endpoint detection and response (EDR) solutions, testing them against a chain of attack techniques commonly associated with the APT3 activity group. MITRE avoided direct vendor comparisons, but this has not prevented participating vendors from claiming victory and leveraging the results in aggressive marketing campaigns. The evaluation highlighted Windows Defender Advanced Threat Protection’s (Windows Defender ATP) distinct, superior capabilities when compared with other participating vendors.
   https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/MITRE-evaluation-highlights-industry-leading-EDR-capabilities-in/ba-p/369831
2. Microsoft Intune security tasks extend Microsoft Defender ATP’s Threat & Vulnerability Management. Effectively identifying, assessing, and remediating endpoint weaknesses is pivotal in running a healthy security program and reducing organizational risk. Today, we are happy to introduce Microsoft Intune security tasks, a new one-click remediation capability in Microsoft 365 that bridges security stakeholders—security administrators, security operations, and IT administrators—by allowing them to collaborate and seamlessly remediate threats. This capability will extend the newly announced Microsoft Defender Threat & Vulnerability Management (TVM), a new component of Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP, previously Windows Defender ATP) that uses a risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations.
   https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Microsoft-Intune-security-tasks-extend-Microsoft-Defender-ATP-s/ba-p/369857
3. Introducing a risk-based approach to threat and vulnerability management. Threat & Vulnerability Management, a new, built-in capability that uses a risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations. This capability is coming to Microsoft Defender Advanced Threat Protection (ATP), our industry-leading unified endpoint security platform with an updated name that reflects the newly announced expanded coverage.
   https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Introducing-a-risk-based-approach-to-threat-and-vulnerability/ba-p/377845
4. Announcing Microsoft Defender ATP for Mac. Today, we’re announcing our advances in cross-platform next-generation protection and endpoint detection and response coverage with a new Microsoft solution for Mac. Core components of our unified endpoint security platform, including the new Threat & Vulnerability Management also announced today, will now be available for Mac devices.
   https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Announcing-Microsoft-Defender-ATP-for-Mac/ba-p/378010
5. Tamper protection in Microsoft Defender ATP is a new setting available which provides additional protections against changes to key security features, including limiting changes that are not made directly through the app. Enabling this feature prevents others (including malicious apps) from changing important protection features such as (a) Real-time protection, (b) Cloud-delivered protection, (c) IOAV, (d) Behavior monitoring. The feature also prevents the deletion of security intelligence updates and the disabling of the entire antimalware solution.
   https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Tamper-protection-in-Microsoft-Defender-ATP/ba-p/389571

1. Windows 10 Tip: Look up definitions for words in web pages, books and PDFs.
   https://blogs.windows.com/windowsexperience/2019/03/04/windows-10-tip-look-up-definitions-for-words-in-web-pages-books-and-pdfs
2. Announcing the Open Sourcing of Windows Calculator. This includes the source code, build system, unit tests, and product roadmap. Our goal is to build an even better user experience in partnership with the community. We are encouraging your fresh perspectives and increased participation to help define the future of Calculator.
   https://blogs.windows.com/buildingapps/2019/03/06/announcing-the-open-sourcing-of-windows-calculator
3. Find my device is a feature introduced in the 2015 Windows 10 update, allows you to locate your Windows device if it goes missing. The best part about Find my device is that it’s completely safe to use, and automatically included in Windows 10.
   https://community.windows.com/en-us/stories/microsoft-find-my-device
4. Windows 10 Tip for Microsoft Edge: Increase text spacing, choose themes and colors, and how to use the learning tools.
   https://blogs.windows.com/windowsexperience/2019/03/11/windows-10-tip-increase-text-spacing-and-choose-themes-and-colors-using-the-learning-tools-built-into-microsoft-edge
5. Manage and use virtual desktops like a pro in Windows 10.
   https://community.windows.com/en-us/stories/virtual-desktop-windows-10
6. Make Windows easier to see: bigger text and mouse pointer.
   https://community.windows.com/en-us/videos/make-windows-easier-to-see-bigger-text-and-mouse-pointer/DP33h9gDuFs
7. Windows 10 Tip: Improve focus as you read web articles.
   https://blogs.windows.com/windowsexperience/2019/03/18/windows-10-tip-improve-focus-as-you-read-web-articles
8. Windows 101: Three ways to personalize your PC background.
   https://community.windows.com/en-us/videos/windows-101-three-ways-to-personalize-your-pc-background/jWFJAlOq4Io
9. Whiteboard in Teams meetings integration, ink grab and ink beautification are here!
   https://techcommunity.microsoft.com/t5/Office-365-Blog/Whiteboard-in-Teams-meetings-integration-ink-grab-and-ink/ba-p/376979
10. Cloud clipboard: Copy & paste across your Windows 10 devices.
    https://community.windows.com/en-us/videos/cloud-clipboard-copy-paste-across-your-windows-10-devices/Aj-SpD-S0-c

• Data, insights and listening to improve the customer experience. The Windows Data Science team share some of the practices we’ve developed during the last few years to measure and improve the quality of Windows.
  https://blogs.windows.com/windowsexperience/2019/03/06/data-insights-and-listening-to-improve-the-customer-experience
• Windows 10 reaches 800 million devices globally!
  https://news.microsoft.com/bythenumbers/en/windowsdevices
• Understand top trends in the threat landscape, get Microsoft’s perspective on 2018 cybersecurity trends such as cryptocurrency mining, supply chain attacks, and phishing in the Security Intelligence Report, Volume 24.
  https://www.microsoft.com/en-us/security/operations/security-intelligence-report
• Microsoft end of support FAQ for Windows 7 and Office 2010.
  https://go.microsoft.com/fwlink/p/?linkid=2076687
• Microsoft Mechanic’s video (11:43) on an early look at Microsoft Threat Protection. Harnesses trillions of threat signals from the Microsoft Intelligent Security Graph to secure your workplace using Microsoft Threat Protection. Security CVP Rob Lefferts shows you the unified single consul for visibility of security threats across your identities, endpoints, email, user data, SaaS apps, infrastructure and more.
  https://youtu.be/3ge1aAm1jX0
• Evolution of macOS management capabilities in Microsoft Intune.
  https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Evolution-of-macOS-management-capabilities-in-Microsoft-Intune/ba-p/364553
• Spring 2019 edition of what’s new in System Center Configuration Manager (SCCM) and Microsoft Intune.
  https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/What-s-new-in-System-Center-Configuration-Manager-and-Microsoft/ba-p/369852

Windows 10 News You Can Use – March 2019

Posted on March 1, 2019

Windows 10 news you can use, March 2019 edition Providing insights into Windows 10 deployment & management, security & compliance, and productivity.

Are you looking understand that ROI for your investment in a Microsoft 365 modern desktop? Then look no further as Microsoft has created an interactive ROI model based upon a Forrester Consulting case study, “The Total Economic Impact Of The Modern Desktop With Microsoft 365” (as commissioned by Microsoft). By filling in simple values, you can determine a high-level estimate of the economic impact on your specific environment of migrating from on-premise third-party and Microsoft solutions to Microsoft 365 modern desktop.
https://tools.totaleconomicimpact.com/go/microsoft/modern-desktop

1. The perils of using Internet Explorer as your default browser. When enough is enough for technical debt and why customers shouldn’t just stay status quo.
   https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/The-perils-of-using-Internet-Explorer-as-your-default-browser/ba-p/331732
2. MSIX: Package Support Framework. Part One – The Blueprint.
   https://blogs.msdn.microsoft.com/sgern/2019/02/04/msix-package-support-framework-part-one-the-blueprint
3. We are excited to announce MSIX is now including support for Windows 10 versions 1709 and 1803, in addition to 1809 that is already supported. The new support enables distribution of MSIX packages within your enterprise using tools like System Center Configuration Manager, Microsoft Intune, PowerShell, double-click file deployments or installing directly from the APIs. This change does not include distribution from the Microsoft Store or Microsoft Store for Business, which will still require Windows 10 1809 or later.
   https://techcommunity.microsoft.com/t5/MSIX-Blog/MSIX-Support-for-Windows-10-1709-and-1803-MSIX-Packaging-Tool/ba-p/325749
4. Want more information on the Microsoft Managed Desktop service? Microsoft has updated the MMD website and added a useful new e-book on the service.
   https://www.microsoft.com/en-us/microsoft-365/modern-desktop/enterprise/microsoft-managed-desktop
5. With Windows 10, there was never actually a Semi-Annual Channel (Targeted), or SAC-T, release; rather, SAC-T merely reflected a milestone for the semi-annual release. Beginning with Windows 10, version 1903 (the next feature update for Windows 10), the Windows 10 release information page will no longer list SAC-T information for version 1903 and future feature updates. Instead, you will find a single entry for each new SAC release. If you use Windows Update for Business, then read these guidelines for how this change will reflect the removal of the SAC-T nomenclature.
   https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-Update-for-Business-and-the-retirement-of-SAC-T/ba-p/339523
6. Modern Desktop podcast – Windows 10 Application Compatibility. This episode (47:48) focuses on one of the biggest perceived pain points we hear from organizations getting ready for Windows 10 – Application Compatibility. We talk with Aleks Lopez and Robyn Nolan about the Windows Desktop App Assure program, as well as Chris Jackson, @appcompatguy, about the history of application compatibility over the various versions of Windows and where organizations are today.
   http://m365mdp.mpsn.libsynpro.com/windows-10-application-compatibility
7. Windows 10 monthly quality updates are cumulative, containing all previously released fixes to ensure consistency and simplicity. Microsoft introduces a new technique to build compact software update packages that are applicable to any revision of the base version, and then describe how Windows 10 quality updates uses this technique.
   https://docs.microsoft.com/en-us/windows/deployment/update/psfxwhitepaper

1. Tips to keep your devices and data safe using these simple security best practices.
   https://blogs.windows.com/windowsexperience/2019/02/07/keep-your-devices-and-data-safe-using-these-simple-security-best-practices
2. The keystone to good security hygiene is limiting your attack surface. Attack surface reduction (ASR) is a technique to remove or constrain exploitable behaviors in your systems. In this blog, we discuss the two ASR rules introduced recently and cover suggested deployment methods and best practices.
   https://cloudblogs.microsoft.com/microsoftsecure/2019/02/22/recommendations-for-deploying-the-latest-attack-surface-reduction-rules-for-maximum-impact
3. We have been recommending the use of TLS 1.2 and above for some time. To help provide guidance, we are pleased to announce the release of the Solving the TLS 1.0 Problem, 2nd Edition white paper. The goal of this document is to provide the latest recommendations that can help remove technical blockers to disabling TLS 1.0 while at the same time increasing visibility into the impact of this change to your own customers.
   https://www.microsoft.com/security/blog/2019/02/11/solving-the-tls-1-0-problem
4. Announcing Microsoft Threat Experts! This new managed threat hunting service in Windows Defender Advanced Threat Protection. It provides proactive hunting, prioritization, and additional context and insights that further empower Security Operations Centers to identify and respond to threats quickly and accurately.
   https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Microsoft-Threat-Experts-Case-studies-for-managed-threat-hunting/ba-p/358244

1. Microsoft puts people first by offering a wide range of Windows 10 accessibility features for users of many different abilities. Known internally as the Windows Accessibility team, the Input for Everyone team draws back a curtain for you to peek behind the scenes. Learn how Windows engineers are building accessibility features for all of us.
   https://community.windows.com/en-us/videos/windows-10-accessibility-features-empower-everyone/BseTf-4q9GA
2. In this video (1:53), meet Brett Humphrey, a Senior Program Manager on the Windows Accessibility team to learn more about his experience of going through school and using technology with low vision and translating Windows to people with different abilities.
   https://community.windows.com/en-us/videos/meet-brett-designing-windows-accessibility-features/Y_NJbE7wxlk
3. Video (2:15) – Windows Narrator gets more accessible with QuickStart. The new Narrator QuickStart app teaches users with low vision and blindness how to navigate Windows, browse the web, and learn more with Narrator user guide.
   https://www.youtube.com/watch?v=FVj0cfn2ugg
4. Windows 10 Tip: AI-powered PowerPoint Designer gets smarter.
   https://blogs.windows.com/blog/2019/02/04/windows-10-tip-ai-powered-powerpoint-designer-gets-smarter
5. In Windows 10, the People app allows you to forge better connections with your primary contacts by keeping you in the loop about important dates, upcoming commitments, and recent conversations.
   https://community.windows.com/en-us/stories/people-app-windows-10
6. Windows 101: Four ways to customize your taskbar.
   https://community.windows.com/en-us/videos/windows-101-four-ways-to-customize-your-taskbar/ORK2fNfbOUs
7. Windows 101: Unleash Windows superpower with right click. The right click on your mouse is capable of more than you know. Use it to gain instant access to all kinds of features and unleash your potential for productivity.
   https://www.youtube.com/watch?v=SNo_wdnfb-c
8. Video (2:57) – Minimize distractions with Windows 10 Focus assist. Don’t let interruptions get in the way of your productivity. Windows 10 Focus assist acts as a gatekeeper, so distractions remain at bay.
   https://www.youtube.com/watch?v=HXxlP2goRgo

• If you’re trying to decide what to buy between Office 365 and Office 2019, you’ll find there’s a world of difference between the two. To further help you choose, Microsoft pitted Office 2019 and Office 365 against each other in a head-to-head showdown, challenging three sets of twins to complete the same tasks in both versions of Word, Excel and PowerPoint – and filmed them along the way.
  https://blogs.windows.com/windowsexperience/2019/02/06/twins-take-on-multiple-challenges-of-office-2019-vs-office-365
• While we’ve talked about the guiding principles for monthly Windows 10 quality updates, it’s important to know that we have specific documentation on what is included in each of the updates to solve stability issues and protect against the latest security vulnerabilities, and why and how you should install them. That documentation can be found on the Windows 10 update history page, which is a collection of pages, one for every Windows update we release. Each page offers detailed information about each update, such as the type of update, which operating system versions it affects, improvements and fixes and how to get the update.
  https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Getting-to-know-the-Windows-update-history-pages/ba-p/355079
• Microsoft is frequently asked how they operate our Security Operations Center (SOC), particularly as orgs are integrating cloud into their enterprise estate. This is the first in a three-part blog series designed to share the approach and experience, so you can use what Microsoft has learned to improve your SOC. In Part 1: Organization, we start with the critical organizational aspects (organizational purpose, culture, and metrics).
  https://cloudblogs.microsoft.com/microsoftsecure/2019/02/21/lessons-learned-from-the-microsoft-soc-part-1-organization
• Windows 10 Mobile End of Support: FAQ.
  https://support.microsoft.com/en-us/help/4485197/windows-10-mobile-end-of-support-faq
• We’re announcing the general availability of Windows Defender ATP’s endpoint detection & response (EDR) capability for Windows 7 and Windows 8.1, helping customers achieve the best security possible while transitioning to Windows 10.
  https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Windows-Defender-ATP-s-EDR-capability-for-Windows-7-and-Windows/ba-p/355535
• Microsoft announces latest Windows IoT innovations for intelligent edge devices at Embedded World.
  https://blogs.windows.com/windowsexperience/2019/02/26/microsoft-announces-latest-windows-iot-innovations-for-intelligent-edge-devices-at-embedded-world

Windows 10 News You Can Use – February 2019

Posted on February 1, 2019

Windows 10 news you can use, February 2019 edition Providing insights into Windows 10 deployment & management, security & compliance, and productivity. Also see other news related to Windows 10.

With Windows 7 end of support coming in one year—January 14, 2020—and Office 2010 close behind, there’s an opportunity right now to be proactive about what’s next. 2019 is the year to make the shift to a modern desktop. Changes and upgrades in technology are inevitable, and there’s never been a better time to start putting in motion the things you need to do to shift your organization to a modern desktop with Microsoft 365. As you think about this upgrade, this is a time to consider how your approach can set you up for the future to deliver an incredible experience for your users that is empowering and secure.
https://www.microsoft.com/en-us/microsoft-365/blog/2019/01/14/2019-is-the-year-to-make-the-shift-to-a-modern-desktop

1. To streamline update management and eliminate the need for on-premises infrastructure to deploy feature and quality updates, Microsoft CSEO implemented Windows Update for Business (WUfB). It provides centralized management and reduces the level of effort required to keep Windows 10 devices up to date. With WUfB we can control how and when Windows 10 devices at Microsoft receive updates, configure restart policies for enforcement, and use analytics services to monitor our update compliance. See this case study on keeping Windows 10 devices up to date with Microsoft Intune and Windows Update for Business.
   https://www.microsoft.com/itshowcase/Article/Content/1083/Keeping-Windows-10-devices-up-to-date-with-Microsoft-Intune-and-Windows-Update-for-Business
2. Starting with the next major update we’re making a few changes to how Windows 10 manages disk space. Through reserved storage, some disk space will be set aside to be used by updates, apps, temporary files, and system caches. Our goal is to improve the day-to-day function of your PC by ensuring critical OS functions always have access to disk space.
   https://blogs.technet.microsoft.com/filecab/2019/01/07/windows-10-and-reserved-storage
3. Application compatibility in the Windows ecosystem. In this installment of Microsoft’s quality blog series, Mete Goktepe from the Windows Application Compatibility team describes the various programs and technologies used to improve app compatibility.
   https://blogs.windows.com/windowsexperience/2019/01/15/application-compatibility-in-the-windows-ecosystem
4. What’s new in Windows 10 management support with Microsoft Intune (January 2019).
   https://docs.microsoft.com/en-us/intune/whats-new#week-of-january-7-2019
5. Updated and improved documentation and guidance! Find the tools and resources you need to deploy and support Windows as a service in your organization.
   https://docs.microsoft.com/en-us/windows/deployment/update/windows-as-a-service
6. Starting with Windows 10, v. 1809, WinPE is an add-on to the Windows Assessment and Deployment Kit (ADK). Previously it was included in the ADK. To get Windows PE, install the ADK, and then install the WinPE addon.
   https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/winpe-intro
7. Simplifying device management with Microsoft Intune and Windows Autopilot. Case studies for adoption within the education sector.
   https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Simplifying-device-management-for-schools-with-Microsoft-Intune/ba-p/324726

1. Announcing Windows Defender Application Guard availability in Windows 10 Professional. Now, like Windows 10 Enterprise users, Windows 10 Pro users can navigate the Internet in Application Guard knowing their systems are safe from common web-based attacks. It is available now to our awesome Windows Insider community to give it a try and provide feedback. Plus a guide on steps to enable this cutting edge experience on the latest Windows Insider Preview build.
   https://techcommunity.microsoft.com/t5/Windows-Insider-Program/Announcing-WDAG-in-PRO-SKU/td-p/133395
2. Windows Defender ATP automated machine tagging in just a few simple steps. This blog explains how the APIs for WDATP can help a SOC analyst triage alerts more efficiently.
   https://techcommunity.microsoft.com/t5/Threat-Intelligence/Automated-machine-tagging-in-just-a-few-simple-steps/m-p/309377#M37
3. Windows Defender ATP integrates with Microsoft Information Protection to discover, protect, and monitor sensitive data on Windows.
   https://cloudblogs.microsoft.com/microsoftsecure/2019/01/17/windows-defender-atp-integrates-with-microsoft-information-protection-to-discover-protect-and-monitor-sensitive-data-on-windows-devices
4. Microsoft Intune introduces MDM Security Baselines to secure the modern workplace. Microsoft has years of experience publishing security baselines as Group Policy Objects in the Security and Compliance Toolkit (SCT). Customers have trusted this toolkit for years to provide templates to configure security baselines through Group Policy. Microsoft Intune now brings the same collective knowledge and expertise to secure the modern desktop with MDM security baselines. These security baselines in the Intune service leverage the greatly expanded manageability of Windows 10 using Mobile Device Management (MDM).
   https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Microsoft-Intune-introduces-MDM-Security-Baselines-to-secure-the/ba-p/313442

1. Windows 10 Tip: Microsoft Forms to create, run and analyze results from surveys and quizzes.
   https://blogs.windows.com/windowsexperience/2018/12/31/windows-10-tip-microsoft-forms
2. Windows 10 Tip: Using the Your Phone app to get instant access to your Android phone’s photos and texts on your computer – no need to dig for your phone to text or email yourself photos.
   https://blogs.windows.com/blog/2019/01/07/windows-10-tip-your-phone
3. Windows 10 Tip: Timeline for phone. Timeline makes it way easier to find what matters to you across your devices. You can also pick up what you were doing – even if it was on your iOS or Android device – on your Windows 10 PC when you’re ready to get back to it.
   https://blogs.windows.com/windowsexperience/2019/01/14/windows-10-tip-timeline-for-phone
4. Copy and paste across Windows 10 devices using cloud clipboard.
   https://community.windows.com/en-us/stories/cloud-clipboard-windows-10
5. Love Snipping Tool? Snip & Sketch allows you to do even more with your snips. Watch this video (3:38) to learn about its history and what the most recent update means for you.
   https://community.windows.com/en-us/videos/snipping-tool-gets-on-with-the-times-as-snip-sketch/NjFpdWKLXUk
6. Transfer your photos from phone to PC without a cable.
   https://community.windows.com/en-us/stories/transfer-photos-from-phone-to-pc
7. To protect against device loss or damage and to provide anywhere access to files, we recommend storing them in Office 365. Last June we announced Known Folder Move (KFM) in OneDrive for customers on Windows 7, 8.1 and Windows 10. Known Folder Move provides an easy way to redirect your desktop documents and folders to OneDrive, making OneDrive the default location for those files. Today we are announcing a new capability that makes it easier for you to create and save your Word, Excel, or PowerPoint document directly to the cloud. When you go to save an Office365 document, the new dialog box will default to OneDrive or SharePoint Online. And if you forget to save a new document before exiting, you will also see this updated save experience.
   https://techcommunity.microsoft.com/t5/Office-365-Blog/Save-your-files-to-the-cloud-more-easily/ba-p/325133
8. Windows 10 Tip: Track multiple time zones with world clock.
   https://community.windows.com/en-us/videos/windows-101-track-multiple-time-zones-with-world-clock/oU8-R4t5aws
9. Windows 10 Tip: New pen gestures make it easier to edit Word documents.
   https://blogs.windows.com/windowsexperience/2019/01/28/windows-10-tip-new-pen-gestures-make-it-easier-to-edit
10. A faster and easier way to stay on top of your tasks – Cortana with Microsoft To-Do.
    https://blogs.windows.com/windowsexperience/2019/01/25/a-faster-and-easier-way-to-stay-on-top-of-your-tasks-cortana-with-microsoft-to-do
11. With the Windows 10 October 2018 Update, Narrator (Windows screen reader) has become more accessible. The new Narrator QuickStart app teaches users with low vision and blindness how to navigate Windows, browse the web, and learn more with Narrator user guide.
    https://community.windows.com/en-us/videos/windows-narrator-gets-more-accessible-with-quickstart/FVj0cfn2ugg

• New and updated site for the Modern Desktop Deployment and Management Lab along with refreshed summary information on the lab content.
  https://docs.microsoft.com/en-us/microsoft-365/enterprise/modern-desktop-deployment-and-management-lab
• Announcing new advanced security and compliance offerings for Microsoft 365. Today, were introducing two new offerings to help address the security and compliance needs in an age of increasingly sophisticated cybersecurity threats as well as complex information protection needs due to regulations like GDPR. The new Identity & Threat Protection and Information Protection & Compliance packages will be available for purchase on February 1, 2019.
  https://www.microsoft.com/en-us/microsoft-365/blog/2019/01/02/introducing-new-advanced-security-and-compliance-offerings-for-microsoft-365
• Video (0:30). You wouldn’t expect two football players to make a second career out of cupcakes, but that’s exactly what former NFL teammates Brian Orakpo and Michael Griffin have done. And the new Surface Pro 6 is helping them every step of the way. From setting up schedules to creating social media promotions, the Surface does everything they need. It’s light, superfast and has a great battery life. The new Surface Pro 6. More power. More speed.
  https://www.youtube.com/watch?v=XmQ-yhCO3XE&feature=youtu.be
• Many of the ATMs, cash registers, and airport kiosks around the world run Windows Embedded 7. That operating system is based on Windows 7, whose support is ending on January 14, 2020. Move to modern. Windows 10 IoT—safer, smarter, cloud-ready.
  https://www.microsoft.com/en-us/microsoft-365/blog/2019/01/14/move-to-modern-windows-10-iot-safer-smarter-cloud-ready
• The evolution of Microsoft Threat Protection, January update.
  https://cloudblogs.microsoft.com/microsoftsecure/2019/01/16/the-evolution-of-microsoft-threat-protection-january-update
• Microsoft’s Cyber Defense Operations Center shares best practices and details the state of online security, threat actors and the sophisticated tactics they employ to advance their goals. Also, details on how the CDOC combats these threats and helps customers protect their sensitive applications and data.
  https://blogs.technet.microsoft.com/msrc/2019/01/23/cdoc-best-practices
• Introducing new features in Microsoft 365 to help prepare for the next wave of privacy regulations.
  https://www.microsoft.com/en-us/microsoft-365/blog/2019/01/29/introducing-new-features-in-microsoft-365-to-help-prepare-for-the-next-wave-of-privacy-regulations

Windows 10 News You Can Use – January 2019

Posted on January 2, 2019 Updated on December 27, 2018

Windows 10 news you can use, January 2019 edition Providing insights into Windows 10 deployment & management, security & compliance, and productivity. Also see other news related to Windows 10.

Do you deploy, configure, secure, manage, and monitor devices and client applications in an enterprise environment? Do you manage identity, access, policies, updates, and apps and collaborate with the M365 Enterprise Administrator to design and implement a device strategy that meets the business needs of a modern organization? Are you familiar with M365 workloads and proficient in deploying, configuring, and maintaining Windows 10 and non-Windows devices and technologies? If so, it’s time to earn your Modern Desktop Administrator certification!
https://www.microsoft.com/en-us/learning/community-blog-post.aspx?BlogId=8&Id=375176

1. Microsoft 365 enables customers to shift to a modern desktop experience puts it at the heart of workplace transformation. A modern desktop with Windows 10 and Office 365 not only offers the most productive and most secure computing experience, it also saves IT time and money, and allows for a focus on driving business results. For many companies, their specific needs require a modern desktop be virtualized. To help extend our virtualization capabilities and provide an even richer experience for Microsoft 365 customers, we are excited to announce the acquisition of FSLogix. FSLogix is a next-generation app-provisioning platform that reduces the resources, time and labor required to support virtualization. From small businesses to very large global enterprises across numerous industries, FSLogix solutions enhance customer experience and productivity, while reducing support requirements for IT departments.
   https://blogs.microsoft.com/blog/2018/11/19/microsoft-acquires-fslogix-to-enhance-the-office-365-virtualization-experience
2. Microsoft is excited to announce that we are named a Leader for Enterprise Mobility + Security (EMS) in the inaugural Forrester Wave: Unified Endpoint Management, Q4 2018. Forrester notes in the report that, Microsoft’s release of co-management in late 2017 has bolstered the company’s ability to serve advanced Windows 10 management use cases and provides a flexible path for customers to test out modern management. Forrester also recognizes Microsoft for having the some of the strongest security capabilities in the evaluation of 12 vendors.
   https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Microsoft-is-a-Leader-in-The-Forrester-Wave-Unified-Endpoint/ba-p/294820
3. Traditionally, the desktop management scenario for most enterprises has been one where all users and devices are located on-site with a direct network connection. That’s been the state of things for years. But the workplace is changing. More of your users work remotely full-time; some never set foot in your physical facilities. If you do the initial setup for a Windows 10 device on-premises, you start out in control. But if those devices are distributed to your remote workforce, how do you maintain control? How do you make sure user devices are secure and up-to-date while keeping the update process simple and hassle-free? In short, you implement a modern desktop management strategy.
   https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Modernize-desktop-management-with-Azure-Active-Directory/ba-p/295899
4. New Microsoft site for the latest information and guidance on Windows as a Service! Find the tools and resources you need to help deploy and support WaaS in your organization.
   https://docs.microsoft.com/en-us/windows/deployment/update/windows-as-a-service
5. Renaming Windows 10 devices using Microsoft Intune
   https://blogs.technet.microsoft.com/meamcs/2018/12/06/intune-device-management-renaming-windows-10-devices
6. Windows Transport converges on two Congestion Providers: Cubic and LEDBAT. In the heart of the Windows kernel there is a networking stack. At the heart of the networking stack there is a layer called Transport and Transport contains a suite of algorithms called Congestion Providers. This post takes a look at the difference between the two along with a deeper view into the difference between them using the example of a software update being delivered by SCCM.
   https://blogs.technet.microsoft.com/networking/2018/11/07/windows-transport-converges-on-two-congestion-providers-cubic-and-ledbat
7. Evaluating Windows 10 Delivery Optimization and its impact to your network at the device level as well as across the organization with Windows Analytics’ Update Compliance.
   https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Measuring-Delivery-Optimization-and-its-impact-to-your-network/ba-p/301809
8. Gartner: Rethink Windows 10 Long Term Servicing Branch (LTSB / LTSC) Deployment Based on Microsoft’s Updated Guidance – refreshed August 2018.
   https://www.gartner.com/doc/reprints?id=1-3V8VD56&ct=170309&st=sb
9. Modern desktop servicing: the year in review. Since Windows 10 first shipped, and the Windows as a service model was introduced, we have heard you talk about three common concerns: application compatibility, end user interruption, and network bandwidth impact. I’m happy to report that, in 2018, we made significant progress in addressing each of these concerns.
   https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Modern-desktop-servicing-the-year-in-review/ba-p/304395
10. New! Microsoft 365 Modern Desktop podcast channel.  In this series, we’ll explore the good, the bad, and yes the ugly of servicing and delivery for Windows 10 and Office ProPlus. We’ll talk about modern desktop management through Enterprise Mobility, security, even Cloud attached and co-managed environments.
    http://m365mdp.mpsn.libsynpro.com
11. Driver quality in the Windows ecosystem. Ensuring Windows 10 works great with all the devices and accessories our customers use is a top priority for our team. There are millions of configurations of hardware and driver combinations in the Windows ecosystem, allowing for great customer choice and unlocking opportunity for partners. We work closely with this broad mix of partners to test new drivers, monitor health characteristics over time, and make Windows and our ecosystem more resilient architecturally. In this blog, part of our series on the Windows approach to quality, Tom Frankum from our Silicon, Graphics and Media team will provide more detail about the work we do to improve Windows driver quality.
    https://blogs.windows.com/windowsexperience/2018/12/19/driver-quality-in-the-windows-ecosystem
12. Modern desktop servicing: the year in review. 2018 was a pivotal year for the modern desktop and the servicing transformation journey we have been taking with you and your organization. With that in mind, I thought it would be good to look back and recap the progress that has been made, highlight significant events, and provide insight into what 2019 has in store.
    https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Modern-desktop-servicing-the-year-in-review/ba-p/304395

1. Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers. Microsoft customers using the complete Microsoft Threat Protection solution were protected from the attack. Behavior-based protections in multiple Microsoft Threat Protection components blocked malicious activities and exposed the attack at its early stages. Office 365 Advanced Threat Protection caught the malicious URLs used in emails, driving the blocking of said emails, including first-seen samples. Meanwhile, numerous alerts in Windows Defender Advanced Threat Protection exposed the attacker techniques across the attack chain.
   https://cloudblogs.microsoft.com/microsoftsecure/2018/12/03/analysis-of-cyberattack-on-u-s-think-tanks-non-profits-public-sector-by-unidentified-attackers
2. Insights from the MITRE ATT&CK-based evaluation of Windows Defender ATP. In MITREs evaluation of endpoint detection and response solutions, Windows Defender Advanced Threat Protection demonstrated industry-leading optics and detection capabilities. The breadth of telemetry, the strength of threat intelligence, and the advanced, automatic detection through machine learning, heuristics, and behavior monitoring delivered comprehensive coverage of attacker techniques across the entire attack chain.
   https://cloudblogs.microsoft.com/microsoftsecure/2018/12/03/insights-from-the-mitre-attack-based-evaluation-of-windows-defender-atp
3. Video (1:57) on the Windows channel on YouTube features how Windows Information Protection (WIP) helps prevent users from accidentally copying work data to personal sites.
   https://youtu.be/1s09SrwxccM
4. Remote Use of Local Accounts: LAPS Changes Everything. Aaron Margosis of Microsoft revisits the question about whether and when to block the use of local accounts, particularly for remote administration.
   https://blogs.technet.microsoft.com/secguide/2018/12/10/remote-use-of-local-accounts-laps-changes-everything
5. Microsoft has put a lot of effort in Hyper-V security. Hyper-V, and the whole virtualization stack, runs at the core of many of our products: cloud computing, Windows Defender Application Guard, and technology built on top of Virtualization Based Security (VBS). Read more from Microsoft’s Security Research & Defense about the first steps in Hyper-V security research including an intro to the virtualization stack, the debugging environment, and addressing the attack surface inside and outside the hypervisor.
   https://blogs.technet.microsoft.com/srd/2018/12/10/first-steps-in-hyper-v-research
6. One of our goals in the Microsoft Security Response Center (MSRC) is to be more transparent with security researchers and our customers on the criteria we use for determining when we intend to address a reported vulnerability through a security update. Our belief is that improving transparency on this topic helps provide clarity on how we assess risk, sets expectations for the types of vulnerabilities that we intend to service, and facilitates constructive dialogue as the threat landscape evolves over time. In September 2018, the first version of the security servicing criteria for Windows was announced; it’s expected that this will be a living document that evolves over time as Microsoft continues the dialogue with the community on this topic.
   https://blogs.technet.microsoft.com/srd/2018/09/10/microsoft-security-servicing-criteria-for-windows
7. Windows Defender ATP has protections for USB and removable devices. We know, unfortunately, that people will plug in devices with unknown history (and that there are also attackers out there who directly attempt to control devices without relying on social engineering). These devices could be the source of malware infections that use USB and other removable devices to get initial access to a system or network. This vector of attack falls under social engineering in this case, appealing to our weakness for shiny things: when we see a free item were inclined to take it. To help protect against these attacks, you can prevent any removable device from being seen and interacted with by blocking users from using any removable device on the machine.
   https://cloudblogs.microsoft.com/microsoftsecure/2018/12/19/windows-defender-atp-has-protections-for-usb-and-removable-devices
8. Tackling phishing with signal-sharing and machine learning.With ML-based detection of malicious PDF files used for phishing, Windows Defender ATP uses multiple layers of machine learning models to correctly identify malicious content. Most attacks are caught by the first few layers, which swiftly make a verdict and protect customers at first sight during the early stages of attacks. More sophisticated attacks may need the more complex classifiers in further layers, which take more time but make sure additional protections catch attacks that evade the first, faster classifiers.
   https://cloudblogs.microsoft.com/microsoftsecure/2018/12/19/tackling-phishing-with-signal-sharing-and-machine-learning
9. Mitigating Spectre variant 2 with Retpoline on Windows.
   https://techcommunity.microsoft.com/t5/Windows-Kernel-Internals/Mitigating-Spectre-variant-2-with-Retpoline-on-Windows/ba-p/295618
10. How many times have you downloaded an executable file, but were afraid to run it? Have you ever been in a situation which required a clean installation of Windows, but didn’t want to set up a virtual machine? Windows Sandbox is a new lightweight desktop environment tailored for safely running applications in isolation.
    https://techcommunity.microsoft.com/t5/Windows-Kernel-Internals/Windows-Sandbox/ba-p/301849

1. Microsoft Edge: Making the web better through more open source collaboration.
   • Microsoft has meaningfully increased participation in the open source software (OSS) community, becoming one of the world’s largest supporters of OSS projects. Microsoft intends to adopt the Chromium open source project in the development of Microsoft Edge on the desktop to create better web compatibility for our customers and less fragmentation of the web for all web developers.
     http://blogs.windows.com/windowsexperience/2018/12/06/microsoft-edge-making-the-web-better-through-more-open-source-collaboration
   • TL;DR documentation to explain the Microsoft Edge team’s plans and intentions related to Microsoft Edge and clarify the Chromium open-source project on how the work will proceed.
     https://github.com/MicrosoftEdge/MSEdge
   • Recapping Joe Belfiore’s announcements surrounding Microsoft Edge and open source.Alongside this announcement, we shared documentation describing our open source principles and initial areas of focus.
     http://blogs.windows.com/msedgedev/2018/12/07/recapping-open-source-announcements
2. Introducing the Office app for Windows 10! Last year, we updated Office.com with a new experience focused on two simple things: helping users get the most out of Office and getting them back into their work quickly. The streamlined site has clearly resonated with customers, and now more than 40 percent of Office 365 web users start their work by visiting Office.com. Starting today, we’re bringing this experience to Windows 10 in the form of an app, simply called Office. It’s now available to Windows Insiders (Fast) and will roll out to all Windows 10 users soon. The app itself is free and it can be used with any Office 365 subscription, Office 2019, Office 2016, or Office Online—the free web-based version of Office for consumers.
   https://www.microsoft.com/en-us/microsoft-365/blog/2018/12/19/introducing-the-office-app-for-windows-10
3. Windows 10 Tip: Name your tile folders. To create a tile folder in Start, just drag one tile on top of another for a second, then release. Continue dropping as many tiles into the folder as you’d like. When you expand the folder, you’ll see a new option to name it.
   http://blogs.windows.com/windowsexperience/2018/12/03/windows-10-tip-name-your-tile-folders
4. Windows key is the most powerful button on your keyboard. The Windows community shows you how to effectively search and find anything on your computer using only it. Whether you’re looking for that image you saved to one of your folders or need to look up weather for your trip, Windows key can help.
   https://community.windows.com/en-us/videos/windows-101-use-windows-key-to-unlock-search-possibilities
5. Five Microsoft Edge features to boost productivity while browsing.
   https://community.windows.com/en-us/stories/microsoft-edge
6. Microsoft Whiteboard advancements: now more colorful and customizable than ever.
   https://techcommunity.microsoft.com/t5/Office-365-Blog/Microsoft-Whiteboard-now-more-colorful-and-customizable-than/ba-p/296947
7. Windows 10 Tip: the Windows 10 October 2018 Update comes SwiftKey intelligence.
   https://blogs.windows.com/blog/2018/12/10/windows-10-tip-swiftkey
8. Windows 10 Tip: Schedule items by dragging a task to your calendar.
   http://blogs.windows.com/windowsexperience/2018/12/16/windows-10-tip-schedule-items-by-dragging-a-task-to-your-calendar
9. Windows 10 Tip: Find files quickly using Quick access.
   https://community.windows.com/en-us/stories/quick_access
10. Windows 10 Tip: Get Tips in Windows and online.
    https://community.windows.com/en-us/videos/get-tips-in-windows-and-online/L7yUz7nIctk

• Windows monthly security and quality updates overview: as part of our series of blogs on the Windows approach to quality, Microsoft shares an overview of how they deliver these critical updates on a massive scale as a key component of our ongoing Windows as a service effort.
  http://blogs.windows.com/windowsexperience/2018/12/10/windows-monthly-security-and-quality-updates-overview
• CISO series: Strengthen your organizational immune system with cybersecurity hygiene.
  https://cloudblogs.microsoft.com/microsoftsecure/2018/12/06/ciso-series-strengthen-your-organizational-immune-system-with-cybersecurity-hygiene
• Using the Fully Qualified Domain Name for Remote Control [to a Windows computer] in System Center Configuration Manager: an example on creating a custom console extension.
  https://blogs.technet.microsoft.com/askpfeplat/2018/12/10/using-the-fully-qualified-domain-name-for-remote-control-in-system-center-configuration-manager
• The evolution of Microsoft Threat Protection (MTP), December update on Azure Security Center. Additionally, we overview a real-world scenario showcasing where MTP stops threats as envisioned with solution integrations.   During the Tropic Trooper attack campaign, Windows Defender Advanced Threat Protection (WDATP), Azure Active Directory (Azure AD), and Office 365 ATP services worked in sync, helping ensure the threat was addressed quickly with no adverse impact. The campaign initiated several Windows Defender ATP alerts triggering its device risk calculation mechanism, which ascribed affected endpoints with high risk scores. These endpoints were put to the top of the list in Windows Defender Security Center leading to early detection and discovery of the attack. Windows Defender ATP seamlessly integrates with Azure AD featuring conditional access. During Tropic Trooper, conditional access blocked high-risk endpoints from accessing sensitive content, protecting other users, devices, and data in the network.
  https://cloudblogs.microsoft.com/microsoftsecure/2018/12/12/the-evolution-of-microsoft-threat-protection-december-update
• New research highlights massive opportunity to empower Firstline Workers with technology.
  https://www.microsoft.com/en-us/microsoft-365/blog/2018/12/14/new-research-highlights-massive-opportunity-to-empower-firstline-workers-with-technology

Windows 10 News You Can Use – December 2018

Posted on December 3, 2018

Windows 10 news you can use, December 2018 edition Providing insights into Windows 10 deployment & management, security & compliance, and productivity. Also see other news related to Windows 10.

If you’re in IT, make sure you join us Thursday, December 13th from 9:00-10:00 a.m. Pacific Time to get up to speed and get your questions answered about Windows 10, version 1809. We’ve assembled a group of engineers and product managers from the Windows, Window Defender ATP, System Center Configuration Manager, Microsoft Intune, Microsoft Edge, and Microsoft 365 teams—and we’ll be answering your questions live during what promises to be an exciting and informative “Ask Microsoft Anything” (AMA) event.
https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/November-1st-Windows-10-version-1809-AMA-for-IT-pros/ba-p/265894

Windows 10 quality approach for a complex ecosystem. In November, Microsoft re-released the October 2018 Update after pausing to investigate a small but serious issue. This is the first time in Windows 10’s “Windows as a Service” history that we have taken such an action, and as such it has naturally led to questions about the work we do to test and validate Windows quality before we begin rolling it out broadly.
http://blogs.windows.com/windowsexperience/2018/11/13/windows-10-quality-approach-for-a-complex-ecosystem

1. Now live! Follow the steps outlined in Microsoft’s Modern Desktop Deployment Center to plan and carry out your large-scale deployment of Windows 10 and Office 365 ProPlus. Each step is part of the overall planning and deployment process with steps typically running in parallel to each other in a phased deployment.
   aka.ms/howtoshift
2. Understanding the differences between servicing Windows 10-era and legacy Windows operating systems. https://docs.microsoft.com/en-us/windows/deployment/update/waas-servicing-differences
3. Windows Autopilot: Hybrid Azure AD join and automatic registration.
   https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-Autopilot-Hybrid-Azure-AD-join-and-automatic/ba-p/286126
4. Windows 10 Enterprise LTSC 2019 is now available on the Volume Licensing Service Center (VLSC).
   https://www.microsoft.com/Licensing/servicecenter
5. KB4347075 Update to extend KMS support upcoming Enterprise LTSC and Windows Server products.
   https://support.microsoft.com/en-us/help/4347075/august-30-2018-kb4347075-update-to-extend-kms-support-upcoming-enterpr
6. When you purchase any of the Windows 10 or Microsoft 365 services (as detailed in the following Eligible plans section), FastTrack Specialists provide advisory and remediation guidance if you encounter app compatibility issues as you deploy to Windows 10 and Office 365 ProPlus and stay up-to-date at no additional cost (with an eligible subscription). To get help, complete the Desktop App Assure service request. https://docs.microsoft.com/en-us/FastTrack/win-10-daa-assistance-offered-and-plans
7. Windows 10 Long-Term Servicing Channel (LTSC): What is it, and when should it be used?
   https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/LTSC-What-is-it-and-when-should-it-be-used/ba-p/293181
8. Today is an exciting day for Windows 10 on ARM. With the official release of Visual Studio 15.9, developers now have the officially supported SDK and tools for creating 64-bit ARM (ARM64) apps. This news comes at a great time as Qualcomm Snapdragon 850 processor second-generation ARM64 devices provide even more computing power for developers to tap into while continuing to deliver the beyond-all-day battery life customers expect from Windows 10 on ARM. Like the first-generation ARM64 devices, they are also thin, light, fast, and designed with instant-on 4G LTE connectivity in mind, while able to run the wide ecosystem of Windows applications thanks to an x86 emulation layer.
   http://blogs.windows.com/buildingapps/2018/11/15/official-support-for-windows-10-on-arm-development

1. Our analysis of a targeted attack used malicious InPage document and outdated VLC media player to give attackers backdoor access to targets. Historically, malware payloads like the stage 2 malware in this attack are used to steal credentials and other sensitive information, install more payloads, or move laterally in the network. However, because the malware opens a backdoor channel for remote attackers to execute arbitrary commands of their choice, there’s a wide range of possibilities.
   https://cloudblogs.microsoft.com/microsoftsecure/2018/11/08/attack-uses-malicious-inpage-document-and-outdated-vlc-media-player-to-give-attackers-backdoor-access-to-targets
2. Windows Defender ATP device risk score exposes new cyberattack, drives Conditional access to protect networks. The WDATP team uncovered a new cyberattack that targeted several high-profile organizations in the energy and food and beverage sectors in Asia. Given the target region and verticals, the attack chain, and the toolsets used, we believe the threat actor that the industry refers to as Tropic Trooper was likely behind the attack. Read more about how the attack was determined, protected by Conditional access, and automatically remediated on threatened networks.
   https://cloudblogs.microsoft.com/microsoftsecure/2018/11/28/windows-defender-atp-device-risk-score-exposes-new-cyberattack-drives-conditional-access-to-protect-networks
3. Microsoft is excited to share with you some of the latest significant enhancements to Windows Defender ATP. We added new capabilities to each of the pillars of Windows Defender ATPs unified endpoint protection platform: improved attack surface reduction, better-than-ever next-gen protection, more powerful post-breach detection and response, enhanced automation capabilities, more security insights, and expanded threat hunting. These enhancements boost Windows Defender ATP and accrue to the broader Microsoft Threat Protection, an integrated solution for securing identities, endpoints, cloud apps, and infrastructure.
   https://cloudblogs.microsoft.com/microsoftsecure/2018/11/15/whats-new-in-windows-defender-atp
4. At Microsoft, we take your device and account protection seriously, which is why we’ve been on a mission to eliminate passwords. Passwords can be difficult to remember, are often reused and can be used to hack your account anywhere, anytime, from any device. Windows Hello is a key component in our effort to finally saying goodbye to passwords. Using facial recognition, a fingerprint, or PIN, Windows Hello is a fast, secure and password-less way to unlock your Windows 10 PC.1 We’ve been busy bringing the latest and greatest features to Windows Hello and account protection and wanted to take some time to update you on what’s new.
   http://blogs.windows.com/windowsexperience/2018/11/20/keeping-you-updated-on-windows-hello
5. Secure password-less sign-in for your Microsoft account using a security key or Windows Hello. We just turned on the ability to securely sign in with your Microsoft account using a standards-based FIDO2 compatible device—no username or password required! FIDO2 enables users to leverage standards-based devices to easily authenticate to online services—in both mobile and desktop environments.
   https://www.microsoft.com/en-us/microsoft-365/blog/2018/11/20/sign-in-to-your-microsoft-account-without-a-password-using-windows-hello-or-a-security-key
6. Microsoft is pleased to announce the final release of the security configuration baseline settings for Windows 10 October 2018 Update (a.k.a., version 1809, “Redstone 5” or “RS5”), and for Windows Server 2019.
   https://blogs.technet.microsoft.com/secguide/2018/11/20/security-baseline-final-for-windows-10-v1809-and-windows-server-2019

1. Windows 10 Tip: Five ways filling out forms online just got easier in Microsoft Edge. You may have already noticed that it’s easier than ever to fill out form details in websites, thanks to several improvements in Microsoft Edge via the Windows 10 October Update. This builds on the multi-field autofill launched in April that gave users the ability to fill out multiple related fields in website forms, such as contact info and credit card details, with one click.
   http://blogs.windows.com/windowsexperience/2018/11/26/windows-10-tip-five-ways-filling-out-forms-online-just-got-easier-in-microsoft-edge
2. When we released Windows 10, version 1803, we introduced Local Experience Packs (LXPs), which are modern language packs delivered through the Microsoft Store or Microsoft Store for Business. The biggest advantage to LXPs is that we no longer have to wait for feature update releases to deliver improved translations to you. Instead, translation improvements can be delivered via LXPs as a Microsoft Store application update. Local Experience Packs, available in more than 100 languages, makes Windows speak your language. Windows engineer Pankaj Mathur explains that it’s easier than ever to get and install one in the Windows 10 April 2018 Update. (Subtitle available in 86 languages)
   https://community.windows.com/en-us/videos/get-windows-to-speak-your-language/gnmVAKrWsrU
3. Windows 10 Tip: Find out how to setup and use Surface Headphones.
   http://blogs.windows.com/windowsexperience/2018/11/19/windows-10-tip-find-out-how-to-setup-and-use-surface-headphones
4. Save money and time with Microsoft Shopping Assistant. Microsoft Shopping Assistant, first released in 2016 through The Garage, is a browser add-on that helps you get the best deals at more than 50,000 online stores, from top retailers like Amazon and Walmart to your favorite boutique shop on Etsy.
   http://blogs.windows.com/windowsexperience/2018/11/21/save-money-and-time-with-microsofts-personal-shopping-assistant

• Assessing Microsoft 365 security solutions using the NIST Cybersecurity Framework.
  https://cloudblogs.microsoft.com/microsoftsecure/2018/07/02/assessing-microsoft-365-security-solutions-using-the-nist-cybersecurity-framework
• Enterprise security resources from Microsoft – includes whitepapers, training, blogs, and more!
  https://www.microsoft.com/en-us/security/Resources
• A step-by-step demo guide for provisioning Microsoft Surface devices using Windows Autopilot – without the need to reimage them. See how Microsoft Surface provides the first and best experience for first run user provisioning and ongoing device driver and firmware management and how you can register devices to your org and customize devices with apps and policies to make them business-ready right out of the box.
  https://www.youtube.com/watch?v=7td9Iwb1f6k
• November update on the evolution of Microsoft Threat Protection, which revisits some of the solution capabilities announced at Ignite and provide updates on significant enhancements made since September. Engineers across teams at Microsoft are collaborating to unlock the full, envisioned potential of Microsoft Threat Protection. Throughout this journey, we want to keep you updated on its development.
  https://cloudblogs.microsoft.com/microsoftsecure/2018/11/13/the-evolution-of-microsoft-threat-protection-november-update

• Secure your privileged administrative accounts with a phased roadmap. There are few things more important to a secure posture than protecting admins. This is because a compromised admin account would cause a much greater impact on the organization than a compromised non-privileged user account. If you are working on initiatives to secure your privileged accounts, this post is designed to help. I’ve shared some of the principles and tools that Microsoft has used to guide and enhance our own security posture, including some prescriptive roadmaps to help you plan your own initiatives.
  https://cloudblogs.microsoft.com/microsoftsecure/2018/11/29/secure-your-privileged-administrative-accounts-with-a-phased-roadmap
• Reduce your potential attack surface using Azure Advanced Threat Protection (ATP) Lateral Movement Paths. The purpose of lateral movements within a cyber-attack kill chain are for attackers to gain and compromise your sensitive accounts towards domain dominance. Azure ATP provides invaluable insights on identity configurations and suggested security best-practices across the enterprise. A key component of Azure ATP’s insights is Lateral Movement Paths or LMPs. Azure ATP LMPs are visual guides that help you quickly understand and identify exactly how attackers can move laterally inside your network. Azure ATP LMPs provide easy to interpret, direct visual guidance on your most vulnerable sensitive accounts, assists in helping you mitigate and close access for potential attacker domain dominance.
  https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Reduce-your-potential-attack-surface-using-Azure-ATP-Lateral/ba-p/291787
• Intune’s journey to a highly scalable globally distributed cloud service; Part 2 explains the three proactive actions Microsoft took to prepare for immediate future growth.
  https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Intune-s-journey-to-a-highly-scalable-globally-distributed-cloud/ba-p/289004
• Windows Machine Learning is out of preview and ready to become part of your AI toolbox. The Windows ML inference engine evaluates trained models locally on Windows devices, removing concerns of connectivity, bandwidth, and data privacy. This video series will help you understand how you can get started with Windows ML and explore the new APIs through the lens of Rufus the robot.
  http://blogs.windows.com/buildingapps/2018/11/20/getting-started-with-windows-machine-learning