Latest Event Updates

No Internet on Hyper-V guest using Default Switch

Posted on Updated on

Beginning in Windows 10 1709, Hyper-V networking included a “Default Switch” to help simplify Internet connectivity to guest VMs. The idea is that this switch would automatically share whatever Internet connection is used by the Host, then NAT the addresses to the guests. This sharing is accomplished using the Internet Connection Sharing (ICS) service on the Host.

While in theory this makes the networking of guests easier, one particular challenge with this solution still exists today with Windows 10 1803….occasionally this guest loses it’s ability to work through the Host’s connection. And thereby the guest has no Internet access. So, if you’re faced with this issue, try restarting the ICS service on the host to restore connectivity.

For Internet connection issues with the default switch on a Windows 7 guest VM, I found the best solution to be changing the “Automatic metric” settings on the NICs in the VM.  This workaround/solution was posted in a TechNet forum thread, but the details are copied below for ease of reading.

“Go to <Network and Sharing><Change Adapter Settings> and right click your wired and wireless adapters one at a time to change the properties. Select IPv4, click <Properties> then click <Advanced>. For each one, clear the “Automatic metric” check box and assign the metric value manually. I set the wireless to 1 and the wired to 2, which gave me the behavior I wanted.”

Advertisements

Resources for Windows Analytics

Posted on Updated on

I’m often asked for a set of resources to get started or to understand the Windows Analytics toolset.  Below is a collection of my favorite resources, which I may update from time-to-time.

  1. Windows Analytics accelerates enterprise Windows 10 migration. With Update Compliance and Device Health services now generally available, Windows Analytics provides an end-to-end upgrade solution with actionable insights into device performance, reliability, and health, so enterprises can broadly migrate their devices from Windows 7 or Windows 8 to Windows 10 or update Windows 10 devices to the latest feature update (Windows 10, version 1709) quickly and with confidence.
    http://blogs.windows.com/business/2017/12/12/accelerate-windows-10-migration-windows-analytics
  2. Register today for exclusive access to a one-hour, demo-rich webcast showcasing solutions that can help you monitor and proactively improve your experience with Windows 10 upgrades, update deployment, and device management.
    https://blogs.technet.microsoft.com/windowsitpro/2017/10/12/webcast-qa-proactive-insights-with-windows-analytics
  3. Have you heard of the new Upgrade Analytics service to help in your application compatibility planning and readiness?  If not, a Microsoft Mechanics video (6 minutes) was created to highlight and showcase the technology. Read more and watch at:
    https://technet.microsoft.com/en-us/windows/mt743627
  4. Videos and setup guides for Upgrade Readiness in the Windows Analytics suite.  Includes jump points to technical documentation on prerequisites, etc.
    https://blogs.technet.microsoft.com/windowsitpro/2017/06/07/setup-guides-for-windows-analytics-upgrade-readiness
  5. A demo from Microsoft Mechanics walks you through common usage scenarios for Windows Analytics Update Compliance, a cloud-based solution that provides you with an inventory of the devices in your organization, the version of Windows installed on each device, the update status of each device, and antimalware assessment for Windows Defender Antivirus-enabled devices.
    https://blogs.technet.microsoft.com/windowsitpro/2017/08/10/new-demo-windows-analytics-update-compliance
  6. In January a “Ask Microsoft Anything” (AMA) about Windows Analytics was held. Members of the engineering and product teams were answered questions and listened to feedback about Upgrade Readiness, Update Compliance, Device Health, and the future roadmap for Windows Analytics. Those conversations were recorded and can be found in techcommunity link below.
    https://techcommunity.microsoft.com/t5/Windows-Analytics-AMA/bd-p/WindowsAnalyticsAMA
  7. Discussion about pricing of OMS for Windows Analytics.
    https://techcommunity.microsoft.com/t5/Windows-10/What-are-our-pricing-options-for-OMS-to-for-Windows-10-upgrade/m-p/107869/highlight/true
  8. Announcing Delivery Optimization Insights for Windows Analytics: Update Compliance https://blogs.technet.microsoft.com/upgradeanalytics/2017/12/17/announcing-post-upgrade-insights-in-upgrade-readiness
  9. Windows Analytics utilizes Operations Management Suite (OMS) workspaces with Log Analytics.  OMS requires and Azure subscription (which can be free).  The following guide covers how to create the OMS=>Azure association for two scenarios: (1) Your organization is new to Microsoft Azure and you just want to use Upgrade Analytics, and (2) Your company is already using an Azure subscription and you want to create an OMS workspace for Upgrade Analytics under your Azure subscription
    https://blogs.technet.microsoft.com/upgradeanalytics/2016/11/08/linking-operations-management-suite-workspaces-to-microsoft-azure
  10. Detailed information on how Upgrade Readiness collects application inventory for your OMS workspace.  Includes info about data collection, appraiser updates, best practices, and troubleshooting!
    https://techcommunity.microsoft.com/t5/Windows-Analytics-Blog/How-Upgrade-Readiness-collects-application-inventory-for-your/ba-p/213586

Last updated: 7/10/2018

Windows 10 News You Can Use – June 2018

Posted on Updated on

Win10NewsLogo Windows 10 news you can use, June 2018 edition

Providing insights into Windows 10 deployment & management, security & compliance, and productivity

Also see other news related to Windows 10

Latest Windows 10 1803 feature upgrade news:

Deployment & Management

1) SetupDiag.exe is a standalone diagnostic tool that can be used to obtain details about why a Windows 10 upgrade was unsuccessful. It works by examining Windows Setup log files then attempts to parse these log files to determine the root cause of a failure to update or upgrade the computer to Windows 10. SetupDiag can be run on the computer that failed to update, or you can export logs from the computer to another location and run SetupDiag in offline mode.
https://docs.microsoft.com/en-us/windows/deployment/upgrade/setupdiag

2) Defining application taxonomies to drive your application compatibility testing. https://blogs.msdn.microsoft.com/cjacks/2018/04/30/defining-app-tranches-to-drive-your-app-compat-testing

3) Announcing Delivery Optimization Insights for Windows Analytics: Update Compliance https://blogs.technet.microsoft.com/upgradeanalytics/2017/12/17/announcing-post-upgrade-insights-in-upgrade-readiness

4) Enterprise-ready in the age of Windows as a service https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Enterprise-ready-in-the-age-of-Windows-as-a-service/ba-p/188712

5) New IT Pro application packaging tool: MSIX. This is the next generation of application delivery.

6) Dive on Windows 10 co-management with Intune and System Center Configuration Manager.
https://channel9.msdn.com/Series/Endpoint-Zone/Windows-10-co-management-with-Intune-and-ConfigMan-Endpoint-Zone-1804#time=14m34s

7) Learn how to create a Windows 10 kiosk that runs multiple apps. With Windows 10, version 1803, you can also: configure a single-app kiosk profile in your XML file, assign group accounts to a config profile, and configure an account to sign in automatically.
https://docs.microsoft.com/en-us/windows/configuration/lock-down-windows-10-to-specific-apps

8) Video to learn how to setup Windows Autopilot in just over 3-minutes. https://www.youtube.com/watch?v=KYVptkpsOqs

Security & Compliance

1) Video showcasing protection capabilities against the most sophisticated threats with Windows Defender Advanced Threat Protection (WDATP). https://www.youtube.com/watch?v=JojhJ0Ib8vU

2) Microsoft’s Windows Defender ATP team is committed to delivering industry-leading protection, customer choice, and transparency on the quality of our solutions. In the continued spirit of these principles, we want to share the results of the January-February 2018 test conducted by independent antivirus tester AV-TEST and provide a transparency report that augments the test findings with contextual information to help our customers make informed decisions about Windows Defender ATP adoption. https://cloudblogs.microsoft.com/microsoftsecure/2018/05/24/adding-transparency-and-context-into-industry-av-test-results

3) IT showcase: Microsoft uses Windows Defender Antivirus to boost malware protection. Updated May 2018. https://www.microsoft.com/itshowcase/Article/Content/752/Microsoft-uses-Windows-Defender-Antivirus-to-boost-malware-protection

4) Adversaries are reusing credentials all the time; How can you check and prevent credential reuse attacks? Deny them by leveraging new (and old) security features. https://blogs.technet.microsoft.com/motiba/2018/05/06/avoiding-credentials-reuse-attacks

5) Use Windows Information Protection (WIP) to help make accidental data leakage a thing of the past. WIP protects users and organizations from accidental leaks via copy-and-paste, drag-and-drop, removable storage (e.g., USB thumb drives), and unauthorized applications (e.g., non-work cloud storage providers). https://cloudblogs.microsoft.com/microsoftsecure/2018/05/15/use-windows-information-protection-wip-to-help-make-accidental-data-leakage-a-thing-of-the-past

6) Windows Insider Preview build 17672 introduced support for the SameSite cookies standard in Microsoft Edge, ahead of a planned rollout in Microsoft Edge and Internet Explorer. Same-site cookies enable more protection for users against cross-site request forgery (CSRF) attacks. To broaden the security benefits of this feature, we plan to service Microsoft Edge and Internet Explorer 11 on the Windows 10 Creators Update and newer to support same-site cookies as well, allowing sites to rely on same-site cookies as a defense against CSRF and other related cross-site timing and cross-site information-leakage attacks.
http://blogs.windows.com/msedgedev/2018/05/17/samesite-cookies-microsoft-edge-internet-explorer

7) Big news in our drive to eliminate passwords: FIDO2 / WebAuthn Reaches Candidate Recommendation status! This will allow Microsoft customers to use any Microsoft identity to sign-in using a FIDO device instead of a password on any FIDO2 compatible device or browser – for both personal Microsoft accounts and organizational identities based on Azure Active Directory. https://cloudblogs.microsoft.com/enterprisemobility/2018/04/12/big-news-in-our-drive-to-eliminate-passwords-fido2-webauthn-reaches-candidate-recommendation-status

8) The new Windows Privacy hub converges related content about Windows privacy on docs.microsoft.com. Here you can find new guidance to help IT decision makers get ready for GDPR, a list of Windows 10 services configuration settings used for personal data privacy protection, understand Windows diagnostic data, and much more.

Productivity

1) Introducing two new mixed reality business applications: Microsoft Remote Assist and Microsoft Layout. http://blogs.windows.com/windowsexperience/2018/05/07/introducing-two-new-mixed-reality-business-applications-microsoft-remote-assist-and-microsoft-layout

2) Windows 10 Tip: How to enable Focus Assist in the Windows 10 April 2018 Update.
http://blogs.windows.com/windowsexperience/2018/05/09/windows-10-tip-how-to-enable-focus-assist-in-the-windows-10-april-2018-update

3) Microsoft Build 2018 highlights for productivity advancements coming to Windows 10.
http://blogs.windows.com/windowsexperience/2018/05/07/microsoft-build-2018-empowering-developers-to-build-intelligent-apps-with-microsoft-365

  • A new way to connect your phone to your PC with Windows 10 that enables instant access to text messages, photos, and notifications.
  • An updated Microsoft Launcher application on Android that will support Enterprise customers with easy access to line of business applications via Microsoft Intune.
  • Microsoft Launcher on Android will also support Timeline for cross-device application launching. Today, your Microsoft Edge browsing sessions on your iPhone or iPad are included in the Timeline experience on your Windows 10 PC.
  • Updates to Sets, an easier way to organize your stuff and get back to what you were doing. With Sets, what belongs together stays together, making it easier and faster to create and be productive.

4) Windows 10 Tip: A guide to using the basic tools in Paint 3D. http://blogs.windows.com/windowsexperience/2018/05/21/windows-10-tip-a-guide-to-the-basic-tools-in-paint-3d

5) What happens when three identical devices run different browsers? The Microsoft Edge team wanted to find out. This experiment showed that battery life on a PC running Microsoft Edge lasts 98% longer than Mozilla Firefox and 14% longer than Google Chrome. Windows 10 April 2018 Update Edition. https://www.youtube.com/watch?v=T24bRAm8MT0

6) Windows 10 Tip: Capture your thoughts easily with Dictation. Did you know that with the Windows 10 April 2018 Update, it’s now easier than ever to take a note or write a paper – with just your voice, using your device’s microphone? http://blogs.windows.com/windowsexperience/2018/05/29/windows-10-tip-capture-your-thoughts-easily-with-dictation

7) At Microsoft, we want to empower every person and every organization to achieve more. We deeply believe everyone should have the opportunity to reach their potential and we can help by empowering all people, regardless of their abilities. Global Accessibility Awareness Day gives us the chance to celebrate our differences and reflect on the ways in which we continue to strive to make Windows more accessible to everyone in their everyday life. Windows for each of us. http://blogs.windows.com/windowsexperience/2018/05/16/celebrating-global-accessibility-awareness-day

In other news related to Windows 10…

Windows 10 News You Can Use – May 2018

Posted on Updated on

Win10NewsLogo Windows 10 news you can use, May 2018 edition

Providing insights into Windows 10 deployment & management, security & compliance, and productivity

Also see other news related to Windows 10

Windows 10 April 2018 Update (version 1803) released!  More info at:

Deployment & Management

1)      Windows 10 Group Policy vs. Intune MDM Policy: who wins? https://blogs.technet.microsoft.com/cbernier/2018/04/02/windows-10-group-policy-vs-intune-mdm-policy-who-wins

2)      If you’re an IT administrator managing Windows Server and Windows, you probably open dozens of consoles for day-to-day activities, such as Event Viewer, Device Manager, Disk Management, Task Manager, Server Manager – the list goes on and on. Windows Admin Center brings many of these consoles together in a modernized, simplified, integrated, and secure remote management experience. https://cloudblogs.microsoft.com/windowsserver/2018/04/12/announcing-windows-admin-center-our-reimagined-management-experience

3)      Forrester Study: Modernize Your Device Management Using The Cloud. Today’s computing infrastructure acquisition, deployment, management, and servicing methods pose challenges to large and small organizations alike. As employees increasingly rely on myriad devices and applications to do their jobs, IT professionals must find efficiencies in how they provision and support new devices and applications. Luckily, operating system (OS) solutions that are fully integrated with the cloud and designed to work across devices are emerging. https://info.microsoft.com/ModernizeYourDeviceManagement.html

4)      With the upcoming release of Windows 10, version 1803, we are taking the next steps in our efforts to make kiosks even more capable – and easier – to deploy and configure.
https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Simplifying-kiosk-management-for-IT-with-Windows-10/ba-p/187691

5)      Announcing MSIX – bringing together the best of UWP and traditional MSI applications.  Including a partnership with Advanced Installer Express edition. https://www.youtube.com/watch?v=AUUwZTurcmQ
https://www.youtube.com/watch?v=o9k8y46udho

Security & Compliance

1)      Windows Hello and FIDO2 Security Keys enable secure and easy authentication for shared devices.
http://blogs.windows.com/business/2018/04/17/windows-hello-fido2-security-keys

2)      Azure AD Conditional Access policies can now check device health as reported by Windows Defender Advanced Threat Protection. https://cloudblogs.microsoft.com/enterprisemobility/2018/04/17/password-less-sign-in-to-windows-10-azure-ad-using-fido2-is-coming-soon-plus-other-cool-news

3)      New capabilities of Windows Defender ATP further maximizing the effectiveness and robustness of endpoint security.  Includes: automated investigation + remediation of threats, Microsoft 365 conditional access based on device-risk, advanced hunting, signal sharing across the Intelligent Security Graph, Windows Secure Score reports on devices’ security posture with actionable recommendations. http://blogs.windows.com/business/2018/04/17/new-capabilities-of-windows-defender-atp-further-maximizing-the-effectiveness-and-robustness-of-endpoint-security

4)      With Windows 10 1803, we are implementing the first phase of Windows Defender System Guard runtime attestation, laying the groundwork for future innovation in this area. This includes developing new OS features to support efforts to move towards a future where violations of security promises are observable and effectively communicated in the event of a full system compromise, such as through a kernel-level exploit.  Runtime attestation can help in many scenarios, including: providing supplementary signals for endpoint detection and response (EDR) and antivirus vendors, detecting artifacts of kernel tampering/rootkits/exploits, protected game anti-cheat scenarios, sensitive transactions, conditional access. https://cloudblogs.microsoft.com/microsoftsecure/2018/04/19/introducing-windows-defender-system-guard-runtime-attestation

5)      Windows Defender ATP will now be able to provide the machine-risk level to conditional access (powered by Microsoft Intune and Azure Active Directory) to block compromised devices from accessing corporate resources. https://cloudblogs.microsoft.com/enterprisemobility/2018/04/18/enhancing-conditional-access-with-machine-risk-data-from-windows-defender-advanced-threat-protection

6)      Teaming up in the war against social engineering attacks like tech support scams with Windows 10. https://cloudblogs.microsoft.com/microsoftsecure/2018/04/20/teaming-up-in-the-war-on-tech-support-scams

7)      Nearly one year passed since David das Neves had written a comprehensive summary around PowerShell Security (http://aka.ms/PSSecEnt). There are many security controls which need to be known and configured. But the problem for most admins is ‘Where to start and where to end?’.  This article provides guidance on how to prioritize those security controls. https://blogs.msdn.microsoft.com/daviddasneves/2018/04/25/prioritize-all-the-security-controls

8)      We now have a published table of which Windows Defender Exploit Guard feature works with which edition of Windows 10 (Professional vs. Enterprise E3 vs. Enterprise E5).
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard

9)      Dofoil is a sophisticated threat that attempted to install coin miner malware on hundreds of thousands of computers in March, 2018. In previous blog posts we detailed how behavior monitoring and machine learning in Windows Defender AV protected customers from a massive Dofoil outbreak that we traced back to a software update poisoning campaign several weeks prior. In this blog post, we will expound on Dofoil’s anti-debugging and anti-analysis tactics, and demonstrate how the rich detection libraries of Windows Defender Advanced Threat Protection and Windows Defender Exploit Guard can help during investigation. https://cloudblogs.microsoft.com/microsoftsecure/2018/04/04/hunting-down-dofoil-with-windows-defender-atp

Productivity

1)      Make the most of your time with the new Windows 10 update for April 2018. With Timeline, your Windows 10 PC lets you go back in time up to 30 days to find your stuff, whether you were working on it earlier today, last week, or a few weeks ago. With Focus Assist, use whenever you want to get things done without distractions, like social media or other notifications. Or set it to turn on automatically at certain times during the day when you want focused time. With Dictation, it’s now easier than ever to take a note or write a paper, with just your voice. http://blogs.windows.com/windowsexperience/2018/04/27/make-the-most-of-your-time-with-the-new-windows-10-update

2)      Windows 10 Tip: Five expert tips to help you master ink in OneNote. http://blogs.windows.com/windowsexperience/2018/04/02/windows-10-tip-five-expert-tips-to-help-you-master-ink-in-onenote

3)      Windows 10 Tip: 10 things you can do in Windows Mixed Reality right now. http://blogs.windows.com/windowsexperience/2018/04/09/windows-10-tip-10-things-you-can-do-in-windows-mixed-reality-right-now

4)      Windows 10 Tip: Five things you might not know that you can do right now with your Windows 10 PC.
http://blogs.windows.com/windowsexperience/2018/04/17/five-things-you-might-not-know-you-can-do-right-now-with-your-windows-10-pc

5)      Windows 10 Tip: Five keyboard shortcuts you may not know about. http://blogs.windows.com/windowsexperience/2018/04/23/windows-10-tip-five-keyboard-shortcuts-you-may-not-know-about

In other news related to Windows 10…
  • Your customers expect regular delivery of new capabilities, as well as support for existing applications. Find out how you compare to your peers—get The Case For Supporting Always Up-To-Date Operating Systems, a commissioned study conducted by Forrester Consulting, and discover the latest usage trends among software vendors like you. Reduce Complexity And Accelerate Your Application Release Cycle.  Register to download the white paper now to review recent findings about cloud-enabled OS adoption and usage trends among software vendors. Plus, learn five critical recommendations to consider as you evolve your application support and release strategy.
    https://developer.microsoft.com/en-us/windows/projects/campaigns/windows-compatibility
  • From an administration perspective, our vision for Microsoft 365 is to help simplify IT by unifying management across users, devices, apps and services. We are rolling out a new admin experience for Microsoft 365 enterprise customers. This will be a single place for admins to get started with Microsoft 365 and discover the breadth of management capabilities and experiences available to them across Office 365, Windows, and EMS, as well as Microsoft 365 Device Management. Integrated into this admin center is both the new Microsoft 365 Security & Compliance Center, dedicated to providing security and compliance specialists with integrated management capabilities across Office 365, Windows, and EMS, as well as Microsoft 365 Device Management. The Security and Compliance Center will be available shortly, with Device Management to follow afterwards. Please look forward to additional details. https://techcommunity.microsoft.com/t5/Office-365-Blog/Introducing-the-Microsoft-365-Admin-Center/ba-p/167392
  • Microsoft security announcements from the RSA 2018 conference.
    • Tapping the intelligent cloud to make security better and easier: Improving protection, Speeding up detection and response, Working across the industry, and The evolution of the intelligent edge. https://cloudblogs.microsoft.com/microsoftsecure/2018/04/16/tapping-the-intelligent-cloud-to-make-security-better-and-easier
    • By connecting security data and systems, we can gain an advantage over todays adversaries. At Microsoft, our security products are powered by the Intelligent Security Graph which synthesizes massive amounts of threat intelligence and security signals from across Microsoft products, services, and partners using advanced analytics to identify and mitigate cyberthreats. This week at the RSA conference, we announced the public preview of a Security API that empowers customers and partners to build on the Intelligent Security Graph. By connecting security solutions and integrating with existing workflows, alerts and contextual information from multiple solutions can be easily consolidated and correlated to inform threat detection, and actions can be taken to streamline incident response. The unified API will make these connections easier by providing a standard interface and uniform schema to integrate and correlate security alerts from multiple sources, enrich investigations with contextual data, and automate security operations for greater efficiency. https://cloudblogs.microsoft.com/microsoftsecure/2018/04/17/connect-to-the-intelligent-security-graph-using-a-new-api

Windows 10 News You Can Use – April 2018

Posted on Updated on

Win10NewsLogo Windows 10 news you can use, April 2018 edition

Providing insights into Windows 10 deployment & management, security & compliance, and productivity

Also see other news related to Windows 10

Deployment & Management

1) Explore the results of a recent Forrester study and learn how to take advantage of new cloud functionality to improve the end user computing operations lifecycle and leverage the ease and flexibility of the cloud for device management. https://info.microsoft.com/ModernizeYourDeviceManagement.html

2) Afraid of Windows 10 with Azure AD join? Michael Niehaus demystifies AADJ and provides practical guidance to try it out!
Part 1: https://blogs.technet.microsoft.com/mniehaus/2018/01/19/afraid-of-windows-10-with-azure-ad-join-try-it-out-part-1
Part 2: https://blogs.technet.microsoft.com/mniehaus/2018/02/21/afraid-of-windows-10-with-azure-ad-join-try-it-out-part-2

3) In case you missed it, Microsoft Deployment Toolkit (MDT), build 8450 was released in late December, offering support for Windows 10, version 1709; the Windows Assessment and Deployment Kit (ADK) for Windows 10, version 1709; and System Center Configuration Manager, version 1710. https://blogs.technet.microsoft.com/msdeployment/2017/12/21/mdt-8450-now-available

4) Watch a free webinar to learn how EMS can help you manage and secure user identities, devices, apps, and data across all of your Windows devices, iOS, macOS, and Android. This one-hour session includes: 1) Securing access to company email, files, and apps stored in the cloud and on-premises, 2) Protecting company data on all endpoints, 3) Modernizing Windows 10 management.
https://resources.office.com/ww-landing-M365PD-Identity-Driven-UEM-with-EMS-Video.html?LCID=EN-US

5) With the 1710 update to ConfigMgr and the 1709 update to Windows 10, we’ve provided the foundations of our solution to bridge Windows modernization through Co-Management. This bridge is an entry-point for our customers to start their transitions to modern management – a path that leads traditional, domain-joined and ConfigMgr-managed solutions, to a deployment of Azure Active Directory and Intune. https://cloudblogs.microsoft.com/enterprisemobility/2018/02/07/the-future-is-on-the-other-side-of-this-bridge

6) The documentation team has an article with the current list of UWP provisioned (in-box) and installed (from the store on first logon) for various Windows 10 releases. But one thing that isn’t reflected in that documentation: the list of apps installed from the store can be different depending on the type of account you sign in with, by the SKU that you are using, and even by the region of the world the device is in. https://blogs.technet.microsoft.com/mniehaus/2018/03/13/more-on-included-windows-10-apps

7) An updated version of System Center Updates Publisher (SCUP) is now available which adds support for Windows 10 and Windows Server 2016. SCUP enables independent software vendors or line-of-business application developers to manage custom updates.
https://cloudblogs.microsoft.com/enterprisemobility/2018/03/21/system-center-updates-publisher-adds-support-for-new-oses

8) The AskPFEPlat team is here today with you in force. Recently they put together 10 Tips and Tricks from the Field – a collection of tips and tricks in our tool belt that they use on occasion. They wanted share these with all their readers in-an-effort to make your day a little easier. https://blogs.technet.microsoft.com/askpfeplat/2018/03/19/10-tips-and-tricks-from-the-field

9) Moving from project to process: digital transformation with Windows as a service.
https://techcommunity.microsoft.com/t5/Windows-10-Blog/Moving-from-project-to-process-digital-transformation-with/ba-p/175688

Security & Compliance

1) How to enable BitLocker Drive Encryption and automate the process for an AutoPilot device that is provisioned for a standard user using the Windows 10 Fall Creators Update version 1709. https://blogs.technet.microsoft.com/showmewindows/2018/01/18/how-to-enable-bitlocker-and-escrow-the-keys-to-azure-ad-when-using-autopilot-for-standard-users

2) Windows Defender System Guard: Making a leap forward in platform security with memory integrity.
https://techcommunity.microsoft.com/t5/Windows-Insider-Program/Windows-Defender-System-Guard-Making-a-leap-forward-in-platform/m-p/167303#M1256

3) Windows 10 in S-Mode coming soon to all editions of Windows 10. http://blogs.windows.com/windowsexperience/2018/03/07/windows-10-s-mode-coming-soon-editions-windows-10

4) Learn from the Windows Defender Research group about protecting corporate networks from cryptocurrency miners with the security capabilities in Windows 10. https://cloudblogs.microsoft.com/microsoftsecure/2018/03/13/invisible-resource-thieves-the-increasing-threat-of-cryptocurrency-miners

5) Announcing a set of new preview features for Windows Defender ATP, which includes capabilities such as Automated Investigation and Response (AIRS), advanced hunting tools for SecOps, role-based access controls, Azure ATP integration, insights into additional Win10 security capabilities, and more! https://techcommunity.microsoft.com/t5/What-s-New/WDATP-preview-features-are-now-ON/td-p/170598

6) Guided lab to get Windows Hello for Business to work on Windows 10 to show the user experience and provide some lessons learned. https://blogs.technet.microsoft.com/chadcox/2018/03/19/my-notes-on-setting-up-a-poc-windows-hello-for-business-lab-using-hybrid-key-trust

7) Over the last year, we’ve talked about how we’re investing in new innovations to address today’s challenging threat landscape, what we’ve delivered, and how it will change the dynamics. Today, I want to share the results of our new antivirus capabilities in Windows Defender Advanced Threat Protection (ATP) which are genuinely incredible because they will directly benefit the work you are doing. Read more on why Windows Defender Antivirus is the most deployed in the enterprise. https://cloudblogs.microsoft.com/microsoftsecure/2018/03/22/why-windows-defender-antivirus-is-the-most-deployed-in-the-enterprise

Productivity

1) Windows 10 Tip: Three ways you can personalize your desktop with fun themes and colors.
http://blogs.windows.com/windowsexperience/2018/03/05/windows-10-tip-three-ways-can-personalize-desktop-fun-themes-colors

2) Windows 10 Tip: Clear your workspace in one of two simple steps.
http://blogs.windows.com/windowsexperience/2018/03/13/windows-10-tip-clear-your-workspace-in-two-simple-steps

3) Windows 10 Accessibility: What to expect in the year ahead. http://blogs.windows.com/windowsexperience/2018/03/19/windows-10-accessibility-what-to-expect-in-the-year-ahead

4) Windows 10 Tip: Six keyboard shortcuts to help you find what you’re looking for. http://blogs.windows.com/windowsexperience/2018/03/26/windows-10-tip-six-keyboard-shortcuts-to-help-you-find-what-youre-looking-for

Other news related to Windows 10…

Windows 10 News You Can Use – March 2018

Posted on Updated on

 Win10NewsLogo Windows 10 news you can use, March 2018 edition

Providing insights into Windows 10 deployment & management, security & compliance, and productivity

Also see other news related to Windows 10

 

Deployment & Management

1)      Windows Analytics now helps assess Meltdown and Spectre protections. https://blogs.windows.com/business/2018/02/13/windows-analytics-now-helps-assess-meltdown-and-spectre-protections

2)      Update 1802 for Configuration Manager [Technical Preview Branch] – includes new features and functionality for Windows 10 deployment and management! https://cloudblogs.microsoft.com/enterprisemobility/2018/02/13/update-1802-for-configuration-manager-technical-preview-branch-available-now

3)      Windows Update for Business offers an additional option to aid administrators in the critical pursuit of ensuring systems are kept up to date. Understanding what Windows Update for Business is and how it can be implemented either standalone or through integration with Configuration Manager is critical, so you make the best choice for your business.  Watch this easy-to-follow video tutorial on implementing and managing WUfB with SCCM. https://blogs.technet.microsoft.com/configurationmgr/2018/01/22/configmgr-current-branch-windows-update-for-business-video-tutorial

4)      Express Update is a capability of WSUS and the Windows Update Agent that was added to help reduced the overall network impact of these larger updates. Configuration Manager current branch 1702 (though 1710 and higher is recommended for best performance) added full support for Express. Understanding how Express works is important so that administrators know what to expect and can plan accordingly. Watch this easy-to-follow video for details of how Express works and how supporting Express is supported in a Configuration Manager environment. https://blogs.technet.microsoft.com/configurationmgr/2018/01/26/configmgr-current-branch-express-updates-video-tutorial

Security & Compliance

1)      Microsoft continues to work diligently with our industry partners to address the Spectre and Meltdown hardware-based vulnerabilities. Our top priority is clear: Help protect the safety and security of our customers’ devices and data. Today, I’d like to provide an update on some of that work, including Windows security update availability for additional devices, our role in helping distribute available Intel firmware (microcode), and progress driving anti-virus compatibility. http://blogs.windows.com/windowsexperience/2018/03/01/update-on-spectre-and-meltdown-security-updates-for-windows-devices

2)      Microsoft was named a “Visionary” in the 2018 Magic Quadrant for Endpoint Protection Platforms. According to Gartner “Visionaries deliver in the leading-edge features — such as cloud management, managed features and services, enhanced detection or protection capabilities, and strong incident response workflows — that will be significant in the next generation of products, and will give buyers early access to improved security and management.”
http://www.gartner.com/reprints/?id=1-4PY5MQU&ct=180130&st=sb

3)      Starting this summer, customers can add Windows Defender ATP Endpoint Detection & Response (EDR) functionality to their Windows 7, and Windows 8.1 devices, and get a holistic view across their endpoints. https://blogs.windows.com/business/2018/02/12/announcing-windows-defender-atp-support-for-windows-7-and-windows-8-1

4)      Learn how Windows Defender Antivirus and artificial intelligence stopped an Emotet outbreak on February 3rd with intelligent, real-time protection against modern threats.
https://cloudblogs.microsoft.com/microsoftsecure/2018/02/14/how-artificial-intelligence-stopped-an-emotet-outbreak

5)      Monthly antimalware platform updates for Windows Defender Antivirus. While keeping up-to-date with signatures and engines is a best practice, a machine that is up-to-date with both definition/engine and platform updates can have a higher protection level than a machine that is just update-to-date with definition/engine updates. https://blogs.technet.microsoft.com/configurationmgr/2018/02/05/monthly-antimalware-platform-updates-for-windows-defender

6)      Fujitsu has teamed with Microsoft to build devices with Windows 10 Pro and industry-leading biometric options including Windows Hello and palm vein authentication to prevent security attacks in the modern workplace. http://blogs.windows.com/business/2018/02/08/fujitsu-microsoft-focused-advancing-security-modern-workplace

Productivity

1)      Microsoft like to provide you with the latest planning tools to help guide you to the best deployment process for your business. The Windows 10 Adoption Planning Kit includes the following resources: 1) Gartner Report: Making Critical Deployment Choices for Windows 10 Success, 2) End-User Readiness Assets, 3) Microsoft FastTrack Program Flyer, 4) Microsoft Press Article: Deploying Windows 10 e-Book. https://info.microsoft.com/Windows10AdoptionPlanningKit.html

2)      Print to corporate printers from Azure AD joined Windows 10 devices! We’ve just released Microsoft Hybrid Cloud Print, a print solution built specifically for Azure Active Directory-joined and Intune-managed devices. Now people in your organization can use Azure AD-joined devices to discover on-premise printers, and can print from work or from home or from anywhere else they can connect to the internet. https://cloudblogs.microsoft.com/enterprisemobility/2018/02/01/so-cool-print-to-corporate-printers-from-azure-ad-joined-windows-10-devices

3)      Windows 10 Tip: 7 pro tips for getting started with Microsoft Edge as your PDF viewer.
http://blogs.windows.com/windowsexperience/2018/02/12/windows-10-tip-7-pro-tips-getting-started-microsoft-edge-pdf-viewer

Other news related to Windows 10…

 

Windows 10 News You Can Use – February 2018

Posted on

 Win10NewsLogo Windows 10 news you can use, February 2018 edition

Providing insights into Windows 10 deployment & management, security & compliance, and productivity

In other news related to Windows 10…

Deployment & Management
  1.  Windows 10 1709 is now designated as a Semi-Annual Channel release (e.g. formerly known as Current Branch for Business).
    http://blogs.windows.com/windowsexperience/2018/01/11/windows-10-fall-creators-update-1709-fully-available
  2. To gain insights into the health and performance of more than 300,000 Windows 10 devices, Microsoft began using Device Heath, a new service in Windows Analytics. Available through the Microsoft Operations Management Suite, Device Health analyzes telemetry and provides details about device and driver crashes. This data helps us monitor our environment and quickly resolve issues. https://www.microsoft.com/itshowcase/Article/Content/961/Improving-reliability-with-Windows-Analytics-Device-Health
  3. Collecting members of the Local Administrators group via SCCM. https://blogs.technet.microsoft.com/benjamin/2018/01/27/collecting-members-of-the-local-administrators-group
  4. An important feature for desktop application developers is the ability to view detailed analytics about application performance and its popularity with users. Until today, developers had difficulty accessing these analytics without cobbling together multiple tools. With the new Windows Desktop Program, developers now have a convenient, one-stop portal to view their desktop application analytics or access the data via an API. Statistics and charts quickly show how the applications are doing– from how many customers they’ve reached to detailed performance data on crashes and failures. With these analytics, developers can better track and prioritize fixes, monitor the distribution of their application, prepare and improve the overall experience for their customers. http://blogs.windows.com/buildingapps/2018/01/23/introducing-windows-desktop-program-desktop-application-analytics
Security & Compliance
  1. Get an end-to-end look at the security features and technologies in Windows 10 that can help you protect your data, devices, and identity. Join Windows Security Senior Product Manager Chris Hallum as he walks you through the features and tools that have shipped to date and provides insight into what’s to come. This one-hour webcast will take from place Tuesday, February 6th from 10:00 a.m. to 11:00 a.m. Pacific Time and will cover protecting data on lost and stolen devices, replacing passwords with multi-factor authentication, using data separation, containment, and encryption to help prevent accidental data leaks, and much more. https://blogs.technet.microsoft.com/windowsitpro/2018/01/04/save-the-date-windows-10-security-webcast-feb-6
  2. Understanding the performance impact of Spectre and Meltdown mitigations on Windows Systems.  Terry Myerson, Executive Vice President, Windows and Devices Group describes the discovered vulnerabilities as clearly as possible, discusses what customers can do to help keep themselves safe, and shares what Microsoft has learned so far about performance impacts. https://cloudblogs.microsoft.com/microsoftsecure/2018/01/09/understanding-the-performance-impact-of-spectre-and-meltdown-mitigations-on-windows-systems
  3. Windows 10: Multi-layer defense against ransomware attacks. The year 2017 saw three global ransomware outbreaks driven by multiple propagation and infection techniques that are not necessarily new but not typically observed in ransomware. While there are technologies available on Windows 7 to mitigate attacks, Windows 10’s comprehensive set of platform mitigations and next-generation technologies cover these attack methods. https://cloudblogs.microsoft.com/microsoftsecure/2018/01/10/a-worthy-upgrade-next-gen-security-on-windows-10-proves-resilient-against-ransomware-outbreaks-in-2017
  4. Customers that deployed Microsoft’s security baseline for Windows 10 v1709 might have experienced device and component failures. The BitLocker GPO settings recommended in the Windows security configuration baselines for Windows 10 include enabling “Disable new DMA devices when this computer is locked” to defend against Direct Memory Access (DMA) attacks. Windows’ internal implementation underlying that Group Policy setting was modified for v1709 to strengthen its enforcement. However, the change inadvertently led to some device and component failures on v1709 that are described in KB article 4057300, including potential problems with network adapters, audio devices, and pointing devices. https://blogs.technet.microsoft.com/secguide/2018/01/18/issue-with-bitlockerdma-setting-in-windows-10-fall-creators-update-v1709
  5. Exposing fileless malware attacks with Windows Defender ATP and mitigating attacks against the endpoint with next-gen security technologies in Windows 10. https://cloudblogs.microsoft.com/microsoftsecure/2018/01/24/now-you-see-me-exposing-fileless-malware
  6. Data privacy will continue to be a priority towards making Windows 10 the best and most secure experience. From improving in-product control, transparency and information about your privacy, while providing a complete list of the diagnostic data collected at the Basic level, among others, to launching the Microsoft Privacy Dashboard and the enhancements we’ve made since then, we want you to be able to easily see and manage your activity data online across multiple Microsoft services. http://blogs.windows.com/windowsexperience/2018/01/24/microsoft-introduces-new-privacy-tools-ahead-of-data-privacy-day
  7. Looking for information on how Windows 10 Enterprise can enable and support HIPAA compliance, privacy, and security? Download the latest version of the “HIPAA Compliance with Microsoft Windows 10” white paper, which now includes the updates found in Windows 10, version 1709. https://blogs.technet.microsoft.com/windowsitpro/2018/01/09/hipaa-compliance-with-windows-10-enterprise
  8. Rapid cyberattacks like Petya and WannaCrypt have reset our expectations on the speed and scope of damage that a cyberattack can inflict. The Microsoft Enterprise Cybersecurity Group Detection and Response team worked extensively to help customers respond to and recover from these kinds of attacks. In 2017, among the global enterprise customers that we worked with, these rapid cyberattacks took down most or all IT systems in just about one hour, resulting in $200M – 300M USD of damage at several customers. https://cloudblogs.microsoft.com/microsoftsecure/2018/01/23/overview-of-rapid-cyberattacks
  9. There has been an increase in free versions of programs that purport to scan computers for various errors, and then use alarming, coercive messages to scare customers into buying a premium version of the same program. Starting March 1, 2018, Windows Defender Antivirus and other Microsoft security products will classify programs that display coercive messages as unwanted software, which will be detected and removed. https://cloudblogs.microsoft.com/microsoftsecure/2018/01/30/protecting-customers-from-being-intimidated-into-making-an-unnecessary-purchase
Productivity
  1. Windows 10 Tip: Add 3D to your PowerPoint presentation in 5 steps http://blogs.windows.com/windowsexperience/2018/01/29/windows-10-tip-add-3d-powerpoint-presentation-5-steps
  2. Windows 10 Tip: Get started with the Mixed Reality Viewer app. http://blogs.windows.com/windowsexperience/2018/01/08/windows-10-tip-get-started-mixed-reality-viewer-app
  3. Easily and securely manage devices –  Windows 10 helps to manage devices efficiently and cost effectively while reducing business disruptions, as you make new devices available to your employees. https://fasttrack.microsoft.com/microsoft365/productivitylibrary/Easily-and-securely-manage-devices
  4. Fuel your creativity with powerful devices and apps – Use Surface Studio and Windows 10 to transform the way you sketch, model, and share your creative ideas. https://fasttrack.microsoft.com/microsoft365/productivitylibrary/Fuel-your-creativity-with-powerful-devices-and-apps
  5. Use your device like a PC to stay productive and secure – Maintain the high level of productivity you need, wherever you are, by leveraging the seamless, secure mobile experience offered by Windows 10. https://fasttrack.microsoft.com/microsoft365/productivitylibrary/Use-your-device-like-a-PC-to-stay-productive-and-secure
  6. Use integrated apps and devices to improve healthcare patient care – Gain secure, speedy access to lab results, specialist recommendations, patient notes, scheduling, and more from your Microsoft 365 powered device and your clinic’s integrated apps. https://fasttrack.microsoft.com/microsoft365/productivitylibrary/Use-integrated-apps-and-devices-to-improve-patient-care
  7. Streamline healthcare lab operations while ensuring compliance – Improve your lab’s testing operations and ensure regulatory compliance by using powerful, modern devices. https://fasttrack.microsoft.com/microsoft365/productivitylibrary/Streamline-lab-operations-while-ensuring-compliance