Microsoft has finally launched its Whiteboard app for Windows 10 devices. It’s a free tool for collaborating on ideas with as many people as you like, and it’s not half bad. Whiteboard (which has been available in preview since last December) is designed for use with a stylus, so it’ll automatically recognize when you’re trying to draw shapes and tables, and help you out with your doodles. [embedded content] Of course, it works just fine with a mouse or your finger on a touchscreen too. You can draw, add sticky notes, import images, paste text, and pull in pictures from the web using the built-in Bing search tool. All these elements can be manipulated and moved around the board as you wish. It’s also easy to invite people to collaborate from wherever they are in real-time by sending them a link. Of course, they’ll need a Microsoft or Office 365 account to dive in. There are several other whiteboard apps out there, but with this, Microsoft can offer it to Office users, integrate it into its Teams group chat app (which is now available for free), and sync your data across devices when it later arrives on the web, iOS, and Android. So while Whiteboard isn’t impressive enough on its own to convince you to switch from similar apps, it might be the easiest one for you to get into, if you’ve already bought into the Office ecosystem. You can give it a go by installing the app for free from the Microsoft Store. Read next: AI is finding out when the person using your account isn't you
Microsoft will start rolling out Teams to its U.S. Government Cloud customers on July 17.
Microsoft will start rolling out Teams to its U.S. Government Cloud customers on July 17. In a blog post on June 28, Microsoft provided an official (and awaited) date for Government Cloud Teams availability. The post says Teams should be available to all eligible Government Cloud users by the end of August 2018. Teams will be available as part of Office 365 for U.S. Government G1, G3, G5 and F1 plans. It also will be available for Microsoft 365 for U.S. Government G3, G5 and F1 plans. Microsoft officials said they "are working to bring Microsoft Teams to the other U.S. government clouds soon." There are some feature differences between Microsoft Teams for commercial customers and Teams for U.S. Government cloud users. Here's Microsoft's chart showing the commercial Teams features that will be unavailable, turned off by default and/or available at some point in the future: Credit: Microsoft Microsoft's Stream video service for business users still isn't available for U.S. Government cloud, which means call/meeting recording in Teams is not yet available either, as it uses Streams. Support for apps (Bots, Tabs, Connectors) is a work in progress, as are unified presence and email notifications. New features for Microsoft Teams will come to Government Cloud customers after they first go to commercial customers, going forward. Microsoft officials said this lag is "due to increased audit requirements and activities to meet the needs" of that environment. Microsoft Teams security and compliance levels include ISO 27001, ISO 27018, EUMC, SOC 1 Type I & II, SOC 2 Type I and II, HIPAA and FedRAMP Moderate, Microsoft's blog post notes. Microsoft originally began rolling out Teams, its group-chat service, in early 2017. There are rumors that Microsoft may at some point release a free version of Teams and not tie its usage to having an Office 365 subscription, but so far there's been no formal announcement of such a plan. what's hot on zdnet
It’s your complete office in the cloud.
We have helped leaders at the most influential companies over the last 20 years remove complexity from technology while empowering people to connect from anywhere.
In its most recent reports, AV-Test had very few flattering things to say about Windows Defender. ...
In its most recent reports, AV-Test had very few flattering things to say about Windows Defender. Microsoft's security suite was rated as the seventh …
What is Microsoft 365, in a nutshell?
What is Microsoft 365, in a nutshell? Microsoft 365 is an integrated bundle of Windows 10, Office 365 and Enterprise Mobility + Security (aka EMS, which includes Intune device management, analytics and some Azure Active Directory capabilities), sold on a subscription basis. Microsoft 365 is the evolution of the bundles formerly known as "Secure Productive Enterprise E3 and E5." Credit: Microsoft How long has Microsoft 365 been around? Microsoft introduced the Microsoft 365 concept at its partner conference in July 2017. The first two editions (Business and Enterprise) became available for purchase in early August 2017. As part of its recent company-wide reorg, Microsoft made a subset of the Windows 10 team part of the Microsoft 365 organization. Corporate Vice President Brad Anderson now has overall responsibility for Microsoft 365, all-up. What are the different Microsoft 365 variants or editions? Microsoft currently offers a handful of targeted Microsoft 365 bundles. These are: Microsoft 365 Enterprise: For companies with more than 300 users. It's available in two options -- with Windows 10 Enterprise (E3 or E5), plus Office 365 and EMS. Microsoft 365 Business: For small-to-mid-sized businesses (SMBs) with up to 300 users. It includes Windows 10 Pro, Office 365 and EMS. Microsoft 365 F1: For "firstline"/customer service and support workers. This plan includes Windows 10 Enterprise, Office 365 F1 (formally Office 365 Enterprise K1) and EMS. Microsoft 365 Education: For educational institutions, schools and classrooms. It comes in three options: A1, AE and A5. Microsoft 365 Nonprofit: For not-for-profit organizations. This seems to be Microsoft 365 Business available at a reduced rate (best I can tell). Microsoft 365 Government: For U.S. government agencies and controactors holding controlled but unclassified information. (Don't let the alphabet soup of acronyms here intimidate you. E3, E5, A1, K1, etc. are all plan designations carried over primarily from Office 365.) Some Microsoft watchers have wondered whether Microsoft may be planning to introduce a Microsoft 365 for consumer/home users. So far, no such offering has been announced or leaked, however. Can customers still buy the piece-parts of Microsoft 365 as standalone products? And for how long? Microsoft is continuing to sell Windows 10 E3/E5, Windows 10 Pro, Office 365 and EMS separately and has not said it has plans to only offer these components as part of a bundle. What is "Windows 10 Business"? Windows 10 Business is a custom variant of Windows 10 that is only available as part of the Microsoft 365 Business plan. It includes everything in Win 10 Pro plus Windows Defender Security Controls, Windows AutoPilot, as well as hooks for Automatic Office apps deployment, What is a "Microsoft 365-powered device"? Shortly after announcing Microsoft 365, Microsoft officials began talking about Microsoft 365-powered devices. This was a new marketing term, and not actually a way that customers or organizations could buy or license a piece of hardware. It was simply meant to encourage customers to run one of the Microsoft 365 bundles on a Windows 10 machine. Some Microsoft execs began describing Surface devices as Microsoft 365-powered. HP execs also have talked about the HP EliteBook x360 and HP Elite x2 under the Microsoft 365-powered banner. The PCs that Microsoft partners introduced a year ago as being optimized for Windows 10 S also can be seen as good candidates for those running Microsoft 365 F1, as many companies would potentially be introduced in having their front-line workers run streamlined/locked-down devices. (Devices running Windows 10 S that subscribe to Microsoft 365 F1 will upgrade to Windows 10 Enterprise in S mode.) Microsoft has been phasing out quietly the Microsoft 365-powered nomenclature and replacing it with "modern desktop experience powered by Microsoft 365." There are still some references on Microsoft web sites and documentation to "Microsoft 365-powered," but not many. Will Microsoft begin reporting Microsoft 365 as part of its "commercial cloud" revenues in its financials? Microsoft officials have not said they plan to start including Microsoft 365 as a component of its commercial cloud bucket, but I wouldn't be surprised to see this happen in the not-to-distant future, since Office 365 and Intune are already part of the commercial cloud figures Microsoft reports. What constitutes the "Microsoft 365 development platform"? At its Build 2018 developer conference this year, Microsoft dedicated an entire keynote to the concept of building on top of the Microsoft 365 platform. Microsoft now has four major development platforms: Azure, Microsoft 365, Dynamics 365 and gaming. The Microsoft 365 piece takes the current Windows developer model and expands it with the Microsoft Graph, which is Microsoft's centralized API for connecting applications and services across devices, applications and services. The Graph is what is enabling a number of the cross-platform features, like Timeline and Sets, in Windows 10. Why is Microsoft pushing Microsoft 365 so hard? Microsoft is hoping lightning can strike twice when it comes to bundles. Office, a bundle of the company's productivity apps, became a huge business for Microsoft over the years. Since then, the company has been testing and fielding a variety of product bundles with the goal of selling more software and services via subscription, which gives Microsoft a dependable stream of recurring revenue.
Patch your Windows 10 device quick, as hackers are currently taking advantage of a zero-day “Double Kill” flaw in Internet Explorer to infect PCs across the globe. The fix is part of Microsoft’s latest Patch Tuesday update for Windows 10, addressing the vulnerability discovered by the Qihoo 360 Core Security team in late April. The flaw is officially labeled as CVE-2018-8174, ignoring the 360 Core Security team’s “Double Kill” codename. According to the team, hackers can embed a malicious website inside an Office document. Once opened, the embedded site deploys malicious code and its payload from a remote web-based server. The attack also bypasses the User Account Control component in Windows 10, acquiring administrator-level privileges. The attack is executed within the system memory as well, thus you’ll find no evidence of foul play on the device’s local storage. Microsoft says the problem resides in the VBScript engine. That’s short for Visual Basic Scripting, Microsoft’s programming language included in Internet Explorer for creating system management tools. The vulnerability resides in the way this engine handles objects in memory, allowing hackers to inject code into memory and gain the same user rights as the current user. “In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked ‘safe for initialization’ in an application or Microsoft Office document that hosts the IE rendering engine,” Microsoft says. But that’s not all. Hackers could also take advantage of websites that “accept or host user-provided content or advertisements” by injecting specifically crafted content. The good news here is that the only attack vector discovered thus far is by injecting an Office document with a malicious website. Despite that limitation, a successful attack provides hackers with complete control of the victim’s PC without their knowledge. While many Windows 10 device owners may scratch their heads wondering why this Internet Explorer flaw is relevant, the browser still remains as a Windows component for legacy support. Many websites, applications, and corporations still rely on elements that are only compatible with Internet Explorer and have not moved on to the newer technology offered in Microsoft Edge. The 360 Security Center team said this is the first advanced persistent threat (APT) campaign to use an Office document carrying this specific Internet Explorer exploit payload. Using Office documents, however, is nothing new. “In recent years, we have discovered a rising trend that Office documents have taken the center stage of APT attacks,” the security team said. “Opening any malicious documents with “double kill” allows attackers to control victims’ computers without their knowledge, making ransomware infection, eavesdropping, and data leakage convenient and stealthy.” As always, never open a document from an unknown source. Also keep your Windows 10 PC up to date on a security level given Microsoft’s operating system is a highly popular target. Keep your firewall locked and loaded and your anti-virus solution updated as well. You can remove Internet Explorer by following these instructions. Editors' Recommendations
Contents 02/09/2018 15 minutes to read Contributors In this article Applies to Windows 10 Windows 10 Mobile Windows 10 IoT Mobile Looking for consumer information? See Windows Update: FAQ The Windows 10 operating system introduces a new way to build, deploy, and service Windows: Windows as a service. Microsoft has reimagined each part of the process, to simplify the lives of IT pros and maintain a consistent Windows 10 experience for its customers. These improvements focus on maximizing customer involvement in Windows development, simplifying the deployment and servicing of Windows client computers, and leveling out the resources needed to deploy and maintain Windows over time. Click the following Microsoft Mechanics video for an overview of the release model, particularly the Semi-Annual Channel. Building Prior to Windows 10, Microsoft released new versions of Windows every few years. This traditional deployment schedule imposed a training burden on users because the feature revisions were often significant. That schedule also meant waiting long periods without new features — a scenario that doesn’t work in today’s rapidly changing world, a world in which new security, management, and deployment capabilities are necessary to address challenges. Windows as a service will deliver smaller feature updates two times per year, around March and September, to help address these issues. In the past, when Microsoft developed new versions of Windows, it typically released technical previews near the end of the process, when Windows was nearly ready to ship. With Windows 10, new features will be delivered to the Windows Insider community as soon as possible — during the development cycle, through a process called flighting — so that organizations can see exactly what Microsoft is developing and start their testing as soon as possible. Microsoft also depends on receiving feedback from organizations throughout the development process so that it can make adjustments as quickly as possible rather than waiting until after release. For more information about the Windows Insider Program and how to sign up, see the section Windows Insider. Of course Microsoft also performs extensive internal testing, with engineering teams installing new builds daily, and larger groups of employees installing builds frequently, all before those builds are ever released to the Windows Insider Program. Deploying Deploying Windows 10 is simpler than with previous versions of Windows. When migrating from earlier versions of Windows, an easy in-place upgrade process can be used to automatically preserve all apps, settings, and data. And once running Windows 10, deployment of Windows 10 feature updates will be equally simple. One of the biggest challenges for organizations when it comes to deploying a new version of Windows is compatibility testing. Whereas compatibility was previously a concern for organizations upgrading to a new version of Windows, Windows 10 is compatible with most hardware and software capable of running on Windows 7 or later. Because of this high level of compatibility, the app compatibility testing process can be greatly simplified. Application compatibility Application compatibility testing has historically been a burden when approaching a Windows deployment or upgrade. With Windows 10, application compatibility from the perspective of desktop applications, websites, and apps built on the Universal Windows Platform (UWP) has improved tremendously. Microsoft understands the challenges organizations experienced when they migrated from the Windows XP operating system to Windows 7 and has been working to make Windows 10 upgrades a much better experience. Most Windows 7–compatible desktop applications will be compatible with Windows 10 straight out of the box. Windows 10 achieved such high compatibility because the changes in the existing Win32 application programming interfaces were minimal. Combined with valuable feedback via the Windows Insider Program and diagnostic data, this level of compatibility can be maintained through each feature update. As for websites, Windows 10 includes Internet Explorer 11 and its backward-compatibility modes for legacy websites. Finally, UWP apps follow a compatibility story similar to desktop applications, so most of them will be compatible with Windows 10. For the most important business-critical applications, organizations should still perform testing on a regular basis to validate compatibility with new builds. For remaining applications, consider validating them as part of a pilot deployment process to reduce the time spent on compatibility testing. If it’s unclear whether an application is compatible with Windows 10, IT pros can either consult with the ISV or check the supported software directory at http://www.readyforwindows.com. Device compatibility Device compatibility in Windows 10 is also very strong; new hardware is not needed for Windows 10 as any device capable of running Windows 7 or later can run Windows 10. In fact, the minimum hardware requirements to run Windows 10 are the same as those required for Windows 7. Most hardware drivers that functioned in Windows 8.1, Windows 8, or Windows 7 will continue to function in Windows 10. Servicing Traditional Windows servicing has included several release types: major revisions (e.g., the Windows 8.1, Windows 8, and Windows 7 operating systems), service packs, and monthly updates. With Windows 10, there are two release types: feature updates that add new functionality twice per year, and quality updates that provide security and reliability fixes at least once a month. With Windows 10, organizations will need to change the way they approach deploying updates. Servicing channels are the first way to separate users into deployment groups for feature and quality updates. With the introduction of servicing channels comes the concept of a deployment ring, which is simply a way to categorize the combination of a deployment group and a servicing channel to group devices for successive waves of deployment. For more information about developing a deployment strategy that leverages servicing channels and deployment rings, see Plan servicing strategy for Windows 10 updates. For information about each servicing tool available for Windows 10, see Servicing tools. To align with this new update delivery model, Windows 10 has three servicing channels, each of which provides different levels of flexibility over when these updates are delivered to client computers. For information about the servicing channels available in Windows 10, see Servicing channels. Naming changes As part of the alignment with Windows 10 and Office 365 ProPlus, we are adopting common terminology to make it as easy as possible to understand the servicing process. Going forward, these are the new terms we will be using: Semi-Annual Channel - We will be referreing to Current Branch (CB) as "Semi-Annual Channel (Targeted)", while Current Branch for Business (CBB) will simply be referred to as "Semi-Annual Channel". Long-Term Servicing Channel - The Long-Term Servicing Branch (LTSB) will be referred to as Long-Term Servicing Channel (LTSC). Feature updates With Windows 10, Microsoft will package new features into feature updates that can be deployed using existing management tools. Because feature updates are delivered more frequently than with previous Windows releases — twice per year, around March and September, rather than every 3–5 years — changes will be in bite-sized chunks rather than all at once and end user readiness time much shorter. Tip The feature update cadence has been aligned with Office 365 ProPlus updates. Starting with this falls' update, both Windows and Office will deliver their major updates semi-annually, around March and September. See upcoming changes to Office 365 ProPlus update management for more information about changes to Office update management. Quality updates Monthly updates in previous Windows versions were often overwhelming because of the sheer number of updates available each month. Many organizations selectively chose which updates they wanted to install and which they didn’t, and this created countless scenarios in which organizations deployed essential security updates but picked only a subset of non-security fixes. In Windows 10, rather than receiving several updates each month and trying to figure out which the organization needs, which ultimately causes platform fragmentation, administrators will see one cumulative monthly update that supersedes the previous month’s update, containing both security and non-security fixes. This approach makes patching simpler and ensures that customers’ devices are more closely aligned with the testing done at Microsoft, reducing unexpected issues resulting from patching. The left side of Figure 1 provides an example of Windows 7 devices in an enterprise and what their current patch level might look like. On the right is what Microsoft’s test environment PCs contain. This drastic difference is the basis for many compatibility issues and system anomalies related to Windows updates. Figure 1 Servicing channels To align with the new method of delivering feature updates and quality updates in Windows 10, Microsoft introduced the concept of servicing channels to allow customers to designate how frequently their individual devices are updated. For example, an organization may have test devices that the IT department can update with new features as soon as possible, and then specialized devices that require a longer feature update cycle to ensure continuity. With that in mind, Windows 10 offers 3 servicing channels. The Windows Insider Program provides organizations with the opportunity to test and provide feedback on features that will be shipped in the next feature update. The Semi-Annual Channel provides new functionality with twice-per-year feature update releases. Organizations can choose when to deploy updates from the Semi-Annual Channel. The Long Term Servicing Channel, which is designed to be used only for specialized devices (which typically don't run Office) such as those that control medical equipment or ATM machines, receives new feature releases every two to three years. For details about the versions in each servicing channel, see Windows 10 release information. The concept of servicing channels is new, but organizations can use the same management tools they used to manage updates and upgrades in previous versions of Windows. For more information about the servicing tool options for Windows 10 and their capabilities, see Servicing tools. Note Servicing channels are not the only way to separate groups of devices when consuming updates. Each channel can contain subsets of devices, which staggers servicing even further. For information about the servicing strategy and ongoing deployment process for Windows 10, including the role of servicing channels, see Plan servicing strategy for Windows 10 updates. Semi-Annual Channel In the Semi-Annual servicing channel, feature updates are available as soon as Microsoft releases them. Windows 10, version 1511, had few servicing tool options to delay feature updates, limiting the use of the Semi-Annual servicing channel. Windows 10, version 1607 and onward, includes more servicing tools that can delay feature updates for up to 365 days. This servicing modal is ideal for pilot deployments and testing of Windows 10 feature updates and for users such as developers who need to work with the latest features immediately. Once the latest release went through pilot deployment and testing, you choose the timing at which it goes into broad deployment. When Microsoft officially releases a feature update for Windows 10, it is made available to any PC not configured to defer feature updates so that those devices can immediately install it. Organizations that use Windows Server Update Services (WSUS), Microsoft System Center Configuration Manager, or Windows Update for Business, however, can defer feature updates to selective devices by withholding their approval and deployment. In this scenario, the content available for the Semi-Annual Channel will be available but not necessarily immediately mandatory, depending on the policy of the management system. For more details about Windows 10 servicing tools, see Servicing tools. Organizations are expected to initiate targeted deployment on Semi-Annual Channel releases, while after about 4 months, we will announce broad deployment readiness, indicating that Microsoft, independent software vendors (ISVs), partners, and customers believe that the release is ready for broad deployment. Each feature update release will be supported and updated for 18 months from the time of its release Note Organizations can electively delay feature updates into as many phases as they wish by using one of the servicing tools mentioned in the section Servicing tools. Long-term Servicing Channel Specialized systems—such as PCs that control medical equipment, point-of-sale systems, and ATMs—often require a longer servicing option because of their purpose. These devices typically perform a single important task and don’t need feature updates as frequently as other devices in the organization. It’s more important that these devices be kept as stable and secure as possible than up to date with user interface changes. The LTSC servicing model prevents Windows 10 Enterprise LTSB devices from receiving the usual feature updates and provides only quality updates to ensure that device security stays up to date. With this in mind, quality updates are still immediately available to Windows 10 Enterprise LTSB clients, but customers can choose to defer them by using one of the servicing tools mentioned in the section Servicing tools. Note Windows 10 Enterprise LTSB is a separate Long Term Servicing Channel version. Long-term Servicing channel is not intended for deployment on most or all the PCs in an organization; it should be used only for special-purpose devices. As a general guideline, a PC with Microsoft Office installed is a general-purpose device, typically used by an information worker, and therefore it is better suited for the Semi-Annual servicing channel. Microsoft never publishes feature updates through Windows Update on devices that run Windows 10 Enterprise LTSB. Instead, it typically offers new LTSC releases every 2–3 years, and organizations can choose to install them as in-place upgrades or even skip releases over a 10-year life cycle. Note Windows 10 LTSB will support the currently released silicon at the time of release of the LTSB. As future silicon generations are released, support will be created through future Windows 10 LTSB releases that customers can deploy for those systems. For more information, see Supporting the latest processor and chipsets on Windows in Lifecycle support policy FAQ - Windows Products. The Long-term Servicing Channel is available only in the Windows 10 Enterprise LTSB edition. This build of Windows doesn’t contain many in-box applications, such as Microsoft Edge, Microsoft Store, Cortana (limited search capabilities remain available), Microsoft Mail, Calendar, OneNote, Weather, News, Sports, Money, Photos, Camera, Music, and Clock. Therefore, it’s important to remember that Microsoft has positioned the LTSC model primarily for specialized devices. Note If an organization has devices currently running Windows 10 Enterprise LTSB that it would like to change to the Semi-Annual Channel, it can make the change without losing user data. Because LTSB is its own SKU, however, an upgrade is required from Windows 10 Enterprise LTSB to Windows 10 Enterprise, which supports the Semi-Annual Channel. Windows Insider For many IT pros, gaining visibility into feature updates early—before they’re available to the Semi-Annual Channel — can be both intriguing and valuable for future end user communications as well as provide the means to test for any issues on the next Semi-Annual Channel release. With Windows 10, feature flighting enables Windows Insiders to consume and deploy preproduction code to their test machines, gaining early visibility into the next build. Testing the early builds of Windows 10 helps both Microsoft and its customers because they have the opportunity to discover possible issues before the update is ever publicly available and can report it to Microsoft. Microsoft recommends that all organizations have at least a few PCs enrolled in the Windows Insider Program and provide feedback on any issues they encounter. For information about the Windows Insider Program for Business, go to Windows Insider Program for Business. Note Microsoft recommends that all organizations have at least a few PCs enrolled in the Windows Insider Program, to include the Windows Insider Program in their deployment plans and to provide feedback on any issues they encounter to Microsoft via our Feedback Hub app. The Windows Insider Program isn’t intended to replace Semi-Annual Channel deployments in an organization. Rather, it provides IT pros and other interested parties with pre-release Windows builds that they can test and ultimately provide feedback on to Microsoft. There are many tools with which IT pros can service Windows as a service. Each option has its pros and cons, ranging from capabilities and control to simplicity and low administrative requirements. The following are examples of the servicing tools available to manage Windows as a service updates: Windows Update (stand-alone) provides limited control over feature updates, with IT pros manually configuring the device to be in the Semi-Annual Channel. Organizations can target which devices defer updates by selecting the Defer upgrades check box in StartSettingsUpdate & SecurityAdvanced Options on a Windows 10 client. Windows Update for Business is the second option for servicing Windows as a service. This servicing tool includes control over update deferment and provides centralized management using Group Policy. Windows Update for Business can be used to defer updates by up to 365 days, depending on the version. These deployment options are available to clients in the Semi-Annual Channel. In addition to being able to use Group Policy to manage Windows Update for Business, either option can be configured without requiring any on-premises infrastructure by using Intune. Windows Server Update Services (WSUS) provides extensive control over Windows 10 updates and is natively available in the Windows Server operating system. In addition to the ability to defer updates, organizations can add an approval layer for updates and choose to deploy them to specific computers or groups of computers whenever ready. System Center Configuration Manager provides the greatest control over servicing Windows as a service. IT pros can defer updates, approve them, and have multiple options for targeting deployments and managing bandwidth usage and deployment times. With all these options, which an organization chooses depends on the resources, staff, and expertise its IT organization already has. For example, if IT already uses System Center Configuration Manager to manage Windows updates, it can continue to use it. Similarly, if IT is using WSUS, it can continue to use that. For a consolidated look at the benefits of each tool, see Table 1. Table 1 Servicing tool Can updates be deferred? Ability to approve updates Peer-to-peer option Additional features Windows Update Yes (manual) No Delivery Optimization None Windows Update for Business Yes No Delivery Optimization Other Group Policy objects WSUS Yes Yes BranchCache or Delivery Optimization Upstream/downstream server scalability Configuration Manager Yes Yes BranchCache, Client Peer Cache Distribution points, multiple deployment options Note Due to naming changes, older terms like CB,CBB and LTSB may still be displayed in some of our products. Steps to manage updates for Windows 10 Feedback What type of feedback would you like to provide? Our new feedback system is built on GitHub Issues. For more information on this change, please read our blog post. Loading feedback...
Last week, Yusuf Mehdi announced the Windows 10 April 2018 Update, our latest feature update for ...
Last week, Yusuf Mehdi announced the Windows 10 April 2018 Update, our latest feature update for Windows 10. Today, we’re excited to share that the update is available to customers. This post will provide details on the April 2018 Update rollout plan, including information on our new machine-learning approach. We’ll also detail how you can get the update today. As with prior rollouts, our goal is to deliver the April 2018 Update as quickly and as broadly possible, while maintaining the best possible update experience for our customers. The April 2018 Update is available today if you go to Windows Update and manually check for updates. We will begin the global rollout out via Windows Update on May 8. As with previous rollouts, we will use real-time quality feedback to smartly update your device when we have data that shows your device is ready and will have a great experience. You don’t have to do anything to get the update; it will roll out automatically to you through Windows Update if you’ve chosen to have updates installed automatically on your device. Once the download is complete and the update is ready to install, we’ll notify you, so you can pick the right time to finish the installation and reboot, so the update does not disrupt you. The adoption rate of the Windows 10 Fall Creators Update was the fastest of any version of Windows 10, making it the most widely used version of Windows 10. During the Fall Creators Update roll out we pilot tested machine learning (ML) to intelligently select devices that our feedback data indicated would have a great update experience. The results from the pilot were promising, and we consistently saw a higher rate of positive update experiences for devices identified using ML. For the April 2018 Update rollout, we will expand our use of ML to identify the devices ready to update, incorporating things like additional compatibility data. This will allow us to deliver updates to devices as fast as possible while providing even better customer experiences. With the April 2018 Update, we have also further shortened the amount of time your device is offline during updates up to 63% compared to the Windows 10 Creators Update. The April 2018 Update will follow the same phased rollout approach of proactively monitoring all available feedback and update experience data and making the appropriate product updates during the rollout. While we encourage you to wait until the update is offered to your device, if you’re an advanced user on an actively serviced version of Windows 10 and would like to install the Windows 10 April 2018 update now, you can do so by manually checking for updates. In the Search tab, type “Settings”. On the Settings page, navigate to Update & security > Windows Update. Once there, simply click “Check for updates” to begin the download and installation process. You can also watch this video that outlines how to get the April 2018 Update. If you’re using a Windows 10 PC at work, you will need to check with your IT administrator for details on your organization’s specific plans to update. For our commercial customers, the release of the Windows 10, version 1803 on April 30, 2018 marks the start of the Semi-Annual Channel and begins the 18-month servicing timeline. Just as we’re rolling out the April 2018 Update in phases to consumers, we recommend IT administrators do the same within their organizations. Start with targeted deployments to validate that apps, devices, and infrastructure used by your organization work well with the new release. Then continue your deployment to more and more devices based on the results from your initial targeted deployments. Just as we use data to guide our consumer rollout, commercial customers are encouraged to use our Windows Analytics offering to improve and facilitate their own rollout. Devices configured to take advantage of Windows Update for Business (WUfB) will be automatically migrated to this Semi-Annual Channel feature update based on your WUfB configurations, starting today. The update is now available through both Windows Server Update Services (WSUS) and WUfB. For an overview of what’s new and what’s changed, please see What’s new for IT pros in Windows 10, version 1803. Being on the latest version of Windows 10, the April 2018 Update, provides you with the latest features and provides the latest security protections to help keep you safer. As I’ve noted before, we continue to improve Windows 10 mitigations to protect against unwanted threats and vulnerabilities. To know which version of Windows your device is running, check here. The April 2018 Update also includes changes to the set-up experience for privacy settings. This new design conveys focused information to help our customers make informed choices about their privacy and offers two new settings for Inking & Typing and Find my device. Not everyone will experience the same set up, however. For example, some will review their settings through a single screen set up and others will review their settings via a multiple screen set up where required by law. Some users may be required to review and choose their privacy settings before they can finish installing the April 2018 Update. All customers can review and update their privacy settings at any time in Start > Settings > Privacy. You can find out more about the new Privacy settings experience in this March blog. We hope you enjoy the April 2018 Update and encourage you to tell us about your experience by providing comments or suggestions via the Feedback Hub app. How to get the Windows 10 April 2018 Update Tweet This Updated April 30, 2018 10:39 am
With Attack Simulator (included in Office 365 Threat Intelligence), if you are a member of your ...
With Attack Simulator (included in Office 365 Threat Intelligence), if you are a member of your organization's security team, you can run realistic attack scenarios in your organization. This can help you identify and find vulnerable users before a real attack impacts your bottom line. The Attacks At preview release we offer 3 kinds of attack simulations that you can run. For an attack to be successfully launched, the account that is running the attack and logged on, must use multi-factor authentication. Note: Currently, Attack Simulator is in preview. When an attack is created, the attack email message is created using HTML via a text field. However, when Attack Simulator is generally available, the email will be created using an HTML control within the experience. Also, the landing page a target is redirected to in a Spear Phishing campaign is static. However, when Attack Simulator is generally available, the landing page will use a customizable URL chosen by the global or security administrator configuring the simulated attack. To access Attack Simulator, in the Security & Compliance Center, choose Threat management > Attack simulator. Before you begin... Make sure that you and your organization meet the following requirements for Attack Simulator: Display name spear-phishing attack Phishing is a generic term for a broad suite of attacks classed as a social engineering style attack. This attack is focused on Spear Phishing, a more targeted attack that is aimed at a specific group of individuals or an organization. Typically, a customized attack with some reconnaissance performed and using a display name that will generate trust in the recipient, such as an email message that looks like it came from an executive within your organization. This attack focuses on letting you manipulate who the message appears to have originated from by changing the display name and source address. When spear-phishing attacks are successful, cybercriminals gain access to users' credentials. To simulate a spear-phishing attack In the Security & Compliance Center, choose Threat management > Attack simulator. Specify a meaningful campaign name for the attack. Specify the target recipients. This can be individuals or groups in your organization. A targeted recipient must have an Exchange Online Mailbox in order for the attack to be successful. Compose the phishing email message. Enter text for the From (Name) field. This is the field that shows in the Display Name in the receiving email client. Enter text or the From field. This is the field that shows as the email address of the sender in the receiving email client. Important: You can enter an existing email namespace within your organization (doing this will make the email address actually resolve in the receiving client, facilitating a very high trust model), or you can enter an external email address. The email address that you specify does not have to actually exist, but it does need to following the format of a valid SMTP address, such as email@example.com. Using the drop-down selector, select a Phishing Login server URL that reflects the type of content you will have within your attack. Several themed URLs are provided for you to choose from, such as document delivery, technical, payroll etc. This is effectively the URL that targeted users are asked to click. Enter text for the Subject field. This is the field that shows as the Subject Name in the receiving email client. Next enter the content for the Email body that the target will receive. This content must in HTML format. You can craft the HTML directly in the Email body field itself or cut and paste from another HTML editor. There are two important fields for inclusion in the HTML: The HTML formatting can be as complex or basic as your campaign needs. As it is HTML, you can insert images and text to enhance believability. You have control on what the received message will look like in the receiving email client. Choose Finish to launch the attack. The Spear Phishing email message is delivered to your target recipients' mailboxes. Password-spray attack A password spray attack against an organization is typically used after a bad actor has successfully enumerated a list of valid users from the tenant, utilizing their knowledge of common passwords used. It is utilized widely as it is a cheap attack to run, and harder to detect than brute force approaches. This attack focuses on letting you specify a common password against a large target base of users. To simulate a password-spray attack In the Security & Compliance Center, choose Threat management > Attack simulator. Specify a meaningful campaign name for the attack. Specify the target recipients. This can be individuals or groups in your organization. A targeted recipient must have an Exchange Online Mailbox in order for the attack to be successful. Specify a password to use for the attack. For example, one common, relevant password you could try is Fall2017. Another might be Spring2018, or Password1. Choose Finish to launch the attack. Brute-force password attack A brute-force password attack against an organization is typically used after a bad actor has successfully enumerated a list of key users from the tenant. This attack focuses on letting you specify a set of passwords against a single user. To simulate a brute-force password attack In the Security & Compliance Center, choose Threat management > Attack simulator. Specify a meaningful campaign name for the attack. Specify the target recipient. A targeted recipient must have an Exchange Online Mailbox in order for the attack to be successful. Specify a set of passwords to use for the attack. For example, one common, relevant password you could try is Fall2017. Another might be Spring2018, or Password1. Choose Finish to launch the attack. Related topics Office 365 Threat Intelligence
The US Department of Homeland Security (DHS), Federal Bureau of Investigation (FBI) and the UK’s National Cyber Security Centre (NCSC) are urging everyone to update and secure their network infrastructure devices. They reported this week that since at least 2015 Russia has been undertaking a concerted effort to compromise networking equipment (Wi-Fi routers, firewalls, etc.) and Internet of Things (IoT) devices (like smart refrigerators, smart thermostats and most anything else that’s called “smart” these days). Their goal is more than just good old-fashioned spying. By compromising potentially millions of devices, Russia is creating a strategic foothold cross US networks that will allow them to launch dedicated denial of service attacks and steal intellectual property from within our borders. It’s easier to stop cyberattacks when they’re originating from a specific geographic area outside of the US, but if the attacks are coming from countless devices from within the US, it gets more difficult. Seriously, update that router So if you still haven’t taken the time to update your router and anything else in your home and business despite last year being an extremely active year marked by several attacks that exploit routers, take the time to do it now. There are some simple steps to updating you router and securing it with a password, that are sufficient for home offices and very small businesses. However, if you have any complexity past a single access point, you may run into trouble. At this point I’d plug our services in that regard. Fixing a companies Wi-Fi network is one of the most satisfying things we do, because it’s a modest investment with huge payoffs. But that’s not what this article is about. It’s about appealing to you, the reader, to not just secure your Wi-Fi for your own sake (which can be an existential matter for a business) but do it for everyone’s sake. The more networks that Russia, or any hostile actor can compromise, the more destructive they can be. If your router is compromised, you may be paying the electric bill for what is essentially hostile foreign base of operations in a cyber war. Rarely do we equate good IT practices with patriotic duty, but there it is.
The ability to reset one's own password for business email may not seem that important for your ...
The ability to reset one's own password for business email may not seem that important for your organization's cyber security and budget, but it actually matters more than you think. After all, resetting your own password isn't a new thing. Almost any website that requires you to log in with a username and password also gives you the opportunity to reset your password without having to call or email into a support desk. Even though it has been around for a few years now, Self Service Password Reset was not always a feature in Office 365 and that could be the reason why so few organizations know about or utilize it. I spoke with Steve Cornell, our Service Desk Manager, about Self Service Password Reset in our livestream on 4/24. You can watch the recorded version on the left (don't forget to like and subscribe!). During this livestream, Steve and I discussed the many benefits of using SSPR and gave a quick walkthrough of the initial setup. Even though this is enabled by default for our clients, unless end-users complete the process shown in the video, then they will not be able to reset their own password. So, if you are an admin reading this, make sure your users follow through. Why bother? Well, password reset requests account for 20% of all IT organizations' support calls. Not only that, but it also leads to an improved end-user experience because users no longer have to wait for the Support Desk to get back to them. So instead of being locked out of their accounts for a few hours or even days, end-users have the power to get back into their account without delay. As for the security side of things, SSPR takes the guess work out of authenticating the person on the other end of the phone. As we've discussed in previous blog posts, phishing is more prevelent than ever and attacks are getting increasingly more sophisticated. It only takes one misjudgement from the support desk engineer to compromise an account and possibly the entire organization. By factoring out the risk of human error and replacing it with SSPR authentication options, the security of the entire organization increases. The admin doesn't have to give up any control either; he or she still dictates the policy. From which authenticated methods are used to how many validations are required, the system is designed to let only the right person in. Speaking of authentication methods, there are currently four options to choose from: Send a text message to a validated mobile phone. Make a phone call to a validated mobile or office phone. Send an email to a validated secondary email account. Answer their security questions. If you are an end-user and don't see one of these options when you go to reset your password, it's because your admin has not enabled it. I should also note that right after our livestream completed, a viewer wrote to us and said their SSPR was not working. After investigating we found the viewer's organization is using their on-premise Active Directory and not Azure Active Directory. If you don't know what any of that means, don't worry. It just means their passwords are not controlled in Office 365 and therefore SSPR does not work for them (actually we could upgrade their licenses and enable a password-writeback policy, but that's a completely different blog post altogether). For most organizations though, SSPR will work as intended.
SeanPavonePhoto via Getty Images
SeanPavonePhoto via Getty Images Last month, Atlanta's city government was hit with a ransomware attack that caused courthouse documents and services like payment processing to become inaccessible. The ransom demand was approximately $51,000 but according to the city's Department of Procurement, Atlanta has spent much more than that on efforts to rectify the situation. It appears that firms Secureworks and Ernst & Young were paid $650,000 and $600,000, respectively, for emergency services while Edelman was paid $50,000 for crisis communication services. Overall, the funds seemingly applied to the ransomware attack response add up to approximately $2.7 million. Atlanta .gov ransomware attack costs pic.twitter.com/xgQEpbeZPZ — Ryan Naraine (@ryanaraine) April 23, 2018 It's unclear whether Atlanta paid or tried to pay the ransom, but evidence suggests city officials didn't attempt to or were unsuccessful. The affected services are still not fully up and running and ahead of the ransom deadline, the attackers took down the communication portal that would have been used to pay the fee. The question of whether to pay a ransom or not isn't always an easy one to answer. Agencies like the FBI typically discourage paying these types of ransoms, with one reason being it might encourage attackers to keep doing what they're doing. But not everyone agrees with that reasoning. "Refusing to pay a ransom is unlikely to demotivate cybercriminals from conducting further attacks, as they will always find someone else to pay," Ilia Kolochenko, CEO of cybersecurity firm High-Tech Bridge, told SecurityWeek. But another city's chief information security officer told SecurityWeek that there are other reasons not to pay up. "Unless paying the ransom provided details of how they were breached, what would it really get them?" he said. "Firstly, they don't know if they would actually get the decrypt keys. Secondly, they don't know if they would simply get hit again. And thirdly, it would only encourage more of the same kind of action." Relatedly, Secureworks has said that some groups hit with this same type of ransomware were asked to pay more after paying the initial amount. However, what's pretty clear is that Atlanta should have done more to protect its systems ahead of the attack. "The real lesson," said Kolochenko, "is for probably 10 to 20 percent of the cost of the emergency support, they could have brought in the same people to help with the same issues prior to the incident."