Microsoft Support & Discussions

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide.

The use of Transport Layer Security (TLS) encryption for data in transit is a common way to help ensure the confidentiality and integrity of data transmitted between devices, such as a web server and a computer. However, in recent years older versions of the protocol have been shown to have vulnerabilities, and therefore their use should be deprecated. We have been recommending the use of TLS 1.2 and above for some time. To help provide guidance, we are pleased to announce the release of the Solving the TLS 1.0 Problem, 2nd Edition white paper. The goal of this document is to provide the latest recommendations that can help remove technical blockers to disabling TLS …

Artificial intelligence (AI) and machine learning are making a big impact on how people work, socialize, and live their lives. As consumption of products and services built around AI and machine learning increases, specialized actions must be undertaken to safeguard not only your customers and their data, but also to protect your AI and algorithms from abuse, trolling, and extraction. We are pleased to announce the release of a research paper, Securing the Future of Artificial Intelligence and Machine Learning at Microsoft, focused on net-new security engineering challenges in the AI and machine learning space, with a strong focus on protecting algorithms, data, and …

To meet users expectations for security when using a product or cloud service, security must be an integral part of all aspects of the lifecycle. We all know this, and yet time has proven that this is far easier said than done because there is no single approach nor silver bullet that works in every situation. However, Microsofts long commitment to security has demonstrated that there are a number of security practices that have survived the passage of time, and when applied flexibly in harmony with many approaches, will improve the security of products or cloud services. We are sharing the results of our experiences through our new Security Engineering website, whic…

The Cybersecurity Tech Accords upcoming webinar and the importance of public-private partnership Today, cyberattacks from increasingly sophisticated actors threaten organizations across every sector, and whether a Fortune 500 company or a local bakery, organizations of all sizes need to take steps to limit the dangers posed by these threats. This is the core of cybersecurity risk managementunderstanding potential threats and actively working to mitigate them. But while organizations large and small should protect themselves against such threats, the owners and operators of critical infrastructure have a unique additional obligation to understand risks and improve the…

In todays threat landscape, boards of directors are more interested than ever before in their company’s cybersecurity strategy. If you want to maintain a boards confidence, you cant wait until after an attack to start talking to them about how you are securing the enterprise. You need to engage them in your strategy early and oftenwith the right level of technical detail, packaged in a way that gives the board exactly what they need to know, when they need to know it. Cyberattacks have increased in frequency and size over the years, making cybersecurity as fundamental to the overall health of the business as financial and operational controls. Todays boards of direct…

The Top 10 actions to secure your environment series outlines fundamental steps you can take with your investment in Microsoft 365 security solutions. In Step 4. Set conditional access policies, youll learn how to control access to your apps and corporate resources using conditional access policies, and how these policies can block legacy authentication methods and control access to SaaS apps. In todays workplace, users can work from anywhere, on any device. Whether using a company-provided laptop at the office, working from home, traveling for business, or using a personal mobile phone, employees expect to seamlessly access what they need to get work done. While the…

Introduction Hyper-V is the backbone of Azure, running on its Hosts to provide efficient and fair sharing of resources, but also isolation. That’s why we, in the vulnerability research team for Windows, have been working in the background for years now helping secure Hyper-V. And why Microsoft invites security researchers across the globe to submit their vulnerabilities through the Hyper-V Bounty Program for payment of up to $250,000 USD.

Todays post was written by Sue Bohn, Director of Program Management at Microsoft, and Simon Cheng, who is responsible for Identity and Access Management at lululemon. Happy New Year and welcome to the next installment of the Voice of the Customer blog series. My name is Sue Bohn and I am the director of Program Management for Identity and Access Management. Im really excited about our next blog in this series. Last time, we featured The Walsh Group. Today, I am sharing a story from lululemon, who really inspired me to think more broadly about what you can achieve when you step back and look at where you want to go. Simon Cheng, responsible for Identity and Acces…

Today, a single breach, physical or virtual, can cause millions of dollars of damage to an organization and potentially billions in financial losses to the global economy. Each week seems to bring a new disclosure of a cybersecurity breach somewhere in the world. As we look at the current state of cybersecurity challenges today, we see the same types of attacks, but the sophistication and scope of each attack continues to grow and evolve. Add to these the threats of nation-state actors seeking to disrupt operations, conduct intelligence gathering, or generally undermine trust. You can download the Cyber Defense Operations Center strategy brief to gain more insight into…

Today, a single breach, physical or virtual, can cause millions of dollars of damage to an organization and potentially billions in financial losses to the global economy. Each week seems to bring a new disclosure of a cybersecurity breach somewhere in the world. As we look at the current state of cybersecurity challenges today, we see the same types of attacks, but the sophistication and scope of each attack continues to grow and evolve.

This blog post was authored by Vinicius Apolinario, Senior Product Marketing Manager, Windows Server. Updated on January 17, 2019:The Windows Server 2019 evaluation media is now available at the Evaluation Center. On October 2, 2018, we announced the availability of Windows Server 2019 and Windows Server, version 1809. Later that week, we paused the rollout of these new releases to investigate isolated reports of users missing files after updating to the latest Windows 10 feature update. We take any case of data loss seriously, so we proactively removed all related media from our channels as we started investigation of the reports and have now fixed all known re…

This blog post was authored byJoel Frauenheim, Principal Program Manager, Windows Servicing and Delivery. Starting with the November 13, 2018 Update Tuesday, Windows will again publish Express updates for Windows Server 2016. Express updates for Windows Server 2016 stopped in mid-2017 after a significant issue was found that kept the updates from installing correctly. While the issue was fixed in November 2017, the update team took a conservative approach to publishing the Express packages to ensure most customers would have the November 14, 2017 update (KB 4048953) installed on their server environments and not be impacted by the issue. System administrators fo…

This blog post was authored by Sue Hartford, Senior Product Marketing Manager, Windows Server. Dont let the name fool you. Azure Site Recovery (ASR) can be used as an Azure migration tool for 30 days at no charge. It has been used for years to support migration of our 64-bit versions of Windows Server, and we are pleased to announce it now supports migration of Windows Server 2008 32-bit applications to Azure Virtual Machines. This is good news for organizations that wish to take advantage of the new 2008 End of Support option to get three additional years of Extended Security Updates for free in Azure. The 2008 and 2008 R2 versions of Windows Server will reach …

This blog post was co-authored by Jonathan Federico, Product Marketing Manager, Desktop Virtualization and Christian Montoya, Program Manager, RDS. We released the newest version of Remote Desktop Services (RDS), RDS 2019, on October 2, 2018. RDS 2019 builds on the strong foundation of RDS 2016, letting you rapidly deploy on-premises or in the cloud. RDS 2019 is generally available with Windows Server 2019. RDS 2019 will give customers the opportunity to leverage fantastic enhancements that make it the optimal version of RDS, to date, with several areas of innovation to improve the administrative and client experiences. We brought innovation centered around…

This blog post was authored by Vinicius Apolinario, Senior Product Marketing Manager, Windows Server. Its hard to believe Ignite 2018 is now behind us. Last week at Ignite, we announced Windows Server 2019 and talked about the new hybrid, security, application platform, and hyper-converged infrastructure capabilities. Today, we are making it available for download. If you are a Windows Server customer with valid Software Assurance, you can download Windows Server 2019 on the Volume Licensing Service Center (VLSC). You can also download the evaluation version of Windows Server 2019 at the Evaluation Center. For customers running Windows Server on Azure…

This blog post was authored by Erin Chapple, Corporate Vice President, Windows Server. I am thrilled to be back at Ignite this year! Over the last two years, Ive had the pleasure to announce major releases of Windows Server. Two years ago, it was the launch of Windows Server 2016. Last year, it was the first release in the Semi-Annual Channel, Window Server, version 1709. This year is no different. Today, Im excited to announce that Windows Server 2019 will be generally available in October and we have updated Windows Admin Center, version 1809, to support Windows Server 2019 and Azure hybrid scenarios. Windows Server 2019 builds on the foundation of Windows Ser…

This blog post was authored by Vinicius Apolinario, Senior Product Marketing Manager, Windows Server. If youve been to Ignite before, you know its a busy week for the attendees. This year Ignite will have over 700 deep-dive sessions and over 100 expert-led and self-paced workshops aside from all the network-building activities. Building an agenda and focusing on the content and products that are valuable to you is extremely important, so you can make the most out of 5 these days. With that said, I wanted to provide an overview of the Windows Server presence at Ignite 2018! Breakout sessions by product team There are hundred of sessions around Windows Ser…

This blog post was co-authored by Samuel Li, Haley Rowland, Cosmos Darwin, and Daniel Lee, Program Managers, Windows Server. The momentum continues Its been an exciting debut year for Windows Admin Center, the next-generation graphical management for Windows Server. Our team is committed to helping you manage your Windows Server infrastructure and instances, wherever they run, more easily and more efficiently. This includes delivering a platform and core set of experiences that improve day-to-day Windows Server administration, as well as lighting up new functionality and scenarios to help your organization unlock the full power of the Microsoft cloud. In April…

This blog post was authored by Dean Wells, Principal Program Manager, Windows Server. In the preceding blogs, you were given a video-tour of some of the high-level advancements made in Windows Server 2019 that touched on areas such as the improvements made around hyper-converged infrastructure (HCI), hybrid capabilities such as Azure File Sync and Azure Site Recovery, our new administrative experience with the Windows Admin Center (WAC), and an array of pretty mind-blowing storage enhancements. In this article, well describe some of the principles that help guide our thinking when designing security solutions and delve into a few of the innovations and enhancements w…

This blog post was co-authored by Irina Pivovarova, Senior Program Managerand Vinicius Apolinario, Senior Product Marketing Manager, Windows Server. For more than a decade the Windows Server team has been releasing Windows Server editions tailored to meet the needs of small business environments. Windows Server 2016 Essentials is the current in-market edition of Windows Server made for small business and is available for companies with up to 25 users. As we started working on next version, Windows Server 2019, we looked closely on the impact of recent technology trends on small business customers. We observed that cloud computing, in addition to affecting how la…

The Microsoft Security Response Center (MSRC) is pleased to announce the launch of the Azure DevOps Bounty program, a program dedicated to providing rock-solid security for our DevOps customers. Starting January 17, 2019, we’re excited to offer rewards up to US$20,000 for eligible vulnerabilities in Azure DevOps online services and the latest release of Azure DevOps server. Azure DevOps is a cloud service for collaborating on code development, spanning the breadth of the development lifecycle to help developers ship software faster and with higher quality. The researcher community plays an essential role in keeping our customers secure, and we will review every …

Digital transformation and the transition to a modern workplace encourage employee engagement, productivity, and collaboration. This transition poses major challenges in protecting sensitive information. In the modern workplace, the perimeter between the corporate network and the cloud are fading. Sensitive data constantly travels between different locations and is often shared with others both inside and outside the organization. This significantly increases the attack surface and makes identifying, protecting, and monitoring sensitive data challenging. Additionally, the threat landscape is evolving. External adversaries and insider threats are becoming more sophist…

The Microsoft Security Response Center (MSRC) is pleased to announce the launch of the Azure DevOps Bounty program, a program dedicated to providing rock-solid security for our DevOps customers. Starting January 17, 2019, we’re excited to offer rewards up to US$20,000 for eligible vulnerabilities in Azure DevOps online services and the latest release of Azure DevOps server.

The Top 10 actions to secure your environment series outlines fundamental steps you can take with your investment in Microsoft 365 security solutions. In Step 3. Protect your identities, youll learn how to define security policies to protect individual user identities against account compromise and protect your administrative accounts. Whether or not you have experienced a security incident in the past, you probably know that its not a matter of if an attacker will successfully compromise your corporate resources, but when. This is what is meant by an assume breach mindset. Preventative measures are critical, but in an assume breach” world, so are detection and rapid…