Infrastructure + Security: Noteworthy News (August, 2017)

Hi there! Stanislav Belov here to introduce you to the new Infrastructure + Security: Noteworthy News series! Starting with this issue we are going to publish some interesting news, announcements, links, tips and tricks from Windows, Azure, and Security worlds on a monthly basis. Enjoy!

Microsoft Azure
How Azure Security Center helps protect your servers with Web Application Firewall

This blog post is for IT and security professionals interested in using Azure Security Center (ASC) to detect and protect Azure-based resources from SQL injection attacks among others. The goal of this post is to 1) explain how this well-known code injection occurs and 2) illustrate how ASC detects and resolves this attack to secure your IT resources.

Nested Virtualization in Azure
You can now enable nested virtualization using the Dv3 and Ev3 VM sizes. We will continue to expand support to more VM sizes in the coming months.
Detailed troubleshooting steps for remote desktop connection issues to Windows VMs in Azure
You may encounter a Remote Desktop error message that does not resemble any of the specific error messages covered in the basic Remote Desktop troubleshooting guide. Follow these steps to determine why the Remote Desktop (RDP) client is unable to connect to the RDP service on the Azure VM.
Microsoft Azure leads the industry in ISO certifications

Microsoft Azure recently completed a new set of independent third-party ISO and Cloud Security Alliance (CSA) audits. Azure leads the industry with the most comprehensive compliance coverage, enabling customers to meet a wide range of regulatory obligations.

Windows Server
Windows Server 2016 security guide (PDF)

We just published the Windows Server 2016 security guide which includes both guidance about general security for servers and of course specifics about the new security features in Windows Server 2016.

TLS 1.2 Support added to Windows Server 2008
Support for TLS1.1/TLS 1.2 on Windows Server 2008 is now available for download as of July 18, 2017.
Learn more about Special Groups
Special Groups is a new feature in Windows Vista and in Windows Server 2008 and supported through Windows 10 and Windows Server 2016. The Special Groups feature lets the administrator find out when a member of a certain group logs on to the computer.
Description of the Special Groups feature

Special Groups Auditing via Group Policy Preferences

Windows Client
Deploying Office 365 ProPlus with Microsoft Intune

Microsoft 365, a modern workplace solution that empowers everyone to be creative and securely work together, now includes the ability to deploy Office 365 ProPlus applications to Windows 10 devices from the cloud with Intune.

Microsoft to remove WoSign and StartCom certificates in Windows 10

Microsoft has concluded that the Chinese Certificate Authorities (CAs) WoSign and StartCom have failed to maintain the standards required by its Trusted Root Program. Microsoft will begin the natural deprecation of WoSign and StartCom certificates by setting a “NotBefore” date of September 26, 2017. Windows 10 will not trust any new certificates from these CAs after that date.

Measure computer reboot and logon times

Process Monitor has evolved over the years from several different tools, into a single, “must have” tool for a wide variety of troubleshooting scenarios.  One of the great capabilities of Process Monitor is its ability to capture a computer trace from very early in the computer startup process.

Security
Microsoft Security Intelligence Report (SIR), Volume 22

On Thursday August 17th at 8 am PST, Microsoft published volume 22 of the Microsoft Security Intelligence Report (SIR). The SIR is widely viewed as a credible, unparalleled source of information for IT professionals, security executives, governments, and the security industry at large, regarding the evolving threat landscape. The report contains security data from more than one billion systems worldwide, and is one of the most comprehensive reports in the industry. It includes just over 1,000 pages and threat assessments for 97 countries and regions. Volume 22 includes an in-depth analysis of the threat landscape from January through March 2017.

Moving Beyond EMET II – Windows Defender Exploit Guard

We recently introduced Windows Defender Exploit Guard (WDEG) which will complete our journey to incorporate all of the security benefits of EMET directly into Windows. This effort was significantly influenced by two insights that came up most frequently in our survey data, customer support calls, and conversations with EMET stakeholders and security enthusiasts.

Windows Defender Antivirus cloud protection service: Advanced real-time defense against never-before-seen malware

This blog continues the discussion in the white paper, “The evolution of malware protection,” detailing how Microsoft improves its capability to stop never-before-seen malware with new enhancements to the Windows Defender Antivirus cloud protection service.

Introducing Microsoft Advanced Threat Analytics v1.8!
We are pleased to announce the general availability of Microsoft Advanced Threat Analytics (ATA) v1.8. This is a key release for our customers with several new features and improvements. Cyberattacks continue to get more sophisticated, and so in turn, we must continue to tune our products and detections.
5 Reasons why Microsoft should be your cybersecurity ally

Here are five reasons why enterprises should consider partnering with Microsoft on cybersecurity:

  • Strong commitment to cybersecurity
  • Holistic security approach
  • Trust-aligned corporate mission
  • Leadership in cybersecurity best practice sharing
  • Deep customer interaction
Vulnerabilities and Updates
August 2017 security update release

Microsoft on August 8, 2017, released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on
automatic updates
as a best practice. More information about this month’s security updates can be found in the Security Update Guide.

Windows as a service: Simplified and Aligned

Microsoft is aligning our servicing models with twice-per-year feature update releases targeting March and September, and 18-month servicing timelines for each release.  While the first fully-aligned release will occur later this year with the Windows 10 Fall Creators Update release and a corresponding Office 365 ProPlus release, we got a head start with the Windows 10 1703 release (a.k.a. Creators Update), it marks the first of our semi-annual releases, each of which will be serviced for 18 months…

Support Lifecycle
Windows 10 version 1511 end of service for CB and CBB

Windows 10 version 1511 end of service for Current Branch (CB) and Current Branch for Business (CBB) will occur on October 10, 2017.

Windows 10 version 1511 will no longer receive security updates

After October 10, 2017, Windows 10 devices running version 1511 will no longer receive security and quality updates.

Microsoft Premier Support News
If your company has Microsoft Premier Support then you might be interested in learning some additional news:

  • A new assessment called Azure Networking Foundations for Hybrid Cloud has been released to help customer with their connectivity to Azure. In this assessment Microsoft network experts will conduct a technical review focusing on both On-premises and Azure network infrastructure as it relates to connectivity to Azure. The outcome includes network performance optimization, performance baselining and knowledge share to prevent any future issues and provide in-depth analysis and assessment for Azure related networking configurations​. Complete details about these changes are included under the Secure Infrastructure section below.
  • Two new WorkshopPLUS services have been released:
    • WorkshopPLUS – System Center Configuration Manager: Troubleshooting
    • WorkshopPLUS – Windows Server: Failover Cluster.