Infrastructure + Security: Noteworthy News (October, 2017)

Hi there! Stanislav Belov here to bring you the next issue of the Infrastructure + Security: Noteworthy News series!  

As a reminder, the Noteworthy News series covers various areas, to include interesting news, announcements, links, tips and tricks from Windows, Azure, and Security worlds on a monthly basis. Enjoy! 

Microsoft Azure
Azure mobile app

The Azure mobile app lets you stay connected with Azure even when you are on the go.  Over the last few months, we have been working closely with our customers to improve the Azure mobile app. And today, we are excited to share five more reasons why the Azure app is a must-have.

Announcing Azure Migrate
We are pleased to announce Azure Migrate, a new service that provides the guidance, insights, and mechanisms needed to assist you in migrating to Azure.

Using an appliance-based approach, Azure Migrate provides:

  • Discovery and assessment for on-premises virtual machines
  • Inbuilt dependency mapping for high-confidence discovery of multi-tier applications
  • Intelligent rightsizing to Azure virtual machines
  • Compatibility reporting with guidelines for remediating potential issues
  • Integration with Azure Database Management Service for database discovery and migration
Keep credentials out of code: Introducing Azure AD Managed Service Identity
A common challenge in cloud development is managing the credentials used to authenticate to cloud services. Today, I am happy to announce the Azure Active Directory Managed Service Identity (MSI) preview. MSI gives your code an automatically managed identity for authenticating to Azure services, so that you can keep credentials out of your code.
Overview of Azure Cloud Shell
Azure Cloud Shell is an interactive, browser-accessible shell for managing Azure resources. It gives you the flexibility of choosing the shell experience that best suits the way you work. Linux users can opt for a Bash experience, while Windows users can opt for PowerShell.
Windows Server
Windows Server, version 1709 available for download!
The Windows Server team is extremely excited as today marks the
availability
of the first release of Windows Server in the Semi-Annual Channel. Customers with Software Assurance are now able to download Windows Server, version 1709 from the VLSC portal and Azure customers can deploy VMs based on the image in the gallery. Customers from other clouds and Service Providers will also be able to deploy VMs as their vendors make it available.

The Semi-Annual Channel is designed for customers who are innovating quickly in applications as well as customers moving to a software-defined hybrid datacenter. Windows Server, version 1709 offers enhancements for application containers and microservices, new server management and more.

Windows Server Semi-Annual Channel overview
The Windows Server release model is offering a new option in order to align with similar release and servicing models for Windows 10 and Office 365 ProPlus. If you’ve been working with Windows 10 or Office 365 ProPlus, these improvements might already be familiar to you.
First look at updates coming to Remote Desktop Services
Check out this awesome video where Scott Manchester (Principal Group Program Manager, Remote Desktop Services) demonstrates the latest updates to RDS.
Introducing Project “Honolulu”, our new Windows Server management experience
Project “Honolulu” is the culmination of significant customer feedback, which has directly shaped product direction and investments. With support for both hybrid and traditional disconnected server environments, Project “Honolulu” provides a quick and easy solution for common IT admin tasks with a lightweight deployment.

This blog post continues our recent “sneak peek” series, and we highly recommend “Honolulu” as a graphical management solution for Windows Server, version 1709, and several other versions of Windows Server too!

Windows Client
Windows 10 Creators Update is the best version of Windows 10 ever
What makes Windows 10 Creators Update the best version of Windows 10 ever? Quality. Our dedicated focus on customer obsession – listening and responding to user and partner feedback – are key to the quality improvements in Windows 10. The top areas we consistently hear about through our feedback channels are around power, performance, and reliability. These fundamentals are key elements that users look for in a device and value because they impact their everyday use, like longer battery life, faster web browsing, streaming videos longer and device stability. Knowing these elements are important to a great user experience, we’ve continued to invest in these key areas to deliver an even better user experience with the Creators Update. As a result, the Creators Update is the most performant and reliable version of Windows 10 ever! I’m excited to share a number of improvements in fundamentals that Windows 10 devices enjoy after updating to the Creators Update from the Anniversary Update.
How to manage Office 365 with System Center Configuration Manager (Video)
System Center Configuration Manager (SCCM) has the ability to manage Office 365 client updates by using the Software Update management workflow. You can use Configuration Manager to update Office 365 ProPlus, Visio Pro for Office 365, Project Online Desktop Client, and Office 365 Business.
Security
Security baseline for Windows 10 “Fall Creators Update” (v1709)
Microsoft is pleased to announce the final release of the recommended security configuration baseline settings for Windows 10 “Fall Creators Update,” also known as version 1709, “Redstone 3,” or RS3. There are no changes from the draft release we published a few weeks ago.
Introducing Azure Advanced Threat Protection
Azure ATP fuses together unique machine learning algorithms, world-class security research, and the breadth and depth of the critical security data available to Microsoft as a major enterprise vendor. It will help protect from both known and unknown attack vectors, detecting threats early in the kill chain before they mature into actual damage.

Azure ATP brings the capabilities of our current on-premises behavioral analytics solution, Microsoft Advanced Threat Analytics (ATA), to the cloud. Building on the in-depth threat detection capabilities of ATA, Azure ATP will help our customers protect their identities across both their cloud and on-premises directories.

Automated Response for Windows Defender ATP
Windows Defender Advanced Threat Protection (ATP) will include automated investigation and remediation capabilities later this year. This takes enterprise security to a new level enabling our customers to move faster from device, data and insight to action against modern-day threats.
ATA Suspicious Activity Playbook
This playbook will walk through the credential theft attack techniques by using readily available research tools on the Internet. At each point of the attack we will show how Microsoft’s Advanced Threat Analytics (ATA) helps IT organizations gain visibility into these post-infiltration activities happening in their environments. Playbook has been updated to include the new ATA v1.8 capabilities.
How Microsoft Advanced Threat Analytics detects golden ticket attacks
A golden ticket is the name of a Kerberos ticket that is manually created by an attacker after gaining access to your environment’s encryption “master key”. A golden ticket allows an attacker to masquerade as any user or gain the permissions of any role at any time they want, giving them full control over your environment.

Being able to detect this kind of attack has historically been difficult, because the adversary is leveraging credentials with the same key your Active Directory uses.

The Threat of Ransomware: How to Protect Your System from Ransomware and other Malicious Cyber Attacks (Video)
The rise of ransomware and its media presence in recent months has highlighted, perhaps now more than ever, the importance of robust security systems to detect and respond to devious and evolving threats.

Join Lex Thomas as he welcomes back Paul Bergson to the show as they discuss some common ransomware tactics and how you can successfully defend your systems and data.

Security Incident Management in Microsoft Office 365 (PDF)
Microsoft works continuously to provide highly secure, enterprise-grade services for Office 365 customers. This document describes how Microsoft handles security incidents in Office 365. A security incident refers to any unlawful access to customer data stored on Microsoft’s equipment or in Microsoft’s facilities, or unauthorized access to such equipment or facilities that has the potential to result in the loss, disclosure, or alteration of customer data. Microsoft’s goals when responding to security incidents are to protect customer data and the Office 365 services.
Vulnerabilities and Updates
Windows Wireless WPA Group Key Reinstallation Vulnerability (aka KRACK WiFi)
A spoofing vulnerability exists in the Windows implementation of wireless networking. An attacker who successfully exploited this vulnerability could potentially replay broadcast and/or multicast traffic to hosts on a WPA or WPA 2-protected wireless network.

The security update has been released to address this vulnerability by changing how Windows verifies wireless group key handshakes.

October 2017 security update release
Microsoft on October 10, 2017, released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, Microsoft recommends they turn on automatic updates as a best practice. More information about this month’s security updates can be found in the Security Update Guide.
Support Lifecycle
Windows 10 version 1511 will no longer receive security updates

As a reminder, after October 10, 2017, Windows 10 devices running version 1511 will no longer receive security and quality updates. Microsoft recommends updating devices to the latest version of Windows 10 by visiting the Windows Security page.

Microsoft Premier Support News
The new WorkshopPLUS – SQL Server: Azure SQL Database Essentials is a 2 day course that provides you the knowledge and tools necessary to understand the capabilities and usage of cloud databases. This workshop will help you to get familiar with the Azure SQL Database concepts. It will also help you to learn how to migrate, manage, monitor and troubleshoot your Azure SQL Database solution. You can read more details about it under the Data Insights section below