Infrastructure + Security: Noteworthy News (February, 2018)



AskPFEPlat is in the process of a transformation to the new Core Infrastructure and Security TechCommunity, and will be moving by the end of March 2019 to our new home at (hosted at Please bear with us while we are still under construction!

We will continue bringing you the same great content, from the same great contributors, on our new platform. Until then, you can access our new content on either as you do today, or at our new site Please feel free to update your bookmarks accordingly!

Why are we doing this? Simple really; we are looking to expand our team internally in order to provide you even more great content, as well as take on a more proactive role in the future with our readers (more to come on that later)! Since our team encompasses many more roles than Premier Field Engineers these days, we felt it was also time we reflected that initial expansion.

If you have never visited the TechCommunity site, it can be found at On the TechCommunity site, you will find numerous technical communities across many topics, which include discussion areas, along with blog content.

NOTE: In addition to the AskPFEPlat-to-Core Infrastructure and Security transformation, Premier Field Engineers from all technology areas will be working together to expand the TechCommunity site even further, joining together in the technology agnostic Premier Field Engineering TechCommunity (along with Core Infrastructure and Security), which can be found at!

As always, thank you for continuing to read the Core Infrastructure and Security (AskPFEPlat) blog, and we look forward to providing you more great content well into the future!


Hi there! Stanislav Belov is back to bring you the next issue of the Infrastructure + Security: Noteworthy News series! As a reminder, the Noteworthy News series covers various areas, to include interesting news, announcements, links, tips and tricks from Windows, Azure, and Security worlds on a monthly basis. Enjoy!

Microsoft Azure
Protect machines using managed disks between Azure regions using Azure Site Recovery
We are happy to announce that Azure Site Recovery (ASR) now provides you the ability to setup Disaster Recovery (DR) for IaaS VMs using managed disks. With this feature, ASR fulfills an important requirement to become an all-encompassing DR solution for all of your production applications hosted on laaS VMs in Azure, including applications hosted on VMs with managed disks.
Public preview: “What If” tool for Azure AD Conditional Access policies
We’ve received lot of feedback about the user impact of Conditional Access. Specifically, with this much power at your fingertips, you need a way to see how CA policies will impact a user under various sign-in conditions.
We heard you and released the public preview of the “What If” tool for Conditional Access. The What If tool helps you understand the impact of the policies on a user sign-in, under conditions you specify. Rather than waiting to hear from your user about what happened, you can simply use the What If tool.
Windows Server
Windows Defender Antivirus in Windows 10 and Windows Server 2016

Windows Defender Antivirus is a built-in antimalware solution that provides security and antimalware management for desktops, portable computers, and servers. This library of documentation is aimed for enterprise security administrators who are either considering deployment, or have already deployed and are wanting to manage and configure Windows Defender AV on PC endpoints in their network.

Windows Client
New OneDrive for Business feature: Files Restore
Files Restore is a complete self-service recovery solution that allows administrators and end users to restore files from any point in time during the last 30 days. If a user suspects their files have been compromised, they can investigate file changes and allow content owners to go back in time to any second in the last 30 days. Now your users and your administrators can rewind changes using activity data to find the exact moment to revert to.
Control the health of Windows 10-based devices
This article details an end-to-end solution that helps you protect high-value assets by enforcing, controlling, and reporting the health of Windows 10-based devices.
Windows Defender ATP support for Windows 7 and Windows 8.1
Starting this summer, customers moving to Windows 10 can add Windows Defender ATP Endpoint Detection & Response (EDR) functionality to their Windows 7, and Windows 8.1 devices, and get a holistic view across their endpoints.
How artificial intelligence stopped an Emotet outbreak
At 12:46 a.m. local time on February 3, a Windows 7 Pro customer in North Carolina became the first would-be victim of a new malware attack campaign for Trojan:Win32/Emotet. In the next 30 minutes, the campaign tried to attack over a thousand potential victims, all of whom were instantly and automatically protected by Windows Defender AV.
Cyber resilience for the modern enterprise
Many organizations are undergoing a digital transformation that leverages a mix of cloud and on-premises assets to increase business efficiency and growth. While increased dependence on technology is necessary for this transformation, and to position the business for success, it does pose risks from security threats. An organization cannot afford to wait until after users and systems have been compromised; it must be proactive. Microsoft helps multiple global enterprises mitigate business impact by offering prescriptive guidance, as well as partnering with them to build a cyber resiliency plan and roadmap.
Retire Those Old Legacy Protocols
There has been a lot of work by enterprises to protect their infrastructure with patching and server hardening, but one area that is often overlooked when it comes to credential theft and that is legacy protocol retirement. These legacy protocols were built when there wasn’t the understanding of security requirements that our modern enterprises need today. Attack Surface Reduction can be achieved by disabling support for insecure legacy protocols: TLS 1.0 and 1.1, SMBv1, LM/NTLMv1, Digest, etc.
Overview of Petya, a rapid cyberattack
In the first blog post of this 3-part series, we introduced what rapid cyberattacks are and illustrated how they are different in terms of execution and outcome. Next, we will go into some more details on the Petya (aka NotPetya) attack.
Vulnerabilities and Updates
Update 1802 for Configuration Manager Technical Preview Branch – Available Now!
We are excited to let you know that update 1802 for the Technical Preview Branch of System Center Configuration Manager has been released. Technical Preview Branch releases give you an opportunity to try out new Configuration Manager features in a test environment before they are made generally available.
Inside the MSRC – The Monthly Security Update Releases
So how do we decide what goes into a monthly security release? That decision largely rides on required customer action and risk. Required customer action is realized through products where customers need to take action to protect themselves against a vulnerability. For consumers, protection is accomplished through automatic updates.
Support Lifecycle
Changes to Office and Windows servicing and support
On Thursday, February 1, 2018, Microsoft made an announcement that includes, among other things, information regarding support End of Life for the Windows 7 Operating System.
Microsoft Premier Support News
A new service, Security: Cloud App Security – Fundamentals leverages Microsoft Services experience to help customers quickly and efficiently begin productive use of Microsoft Cloud App Security (MCAS). The MCAS service helps you gain visibility and control over cloud apps in use, and detect and limit data leaving the organization uncontrolled. This offering provides you with education and assistance with MCAS setup, features and capabilities, and recommended practices.
Three new Onboarding services have been released – On-Demand Assessment – Windows Client: Remote Engineer, OnDemand Assessment – Windows Client: Onsite Engineer and On-Demand Assessment – Exchange Server: Onsite Engineer.
On-Demand Assessments are the latest generation of assessments hosted on the Operations Management Suite (OMS) platform. Getting help from Microsoft when you need it just got easier than ever before. By sharing a workspace with your Microsoft Engineer using OMS, you will have a secure and efficient way of sharing data to resolve your issues faster. OMS automatically collects and provides the answers that Microsoft Support needs to get you back to your business as quickly as possible, whether you are in the cloud or on-premises. With OMS, tasks can run in the background to provide Microsoft Support with the information they need to get you back up and running faster.