Infrastructure + Security: Noteworthy News (August, 2018)

Hi there! Stanislav Belov here to provide you with the next issue of the Infrastructure + Security: Noteworthy News series!  

As a reminder, the Noteworthy News series covers various areas, to include interesting news, announcements, links, tips and tricks from Windows, Azure, and Security worlds on a monthly basis.

Microsoft Azure
Azure management groups now in general availability
Management groups allow you to organize your subscriptions and apply governance controls, such as Azure Policy and Role-Based Access Controls (RBAC), to the management groups. All subscriptions within a management group automatically inherit the controls applied to the management group. No matter if you have an Enterprise Agreement, Certified Solution Partner, Pay-As-You-Go, or any other type of subscription, this service gives all Azure customers enterprise-grade management at a large scale for no additional cost.
Azure File Sync is now generally available!
Azure File Sync replicates files from your on-premises Windows Server to an Azure file share. With Azure File Sync, you don’t have to choose between the benefits of cloud and the benefits of your on-premises file server – you can have both! Azure File Sync enables you to centralize your file services in Azure while maintaining local access to your data.
New customizations in Azure Migrate to support your cloud migration
Azure Migrate discovers servers in your on-premises environment and assesses each discovered server’s readiness to run as an IaaS VM in Azure. In addition to Azure readiness, it helps you identify the right VM size in Azure after considering the utilization history of the on-premises VM.
Windows Server
Everything you need to know about Windows Server 2019

You should know by now that Windows Server 2019 is available as a preview in the Windows Insiders program. In the last few months, the Windows Server team has been working tirelessly on some amazing new features. We wanted to share the goodness that you can expect in the product through a series of blog posts. This is the first in the series that will be followed by deep-dive blog posts by the engineering experts. Part 1, Part 2.

Windows Client
Windows 10 Servicing and In-Place Upgrades In Microsoft SCCM

In this video guide, we will be covering how you can manage Windows as a service using System Center Configuration Manager. This video will cover deploying Windows 10 Upgrades using the software updates feature for Windows 10 Upgrades. We will also review how you could use task sequences and operating system upgrade packages to upgrade Windows 10 with to allow custom actions. This will cover how to service (upgrade) existing Windows 10 machines to the latest builds as well of upgrade Windows 7 to Windows 10 using an in-place upgrade task sequence.

Security
Respond to threats faster with Security Center’s Confidence Score

Azure Security Center provides you with visibility across all your resources running in Azure and alerts you of potential or detected issues. The volume of alerts can be challenging for a security operations team to individually address. Due to the volume of alerts, security analysts have to prioritize which alerts they want to investigate. Investigating alerts can be complex and time consuming, so as a result, some alerts are ignored.

Reduce your exposure to brute force attacks from the virtual machine blade
Attackers commonly target open ports on Internet-facing virtual machines (VMs), spanning from port scanning to brute force and DDoS attacks. In case of a successful brute force attack, an attacker can compromise your VM and establish a foothold into your environment. Once an attacker is in your environment, he can profit from the compute of that machine or use its network access to perform lateral attacks on other networks.
Cybersecurity threats: How to discover, remediate, and mitigate
Constantly evolving threats to your company data can cause even the most conscientious employee to unknowingly open infected files or click on malicious web links. Security breaches are inevitable. You need to discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches. Many common types of threats target attack vectors such as email, network endpoints, and user credentials. In this blog, we explain how Microsoft 365 threat protection solutions interoperate threat detection across these attack vectors.
Protecting the protector: Hardening machine learning defenses against adversarial attacks
Harnessing the power of machine learning and artificial intelligence has enabled Windows Defender Advanced Threat Protection (Windows Defender ATP) next-generation protection to stop new malware attacks before they can get started – often within milliseconds. These predictive technologies are central to scaling protection and delivering effective threat prevention in the face of unrelenting attacker activity.
How Microsoft 365 Security integrates with the broader security ecosystem
Last year at Inspire, we announced Microsoft 365, providing a solution that enables our partners to help customers drive digital transformation. One of the most important capabilities of Microsoft 365 is securing the modern workplace from the constantly evolving cyberthreat landscape. Microsoft 365 includes information protection, threat protection, identity and access management, and security management—providing in-depth and holistic security.
Email Phishing Protection Guide – Enhancing Your Organization’s Security Posture
The Email Phishing Protection Guide is a multi-part blog series written to walk you through the setup of many security focused features you may already own in Microsoft Windows, Microsoft Office 365, and Microsoft Azure. By implementing some or all of these items, an organization will increase their security posture against phishing email attacks designed to steal user identities. This guide is written for system administrators with skills ranging from beginner to expert.
Attack inception: Compromised supply chain within a supply chain poses new risks
A new software supply chain attack unearthed by Windows Defender Advanced Threat Protection (Windows Defender ATP) emerged as an unusual multi-tier case. Unknown attackers compromised the shared infrastructure in place between the vendor of a PDF editor application and one of its software vendor partners, making the app’s legitimate installer the unsuspecting carrier of a malicious payload. The attack seemed like just another example of how cybercriminals can sneak in malware using everyday normal processes.
Protecting the modern workplace from a wide range of undesirable software
To protect our customers from the latest threats, massive amounts of security signals and threat intelligence from the Microsoft Intelligent Security Graph are processed by security analysts and intelligent systems that identify malicious and other undesirable software. Our evaluation criteria describe the characteristics and behavior of malware and potentially unwanted applications and guide the proper identification of threats. This classification of threats is reflected in the protection delivered by the Windows Defender Advanced Threat Protection (Windows Defender ATP) unified endpoint security platform.
Vulnerabilities and Updates
System Center 1807 available now

Earlier this year, we added a semi-annual release cadence to System Center so that we can bring new capabilities to customers at a faster pace. We made the first semi-annual release, System Center 1801, available on February 8, 2018. Semi-Annual Channel releases have an 18-month support policy. In addition, we will continue to release in the Long-Term Servicing Channel (LTSC). The LTSC will continue to provide 5 years of mainstream support followed by 5 more years of extended support. Keeping with the promise of feature updates in each Semi-Annual Channel (SAC) release, today we are delighted to announce the release of System Center 1807.

Exchange 2010 SP3 RU23 Released

August 2018 update cycle contains a security advisory bulletin for Exchange 2010. Due to the way that Exchange 2010 is serviced, security updates are released as a new update rollup (RU). Separate updates were also released for Exchange 2013 and Exchange 2016.

Update 1806 for Configuration Manager current branch is now available

With the 1806 update for Configuration Manager current branch, we continue to invest in providing cloud powered value to your existing Configuration Manager implementation with additional co-management workloads and simplified cloud services. We’re also very excited to announce a powerful new capability that we call CMPivot, building off our real-time script capability. CMPivot is a new in-console utility that provides access to real-time state of devices in your environment.

Support Lifecycle
Announcing new options for SQL Server 2008 and Windows Server 2008 End of Support

It’s incredible how much and how rapidly technology evolves. Microsoft’s server technology is no exception. We entered the 2008 release cycle with a shift from 32-bit to 64-bit computing, the early days of server virtualization and advanced analytics. Fast forward a decade, and we find ourselves in a full-blown era of hybrid cloud computing with exciting innovation in data, artificial intelligence, and more.

Microsoft Premier Support News
Check out Microsoft Services public blog for new Proactive Services as well as new features and capabilities of the Services Hub, On-demand Assessments, and On-demand Learning platforms.