A new, modern, and secure print experience from Windows
Over the past year, the MORSE team has been working in collaboration with the Windows Print team to modernize the Windows Print System. This new design, called Windows Protected Print, is a redesign of the Windows Print system that greatly enhances user security.Security Baseline for M365 Apps for enterprise v2412
Microsoft is pleased to announce the release of the recommended security configuration baseline settings for Microsoft 365 Apps for enterprise, version 2412. Please download the content from the Microsoft Security Compliance Toolkit, test the recommended configurations, and implement as appropriate. This baseline builds on the previous Office baseline we released June 2023. The highlights of this baseline include: Added a new setting to Microsoft Project around blocking macros from the internet The recommended settings in this security baseline correspond with the administrative templates version 5473, released on 10/10/2024. Deployment options for the baseline IT Admins can apply baseline settings in different ways. Depending on the method(s) chosen different registry keys will be written and they will be observed in order of precedence: Office cloud policies will override ADMX/Group Policies which will override end user settings in the Trust Center. Cloud policies may be deployed with the Office cloud policy service for policies in HKCU. Cloud policies apply to a user on any device accessing files in Office apps with their AAD account. In Office cloud policy service, you can create a filter for the Area column to display the current Security Baselines, and within each policy's context pane the recommended baseline setting is set by default. Learn more about Office cloud policy service. ADMX policies may be deployed with Microsoft Endpoint Manager (MEM) for both HKCU and HKLM policies. These settings are written to the same place as Group Policy, but managed from the cloud in MEM. There are two methods to create and deploy policy configurations: Administrative templates or the settings catalog. Group Policy may be deployed with on premise AD DS to deploy Group Policy Objects (GPO) to users and computers. The downloadable baseline package includes importable GPOs, a script to apply the GPOs to local policy, a script to import the GPOs into Active Directory Group Policy, updated custom administrative template (SecGuide.ADMX/L) file, all the recommended settings in spreadsheet form and a Policy Analyzer rules file. GPOs included in the baseline Most organizations can implement the baseline’s recommended settings without any problems. However, there are a few settings that will cause operational issues for some organizations. We've broken out related groups of such settings into their own GPOs to make it easier for organizations to add or remove these restrictions as a set. The local-policy script (Baseline-LocalInstall.ps1) offers command-line options to control whether these GPOs are installed. "MSFT Microsoft 365 Apps v2412" GPO set includes “Computer” and “User” GPOs that represent the “core” settings that should be trouble free, and each of these potentially challenging GPOs: “DDE Block - User” is a User Configuration GPO that blocks using DDE to search for existing DDE server processes or to start new ones. “Legacy File Block - User” is a User Configuration GPO that prevents Office applications from opening or saving legacy file formats. "Legacy JScript Block - Computer" disables the legacy JScript execution for websites in the Internet Zone and Restricted Sites Zone. “Require Macro Signing - User” is a User Configuration GPO that disables unsigned macros in each of the Office applications. Block macros from running in Office files from the internet Microsoft Project now supports a configurable setting to block macros from running in Office files from the internet. To maintain consistency across applications the security baseline will enforce the default of Enabled. If you have questions or issues, please let us know via the Security Baseline Community or this post.Global Reader Role Creating Retention Policies in Purview Compliance: Bug or Intended Behaviour?
Did you know that a user with the Global Reader role in Purview Compliance can create and edit retention policies? Interestingly, while they can create and modify policies, they cannot delete them. The expected behaviour for a Global Reader is read-only access across Microsoft 365, without the ability to make any changes, including creating or editing policies. Has anyone else encountered this, and do you think this is a bug or an intended feature?Explore our latest Microsoft Security training on Microsoft Learn
Connect with popular security skill-building offerings and resources from Microsoft Ignite 2024 From simplifying infrastructure management and improving regulatory compliance to better navigating the modern cyberthreat landscape and building a security-first culture with AI, Ignite 2024 covered a ton of ground. Even if you didn’t join this year’s conference, you can explore expert content to inform and foster your security journey on our Security hub on Microsoft Learn. Designed for learners at all levels, the Security hub on Microsoft Learn is your go-to resource for security skill-building offerings, now easier to find, based on your interest and objectives. Find expert guidance aligned to your security journey. Whether you need to build foundational security skills, gain specialized knowledge, or prove your capabilities with Microsoft Credentials, get the guidance you need. Explore the latest resources organized by security focus area. Learn to understand advances in Zero Trust, identity and access, security operations, IT security, and much more. Connect with like-minded communities, partners, and other thought leaders. Join the conversation, and get inspired to level up your skills and knowledge. Validate your cloud skills with Microsoft Learn challenges According to research examined by Science Direct, gaining complementary AI skills can increase wages by an average of 21%. Starting November 19, 2024, at 4:00 PM (16:00) UTC and running through January 10, 2025 at 4:00 PM (16:00) UTC, you can unlock new AI skills the Microsoft Learn Challenge | Ignite Edition. The Challenge includes eight expert-led learning paths: Prepare for next generation data analytics with Microsoft Fabric: Accelerate your career as a data analytics professional. Learn how to connect, ingest, store, analyze, and report on data with Microsoft Fabric. Prepare for Exam DP-600 and your future as a Microsoft Certified Fabric Analytics Engineer. Build trustworthy AI solutions on Microsoft Azure: Gain knowledge on secure, reliable AI with Microsoft Azure. Learn responsible AI practices, content filtering, and model evaluation while mitigating risks to meet the highest safety standards. Innovate & secure your migration to Microsoft Azure: Learn how to migrate and manage your workloads with Microsoft Azure, tools, and services. Bring Azure innovation to your environment with improved scalability, security, and reliability. Create agents in Microsoft Copilot Studio: Learn how to migrate and manage your workloads with Microsoft Azure, tools, and services. Bring Azure innovation to your environment with improved scalability, security, and reliability. Microsoft 365 Copilot for administrators: Master Microsoft 365 Copilot security and compliance. Prepare data, configure tenants, assign licenses, drive user adoption, and optimize Copilot experiences with extensibility options. Secure your data in the age of AI: Learn to adapt security strategies for evolving AI tech. Protect endpoints, data, and apps with Microsoft Purview and Defender. Stay ahead in safeguarding your organization's AI infrastructure. Get started with Microsoft Copilot for Security: Learn how Copilot can help secure your organization at machine speed! Explore generative AI, understand Microsoft Security Copilot features, and gain skills to use in both embedded and stand-alone experiences. Build AI apps with Microsoft Azure services and best practices: Learn to build cloud-native AI apps, create back-end databases, and integrate Azure OpenAI services. Gain practical skills for scaling AI and develop AI solutions for your organization on Azure. Ready to level up on your AI skills journey? Register for the Microsoft Learn Challenge today. Prove your real-world technical expertise with our latest Microsoft Applied Skills Professionals focused on data security and threat protection can demonstrate and differentiate their expertise by earning these new Microsoft Applied Skills: Implement information protection and data loss prevention by using Microsoft Purview: Demonstrate your ability to implement Microsoft Purview Information Protection and DLP, and validate your ability to discover, classify, and protect sensitive data in Microsoft 365, effectively implementing data security by using Microsoft Purview. This assessment is particularly relevant for information protection and compliance administrators, in addition to security operations Analysts. Implement retention, eDiscovery, and Communication Compliance in Microsoft Purview: Earn this Applied Skill by proving your ability to implement retention, eDiscovery, Communication Compliance, and content search in Microsoft Purview. This could be an especially good fit for compliance administrators who are familiar with Microsoft 365 services and Microsoft Purview and have experience administering compliance in Microsoft 365. Defend against threats using Microsoft Defender XDR: Earn this credential by demonstrating your ability to use Microsoft Defender XDR to detect and respond to cyberthreats. Candidates for this credential should be familiar with investigating and gathering evidence about attacks on endpoints. They should also have experience using Microsoft Defender for Endpoint and Kusto Query Language (KQL). Take our most up-to-date Virtual Training Days for free No matter your security skill level, our free Microsoft Security Virtual Training Days will help you gain the technical skills and knowledge you need to enable employees to work securely and achieve more from anywhere. To keep pace with today’s fast-moving security landscape, we updated three of our most popular Virtual Training Days: Modernize your SecOps with Microsoft Sentinel: Learn how to deploy your Microsoft Sentinel SIEM instance, migrate your existing rules, and add content hub solutions including data connectors, analytic rules, hunting queries and workbooks. These solutions enable you to perform detections, investigations, incident management, and threat hunting. Additionally, you can learn how to optimize your security data to maximize your coverage and better manage costs. We will also demonstrate how Microsoft Security Copilot can help security operations teams to move faster with skills like guided response, natural language to KQL translation, and analysis of malicious scripts. Implement data security with Microsoft Purview: Learn how to discover sensitive data, identify critical data security risks, and dynamically tailor DLP controls using Microsoft Purview solutions including Information Protection, Data Loss Prevention, Insider Risk Management, and Adaptive Protection. The session will explore practical use cases for these products, demonstrating how they can secure AI applications and analyze organizational risks. You'll learn to protect data across generative AI tools like Microsoft Copilot for Microsoft 365 and third-party AI applications, implement dynamic protections to prevent data leaks, and ensure compliance in an AI-first world. Defend against threats with extended detection and response: Learn how to perform investigations and remediations with Microsoft Defender XDR and Defender for Endpoint. You will be introduced to the Unified Security Operations Platform (SIEM in XDR), and will see how to deploy the solution and use Microsoft Sentinel capabilities in Microsoft Defender XDR. Microsoft Sentinel SIEM in XDR topics also include SOC Optimization. They will perform advanced hunting using KQL queries, remediate security alerts, and perform detections, investigations, and threat hunting in Defender XDR. You will also learn how attack disruption works with incidents and alerts, and how to use Microsoft Security Copilot to investigate and perform incident management.AMA: Microsoft Defender for Cloud
Ask Microsoft Anything…about Microsoft Defender for Cloud and get your questions answered! Join our panel of experts to discuss our latest innovations announced at Microsoft Ignite, including Endor Labs integration for supply chain security, multiple posture management enhancements, and new container security features. This session is part ofTech Community Live: Microsoft Security edition. Add it to your calendar, select Attend for event reminders, and post your questions and comments below! This session will be recorded and available on demand shortly after conclusion of the live event.
