Thibault Chatiron

Improved bulk detection and updated bulk complaint level recommendations

As part of ongoing improvements to bulk email filtering in Microsoft Defender for Office | Exchange Online Protection, Microsoft is refining our detection capabilities by recalibrating and redistributing bulk senders across different bulk complaint levels (BCL). This would automatically make the current bulk thresholds slightly more aggressive. As a consequence, Microsoft is updating bulk threshold for standard …

Change to data classification for Copilot usage information in the Microsoft 365 admin center and Viva Insights

Customers are no longer required to have optional diagnostic data enabled as a prerequisite for the active usage metrics currently displayed in the Microsoft 365 Copilot usage report in the admin center and a subset of the metrics displayed in the Microsoft Copilot Dashboard in Viva Insights. The data that powers these metrics has been …

Power Platform – Prevent data exfiltration by securing app access feature – public preview

Microsoft is announcing that the prevent data exfiltration by securing app access feature will be available for public preview starting on October 7, 2024. How does this affect me?This feature will allow admins and makers to protect against data exfiltration by controlling what apps can be run in your Dataverse environment. This feature will help to prevent …

Exchange Online token deprecation plan

If your tenant uses legacy Exchange Online tokens, they will be deprecated and Outlook add-ins that still use them will break when tokens are turned off. NOTE: This change only applies to Exchange Online; add-ins used in on-premises environments are not impacted by this change. Recommended actions: When will Microsoft turn off legacy Exchange Online …

Device-based Conditional Access to M365/Azure resources on Red Hat Enterprise Linux is GA

In Microsoft Entra ID, device-based Conditional Access to Microsoft 365 and Microsoft Azure resources on Red Hat Enterprise Linux will be generally available. When this will happen: General Availability (Worldwide): Microsoft will begin rolling out mid-August 2024 and expect to complete by late August 2024. How this will affect your organization: r> This release extends support …

Microsoft Entra ID: Attacker in the Middle detection alert in ID Protection is GA

The Attacker in the Middle detection will be Generally Available for users in Microsoft Entra ID Protection. When this will happen: General Availability (Worldwide): Microsoft will begin rolling out mid-August 2024 and expect to complete by late August 2024. How this will affect your organization: This high-precision detection will be triggered on a user account …

Insider Risk Management: Exfiltration of business sensitive data to free public domain emails

Microsoft Purview Insider Risk Management will roll out exfiltration of business sensitive data to free public domain emails. When this will happen: General Availability: available since July 2024. How this will affect your organization: We are enhancing the existing email insight alerts to provide additional information when business sensitive data is potentially leaked from a …

Microsoft Defender for Office 365: Introducing Bulk Senders Insight to optimize bulk email management for enterprises

Bulk emails play a crucial role in modern enterprise communications. Determining the right balance of these messages—what should be allowed and what should be blocked—poses a significant challenge. Many organizations default to standard settings, often leading to issues like false positives (FP) and false negatives (FN) in email. With Bulk Senders Insight in Microsoft Exchange Online Protection …

Information Protection: Improved Data Loss Prevention policy tips

Through Microsoft Purview | Information Protection, and for greater consistency and reliability, Microsoft Word, Excel, and PowerPoint for Windows will soon display the same Data Loss Prevention policy tips that admins have set in their tenants for files on Microsoft SharePoint Online and Microsoft OneDrive sites. When this will happen: General Availability (Worldwide): Microsoft will …

Microsoft Copilot for Microsoft 365: Apply suggestions for Coaching by Copilot in Microsoft Outlook

Coaching by Copilot for Microsoft Outlook email client now offers users the option to apply the coaching feedback and rewrite their email draft simply by using an Apply All button. When this will happen: Public Preview: Microsoft will begin rolling out late August 2024 and expect to complete by late September 2024. General Availability: Microsoft will begin …

Microsoft Defender for Office 365: Four override alerts retire in August 2024

Microsoft Defender for Office 365 is retiring four legacy override alerts that are now mostly redundant due to Secure by default. With Secure by default, ZAP (zero-hour auto purge) blocks high confidence phishing emails by default despite the legacy overrides. The four alerts are: As part of the deprecation and rollout, When is the change? Microsoft plan to …

CrowdStrike issue impacting Windows endpoints causing an error message on a blue screen

Updated on July 20, 2024: Microsoft has released KB5042426, which contains step-by-step guidance for Windows Servers hosted on-premises that are running the CrowdStrike Falcon agent and encountering a 0x50 or 0x7E error message on a blue screen. Microsoft will continue to work with CrowdStrike to provide the most up-to-date information available on this issue. A new USB …

Modernized user-defined permissions experience for Word, Excel, and PowerPoint

There is a new experience for selecting which users should have which permissions when a sensitivity label configured for user-defined permissions is applied to a file in Microsoft 365 apps or when a user applies protection using standalone Information Rights Management. When this will happen: Preview (Worldwide, GCC): Microsoft will begin rolling out mid-July 2024 …

Microsoft Defender for Cloud Apps: Files page retires September 1, 2024

Microsoft will be retiring the Files page from Microsoft Defender for Cloud Apps on September 1, 2024. Information Protection policies can be created, modified and explored via the Policy Management page. You can explore malware files on the Policy Management page.

Use sensitivity labels in Microsoft 365 apps when connected experiences are disabled

Your organization can now disable connected experiences for privacy concerns without impacting data security policies, such as sensitivity labels. Services associated with Microsoft Purview (sensitivity labels, rights management, and so on) are no longer controlled by policy settings to manage privacy controls for Microsoft 365 apps. Instead, these services will rely on their existing security admin controls in Purview …

Decoupling Microsoft Purview Data Loss Prevention (DLP) Process form Microsoft Defender for Endpoint on Windows Devices

If you use a Firewall (Windows or 3rd party), non-Microsoft anti-malware, or application control solution and had to add the Microsoft Defender for Endpoint process to an allowlist to run, then an additional process (“MpDlpService.exe”) will need to be added to your allowlist. Starting June 2024, we will be decoupling the Microsoft Purview Data Loss …

New eDiscovery Hold reports

Coming soon: For Microsoft Purview, Microsoft will release a tenant-wide Hold report in eDiscovery (Premium). When this will happen: General Availability (Worldwide): Microsoft will begin rolling out mid-May 2024 and expect to complete by early June 2024. How this will affect your organization: The Hold report in eDiscovery (Premium) will let users with eDiscovery Administrator …

Enhanced content extraction and file type coverage for DLP on Windows devices

Microsoft Purview: Microsodt announced upcoming enhancements to Microsoft Purview Data Loss Prevention (DLP). With the forthcoming update, the capability to scan, classify, and protect sensitive content on Windows endpoint devices will be significantly expanded. The number of supported file types will increase from approximately 40 to over 100, aligning endpoint coverage with other platforms like …

Reported mailbox notifications messages subject change

Currently, in Microsoft Defender for Office 365, when a notification message is reported by an end user and arrives at the reporting mailbox, the subject lines begin with: Moving forward, the subject lines of notification messages reported by end users will start with This change is being made to ensure readability and enable you to create better …

Enhanced incident communication with DLP email templates

Coming soon for Microsoft Purview Data Loss Prevention (DLP): Enhance your DLP incident management with the new send email notification remediation action and customize email templates in Purview DLP and Defender. Use dynamic variables and tokens to easily create and maintain consistent and efficient email communications, complete with an audit trail. Utilize these email templates to take …

M	T	W	T	F	S	S
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30	31

Cookie	Duration	Description
__gads	1 year 24 days	The __gads cookie, set by Google, is stored under DoubleClick domain and tracks the number of times users see an advert, measures the success of the campaign and calculates its revenue. This cookie can only be read from the domain they are set on and will not track any data while browsing through other sites.
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.

Cookie	Duration	Description
ANONCHK	10 minutes	The ANONCHK cookie, set by Bing, is used to store a user's session ID and also verify the clicks from ads on the Bing search engine. The cookie helps in reporting and personalization as well.
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
MUID	1 year 24 days	Bing sets this cookie to recognize unique web browsers visiting Microsoft sites. This cookie is used for advertising, site analytics, and other operations.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.

Cookie	Duration	Description
_clck	1 year	No description
_clsk	1 day	No description
ApplicationGatewayAffinityCORS	session	No description available.
CLID	1 year	No description
GoogleAdServingTest	session	No description
LiSESSIONID	session	No description available.
LithiumUserInfo	past	No description
LithiumUserSecure	past	No description
LithiumVisitor	1 year	No description available.
original_req_url	past	No description
SM	session	No description available.
SRM_B	1 year 24 days	No description available.

Thibault CHÂTIRON

Improved bulk detection and updated bulk complaint level recommendations

Change to data classification for Copilot usage information in the Microsoft 365 admin center and Viva Insights

Power Platform – Prevent data exfiltration by securing app access feature – public preview

Exchange Online token deprecation plan

Device-based Conditional Access to M365/Azure resources on Red Hat Enterprise Linux is GA

Microsoft Entra ID: Attacker in the Middle detection alert in ID Protection is GA

Insider Risk Management: Exfiltration of business sensitive data to free public domain emails

Microsoft Defender for Office 365: Introducing Bulk Senders Insight to optimize bulk email management for enterprises

Information Protection: Improved Data Loss Prevention policy tips

Microsoft Copilot for Microsoft 365: Apply suggestions for Coaching by Copilot in Microsoft Outlook

Microsoft Defender for Office 365: Four override alerts retire in August 2024

CrowdStrike issue impacting Windows endpoints causing an error message on a blue screen

Modernized user-defined permissions experience for Word, Excel, and PowerPoint

Microsoft Defender for Cloud Apps: Files page retires September 1, 2024

Use sensitivity labels in Microsoft 365 apps when connected experiences are disabled

Decoupling Microsoft Purview Data Loss Prevention (DLP) Process form Microsoft Defender for Endpoint on Windows Devices

New eDiscovery Hold reports

Enhanced content extraction and file type coverage for DLP on Windows devices

Reported mailbox notifications messages subject change

Enhanced incident communication with DLP email templates

Thibault CHÂTIRON

Follow Blog via Email

Recent Posts

Categories

Archives