Azure | Thibault Chatiron

Microsoft 365 admin center multifactor authentication enforcement

Implementing multi-factor authentication (MFA) in the Microsoft 365 admin center significantly reduces the risk of account compromise, prevents unauthorized access, and safeguards sensitive data. By adding an extra layer of protection beyond standard username and password authentication, MFA makes it harder for attackers to steal data and prevents unauthorized access from phishing, credential stuffing, brute …

Device-based Conditional Access to M365/Azure resources on Red Hat Enterprise Linux is GA

In Microsoft Entra ID, device-based Conditional Access to Microsoft 365 and Microsoft Azure resources on Red Hat Enterprise Linux will be generally available. When this will happen: General Availability (Worldwide): Microsoft will begin rolling out mid-August 2024 and expect to complete by late August 2024. How this will affect your organization: r> This release extends support …

Microsoft Entra ID: Attacker in the Middle detection alert in ID Protection is GA

The Attacker in the Middle detection will be Generally Available for users in Microsoft Entra ID Protection. When this will happen: General Availability (Worldwide): Microsoft will begin rolling out mid-August 2024 and expect to complete by late August 2024. How this will affect your organization: This high-precision detection will be triggered on a user account …

Modernized user-defined permissions experience for Word, Excel, and PowerPoint

There is a new experience for selecting which users should have which permissions when a sensitivity label configured for user-defined permissions is applied to a file in Microsoft 365 apps or when a user applies protection using standalone Information Rights Management. When this will happen: Preview (Worldwide, GCC): Microsoft will begin rolling out mid-July 2024 …

Microsoft Defender for Cloud Apps: Files page retires September 1, 2024

Microsoft will be retiring the Files page from Microsoft Defender for Cloud Apps on September 1, 2024. Information Protection policies can be created, modified and explored via the Policy Management page. You can explore malware files on the Policy Management page.

Decoupling Microsoft Purview Data Loss Prevention (DLP) Process form Microsoft Defender for Endpoint on Windows Devices

If you use a Firewall (Windows or 3rd party), non-Microsoft anti-malware, or application control solution and had to add the Microsoft Defender for Endpoint process to an allowlist to run, then an additional process (“MpDlpService.exe”) will need to be added to your allowlist. Starting June 2024, we will be decoupling the Microsoft Purview Data Loss …

Azure Information Protection Add-in for Office – it is the end

The Azure Information Protection (AIP) Unified Labeling add-in for Office is retired on April 11th, 2024. When this will happen: Important retirement milestones are: How this will affect your organization: To continue using sensitivity labels powered by Microsoft Purview Information Protection in Office applications, you must transition to the built-in labeling experience in Microsoft 365 …

[Public Preview] Support all Microsoft Defender for Cloud Apps users by Microsoft Defender XDR portal

As part of the transition to the Microsoft Defender XDR portal, the entire Microsoft Defender for Cloud Apps experience in the Microsoft 365 Defender XDR portal will be available for all supported by Defender for Cloud Apps admin roles. How this will affect your organization: For Public Preview customers, the entire Defender for Cloud Apps …

License enforcement for Microsoft Purview Information Protection for sensitivity labels

Microsoft Purview Information Protection helps organizations classify and protect their data while ensuring end user productivity. To apply a sensitivity label to documents, emails, meetings, groups, and sites manually, the following licenses are required for both the tenant admin and each end user: For both client and server-side automatic sensitivity labeling, the following licenses are …

Use double-key encryption to protect your most sensitive files and emails in Microsoft 365 Apps

Update of https://thibaultchatiron.fr/2023/07/31/use-double-key-encryption-to-protect-your-most-sensitive-files-and-emails-in-microsoft-365-apps/ To protect your most sensitive content, users of Microsoft 365 Apps can now use Double Key Encryption (DKE) for files and emails using the built-in labeling client. With DKE, Microsoft stores one key in Microsoft Azure and you hold the other key, ensuring that only you can ever decrypt protected content, under all circumstances. …

Authentication strength improvements to support passkeys

Conditional Access authentication strengths in Microsoft Entra ID will be improved to support registration of device-bound passkeys (defined at passkeys.dev) stored on computers, security keys, and mobile devices. When this will happen: Public Preview: Microsoft will begin rolling out early March 2024 and expect to complete by mid-March 2024. Worldwide: Microsoft will begin rolling out late …

Suspension of Azure Application Administrator role for Management of add-ins across Outlook, Word, Excel, and PowerPoint

Admins can manage add-ins across Outlook, Word, Excel, and PowerPoint from the Integrated Apps blade in the Microsoft 365 Admin Center. This capability is currently available to Global Administrators, Global Readers, Exchange Administrators, and Azure Application Administrators. Going forward, Microsoft is suspending capability for Azure Application Administrators from management of add-ins across Outlook, Word, Excel, and …

End of the Azure Information Protection Add-in for Office

Microsoft is retiring the Azure Information Protection (AIP) Unified Labeling add-in for Office on April 11th, 2024. When this will happen: The AIP Add-in for Office will be permanently disabled in Office after May 1st, 2024. How this will affect your organization: To continue using sensitivity labels powered by Microsoft Purview Information Protection in Office …

Prepare for device-bound passkeys in Microsoft Entra ID (changes to FIDO2 and Windows Hello for Business)

Update of Prepare for device-bound passkeys in Microsoft Entra ID (changes to FIDO2 and Windows Hello for Business) | Thibault Chatiron Beginning mid-February 2024, Microsoft Entra ID will support device-bound passkeys stored on computers and mobile devices as an authentication method in preview, in addition to the existing support for FIDO2 security keys. This enables your users …

Information Protection: Full File Evidence for all workloads in Activity Explorer

This new feature grants the user the capability to view the source link of the file associated with the activity flagged in Activity Explorer. When this will happen: Rollout will begin in late January 2024 and is expected to be complete by early February 2024. How this will affect your organization: Users can view the …

Data Loss Prevention – View-only mode for Data Loss Prevention and Information Protection Policies and Labels

This capability allows the admin with view-only restricted permissions to view the Data Loss Prevention and Information Protection policy configuration details without editing the policies or label configurations. When this will happen: Microsoft will begin rolling out in late December 2023 and complete by early February 2024. How this will affect your organization: 1. Assign …

Ability to change retention period on labels set to start retention based on “When items were labeled”

Previously, admins could not change the retention period set on existing labels configured to start retention from when items were labeled. This feature will remove this restriction, and the resulting behavior will be consistent with other retention label types. When this will happen: Rollout will begin in mid-January 2024 and is expected to be complete …

[Public Preview] Windows Autopatch Reliability Report

The Windows Autopatch Reliability report is a new feature that will be accessible in the Windows Autopatch Reports section of the Microsoft Intune admin center. This new report provides a calculated reliability score across update cycles based on the occurrences of stop code errors detected on managed devices. Scores are determined at both the service and tenant …

New Microsoft Defender Antivirus services on Windows Devices

Microsoft Defender Antivirus on Windows 10 and Windows 11 will be shipping with a new service: When this will happen: Microsoft will roll out to all rings (Current Channel (Preview), Current Channel (Staged) and Current Channel (Broad)) during the week of March 11th, 2024. How this will affect your organization: To enhance your endpoint security …

Changes to FIDO2 security key registration and sign-in experiences

During FIDO2 security key registration, Microsoft Entra ID users may see an operating system or browser-generated prompt for creating a passkey on another device, such as a phone or tablet. In some cases, a QR code is shown to facilitate this option. When this happens, the user needs to select “Use a different device” to …

M	T	W	T	F	S	S
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30	31

Cookie	Duration	Description
__gads	1 year 24 days	The __gads cookie, set by Google, is stored under DoubleClick domain and tracks the number of times users see an advert, measures the success of the campaign and calculates its revenue. This cookie can only be read from the domain they are set on and will not track any data while browsing through other sites.
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.

Cookie	Duration	Description
ANONCHK	10 minutes	The ANONCHK cookie, set by Bing, is used to store a user's session ID and also verify the clicks from ads on the Bing search engine. The cookie helps in reporting and personalization as well.
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
MUID	1 year 24 days	Bing sets this cookie to recognize unique web browsers visiting Microsoft sites. This cookie is used for advertising, site analytics, and other operations.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.

Cookie	Duration	Description
_clck	1 year	No description
_clsk	1 day	No description
ApplicationGatewayAffinityCORS	session	No description available.
CLID	1 year	No description
GoogleAdServingTest	session	No description
LiSESSIONID	session	No description available.
LithiumUserInfo	past	No description
LithiumUserSecure	past	No description
LithiumVisitor	1 year	No description available.
original_req_url	past	No description
SM	session	No description available.
SRM_B	1 year 24 days	No description available.

Category: Azure

Microsoft 365 admin center multifactor authentication enforcement

Device-based Conditional Access to M365/Azure resources on Red Hat Enterprise Linux is GA

Microsoft Entra ID: Attacker in the Middle detection alert in ID Protection is GA

Modernized user-defined permissions experience for Word, Excel, and PowerPoint

Microsoft Defender for Cloud Apps: Files page retires September 1, 2024

Decoupling Microsoft Purview Data Loss Prevention (DLP) Process form Microsoft Defender for Endpoint on Windows Devices

Azure Information Protection Add-in for Office – it is the end

[Public Preview] Support all Microsoft Defender for Cloud Apps users by Microsoft Defender XDR portal

License enforcement for Microsoft Purview Information Protection for sensitivity labels

Use double-key encryption to protect your most sensitive files and emails in Microsoft 365 Apps

Authentication strength improvements to support passkeys

Suspension of Azure Application Administrator role for Management of add-ins across Outlook, Word, Excel, and PowerPoint

End of the Azure Information Protection Add-in for Office

Prepare for device-bound passkeys in Microsoft Entra ID (changes to FIDO2 and Windows Hello for Business)

Information Protection: Full File Evidence for all workloads in Activity Explorer

Data Loss Prevention – View-only mode for Data Loss Prevention and Information Protection Policies and Labels

Ability to change retention period on labels set to start retention based on “When items were labeled”

[Public Preview] Windows Autopatch Reliability Report

New Microsoft Defender Antivirus services on Windows Devices

Changes to FIDO2 security key registration and sign-in experiences

Thibault CHÂTIRON

Follow Blog via Email

Recent Posts

Categories

Archives