Thibault CHÂTIRON

Cybersecurity

Exfiltration of business sensitive data to free public domain emails

Coming soon, Microsoft Purview Insider Risk Management will roll out exfiltration of business sensitive data to free public domain emails. When this will happen: Public Preview: Microsoft will begin rolling out mid-May 2024 and expect to complete by late May 2024. General Availability: Microsoft will begin rolling out late June 2024 and expect to complete …

Enhanced Submissions experience from Email entity and Summary panel

In Microsoft Defender XDR for Office 365, Microsoft is enhancing the Submit to Microsoft for review options on the Email entity page and Summary panel so admins can convey whether they are submitting for a second opinion or submitting to confirm a clean or a malicious verdict. In the same workflow, we are also introducing the Entities allow option that Security …

Microsoft Copilot in Outlook: Logging and Microsoft Purview eDiscovery support

Microsoft Outlook has added additional logging and Microsoft Purview eDiscovery support for Copilot in Outlook features that have already been released, and future Copilot in Outlook features as well. These features will be available in Outlook for Mac, web, iOS, Android, and the new Outlook for Windows. When this will happen: General Availability (Worldwide): Microsoft …

Azure Information Protection Add-in for Office – it is the end

The Azure Information Protection (AIP) Unified Labeling add-in for Office is retired on April 11th, 2024. When this will happen: Important retirement milestones are: How this will affect your organization: To continue using sensitivity labels powered by Microsoft Purview Information Protection in Office applications, you must transition to the built-in labeling experience in Microsoft 365 …

Microsoft Teams: New tenant federation setting to block all subdomains of domains in blocklist

In Microsoft Teams, Microsoft has introduced a new Tenant Federation setting to block all subdomains of domains in the federation Block list. If your organization is using a Block list to protect your users from malicious or other domains, you should enable this new setting to also protect users from all related subdomains without manually …

Password protected download for quarantined emails from Email Entity

Microsoft is introducing password protected downloads of email messages from the Email Entity Summary Panel in Microsoft Defender for Office 365. Today, password protected downloads are available from the Quarantine experience.  When this will happen: General Availability: Microsoft will begin rolling out mid-March 2024 and expect to complete by late March 2024. How this will …

Microsoft Defender for Office 365: New Quarantine release details

In Microsoft Defender for Office 365, Microsoft is rolling out new details on who or what is responsible for releasing a message from quarantine. These details will now be included in the email summary flyout panel accessible from the Quarantine page. When this will happen: General Availability : Microsoft will begin rolling out late March …

[Public Preview] Insider Risk Management: Global exclusions

Microsoft Purview Insider Risk Management will be rolling out public preview of Global exclusions in the in the Microsoft Purview compliance portal. When this will happen: Public Preview: Microsoft will begin rolling out early May 2024 and expect to complete by mid-May 2024. General Availability: Microsoft will begin rolling out mid-August 2024 and expect to complete by …

[Public Preview] Support all Microsoft Defender for Cloud Apps users by Microsoft Defender XDR portal

As part of the transition to the Microsoft Defender XDR portal, the entire Microsoft Defender for Cloud Apps experience in the Microsoft 365 Defender XDR portal will be available for all supported by Defender for Cloud Apps admin roles. How this will affect your organization: For Public Preview customers, the entire Defender for Cloud Apps …

Microsoft Defender Antivirus: Changes to “engine update” support plans

Microsoft Defender Antivirus is rolling out an update to the support plan for the anti-malware scan “engine update” (MpEngine.dll). To align with the current Defender Antivirus platform update, only N-2 versions will be supported. Reasons: When this will happen: General Availability : The changes will take effect May 1, 2024. How this will affect your …

Updates to resolve Windows Server domain controller issue

Microsoft has identified an issue that affects Windows Server domain controllers (DCs), and has expedited a resolution that can be applied to affected devices. Out-of-band (OOB) updates have been released for some versions of Windows today, March 22, 2024, to addresses this issue related to a memory leak in the Local Security Authority Subsystem Service (LSASS). …

Microsoft Purview Insider Risk Management- policy wizard enhancements [Public Preview]

Coming soon, Microsoft Purview Insider Risk Management will be rolling out a public preview of policy wizard enhancements. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own …

Data Loss Prevention – Enriched Data Loss Prevention (DLP) alert email notifications for DLP admins

There is now increased information in the alert email notification sent to the Data Loss Prevention (DLP) admins upon a DLP policy match. Previously a DLP alert email only included the user activity and the type of sensitive information matched in the alert. Now, DLP admins will get additional context such as alert ID, policy …

Microsoft Copilot in Windows starts to roll out to more Windows 11 and 10 devices

Starting today, Copilot in Windows (in preview)* begins to roll out to more Windows 11 and Windows 10 devices. In addition, starting this week, people can access up to 10 Copilot requests in Windows before signing in with a Microsoft account or Microsoft Entra ID. After reaching this limit, it will be necessary to sign in …

eDiscovery – Graph API for purge enhancements to include Exchange items and expand purge limit from 10 to 100

The Microsoft Graph eDiscovery premium API that supports Purge for Teams messages will now expand to support items stored in Microsoft Exchange including emails, calendar invitations, and more. In addition to expanding to support Exchange email items and Microsoft Teams, the limit for each purge action per unique location will expand from 10 items per …

License enforcement for Microsoft Purview Information Protection for sensitivity labels

Microsoft Purview Information Protection helps organizations classify and protect their data while ensuring end user productivity. To apply a sensitivity label to documents, emails, meetings, groups, and sites manually, the following licenses are required for both the tenant admin and each end user: For both client and server-side automatic sensitivity labeling, the following licenses are …

Use double-key encryption to protect your most sensitive files and emails in Microsoft 365 Apps

Update of https://thibaultchatiron.fr/2023/07/31/use-double-key-encryption-to-protect-your-most-sensitive-files-and-emails-in-microsoft-365-apps/ To protect your most sensitive content, users of Microsoft 365 Apps can now use Double Key Encryption (DKE) for files and emails using the built-in labeling client. With DKE, Microsoft stores one key in Microsoft Azure and you hold the other key, ensuring that only you can ever decrypt protected content, under all circumstances. …

[MDO] Quarantine End User Allow and Block list management

In Microsoft Defender for Office 365, Microsoft is updating the way end users allow and block emails in Exchange Online.  When this will happen: Microsoft will begin rolling out late April 2024 and expect to complete by mid-May 2024. How this will affect your organization: With one click, end users will block emails from unwanted …

March 2024 security update is available

The March 2024 security update is available for Windows 11 and all supported versions of Windows 10. For more information about the contents of this update, see the release notes, which are easily accessible from the Windows 11 and Windows 10 update history pages. Highlights for the Windows 11, versions 23H2 and 22H2 update:  REMINDER The June 2024 security update …

Authentication strength improvements to support passkeys

Conditional Access authentication strengths in Microsoft Entra ID will be improved to support registration of device-bound passkeys (defined at passkeys.dev) stored on computers, security keys, and mobile devices.  When this will happen: Public Preview: Microsoft will begin rolling out early March 2024 and expect to complete by mid-March 2024. Worldwide: Microsoft will begin rolling out late …