![[Valid RSS]](images/valid-rss-rogers.png "Valid RSS")
This is a valid RSS feed.
This feed is valid, but interoperability with the widest range of feed readers could be improved by implementing the following recommendations.
... rel="self" type="application/rss+xml"/>
^
line 102, column 0: (40 occurrences) [help]
line 102, column 0: (40 occurrences) [help]
<div class="wp-block-image">
line 114, column 0: (10 occurrences) [help]
<div class="wp-block-image">
line 114, column 0: (10 occurrences) [help]
<div class="wp-block-image">
<?xml version="1.0" encoding="UTF-8" standalone="no"?><rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:media="http://search.yahoo.com/mrss/" xmlns:slash="http://purl.org/rss/1.0/modules/slash/" xmlns:sy="http://purl.org/rss/1.0/modules/syndication/" xmlns:wfw="http://wellformedweb.org/CommentAPI/" version="2.0"> <channel> <title>Petri IT Knowledgebase</title> <atom:link href="https://petri.com/feed/" rel="self" type="application/rss+xml"/> <link>https://petri.com</link> <description>Petri IT Knowledgebase is one of the most comprehensive IT related web sites. With hundreds of MS Windows Client and Server related tips, tricks and how-to articles, Petri.co.il has become one of the world's leading MCSE and IT related knowledge bases.</description> <lastBuildDate>Fri, 17 May 2024 14:58:39 +0000</lastBuildDate> <language>en-US</language> <sy:updatePeriod> hourly </sy:updatePeriod> <sy:updateFrequency> 1 </sy:updateFrequency> <generator>https://wordpress.org/?v=6.4.3</generator> <image> <url>https://petri.com/wp-content/uploads/2023/06/cropped-Petri-P-1024x1024-1-32x32.png</url> <title>Petri IT Knowledgebase</title> <link>https://petri.com</link> <width>32</width> <height>32</height></image> <item> <title>First Ring Daily: Building on the Road</title> <link>https://petri.com/frd-building-on-the-road/</link> <comments>https://petri.com/frd-building-on-the-road/#respond</comments> <dc:creator><![CDATA[Laurent Giret]]></dc:creator> <pubDate>Fri, 17 May 2024 14:58:37 +0000</pubDate> <category><![CDATA[Windows]]></category> <category><![CDATA[Build 2024]]></category> <category><![CDATA[First Ring Daily]]></category> <category><![CDATA[Microsoft]]></category> <category><![CDATA[News]]></category> <category><![CDATA[Windows on ARM]]></category> <guid isPermaLink="false">https://petri.com/?p=712672</guid> <description><![CDATA[<p>In this episode of First Ring Daily, Brad Sams and Paul Thurrott discuss Microsoft's upcoming Build developer conference starting next week, as well as the various Windows on ARM announcements from Microsoft and other PC manufacturers that are expected on Monday. </p><p>The post <a rel="nofollow" href="https://petri.com/frd-building-on-the-road/">First Ring Daily: Building on the Road</a> appeared first on <a rel="nofollow" href="https://petri.com">Petri IT Knowledgebase</a>.</p>]]></description> <content:encoded><![CDATA[<p>In this episode of First Ring Daily, Brad Sams and Paul Thurrott discuss Microsoft’s upcoming Build developer conference starting next week, as well as the various Windows on ARM announcements from Microsoft and other PC manufacturers that are expected on Monday. </p> <p>The use of React Native in Windows 11. Research shows how Microsoft is using React Native, a web technology created by Facebook, to build some of the new features in Windows 11, such as the recommended section in the Start menu. Microsoft controls the desktop version of React Native and is using it everywhere.</p> <p>The challenges of modern app development on Windows. Paul and Brad discuss how Microsoft has failed to provide a consistent and easy framework for app development on Windows, and how they have to resort to different technologies such as WinUI, XAML Islands, and WPF. They speculate that Microsoft might move on from WinUI 3 and that WPF might make a comeback.</p> <p>The trend of web-based technologies for cross-platform development. Paul and Brad compare the situation of Microsoft with that of Google, which is also using web-based technologies, such as Flutter and Dart, to create apps that run on multiple platforms. They suggest that web technologies are becoming the common way to get to the web, regardless of the language or framework used.</p><p>The post <a rel="nofollow" href="https://petri.com/frd-building-on-the-road/">First Ring Daily: Building on the Road</a> appeared first on <a rel="nofollow" href="https://petri.com">Petri IT Knowledgebase</a>.</p>]]></content:encoded> <wfw:commentRss>https://petri.com/frd-building-on-the-road/feed/</wfw:commentRss> <slash:comments>0</slash:comments> </item> <item> <title>Hackers Exploit Windows Quick Assist App to Deploy Black Basta Ransomware</title> <link>https://petri.com/windows-quick-assist-black-basta-ransomware/</link> <comments>https://petri.com/windows-quick-assist-black-basta-ransomware/#respond</comments> <dc:creator><![CDATA[Rabia Noureen]]></dc:creator> <pubDate>Fri, 17 May 2024 14:02:21 +0000</pubDate> <category><![CDATA[Security]]></category> <category><![CDATA[cybersecurity]]></category> <category><![CDATA[News]]></category> <guid isPermaLink="false">https://petri.com/?p=712670</guid> <description><![CDATA[<p>Microsoft has warned customers about a new wave of social engineering attacks where cybercriminals exploit its Quick Assist app. The company acknowledged that a financially motivated threat actor (tracked as Storm-1811) has been deploying Black Basta ransomware since mid-April, posing a significant threat to users. Quick Assist is a remote assistance tool that helps to...</p><p>The post <a rel="nofollow" href="https://petri.com/windows-quick-assist-black-basta-ransomware/">Hackers Exploit Windows Quick Assist App to Deploy Black Basta Ransomware</a> appeared first on <a rel="nofollow" href="https://petri.com">Petri IT Knowledgebase</a>.</p>]]></description> <content:encoded><![CDATA[<blockquote class="wp-block-quote"><h3 class="wp-block-heading">Key Takeaways:</h3> <ul><li>Cybercriminals are abusing Microsoft’s Quick Assist app to perform social engineering attacks, tricking users into granting remote access to their computers.</li> <li>The financially motivated threat actor, Storm-1811, has been using this method to spread Black Basta ransomware since April 2024.</li> <li>Microsoft advises administrators to uninstall or block Quick Assist if not in use and implement privilege access management solutions.</li></ul></blockquote> <p>Microsoft has warned customers about a new wave of social engineering attacks where cybercriminals exploit its Quick Assist app. The company acknowledged that a financially motivated threat actor (tracked as Storm-1811) has been deploying Black Basta ransomware since mid-April, posing a significant threat to users.</p> <p><a href="https://learn.microsoft.com/windows/client-management/client-tools/quick-assist" target="_blank" data-type="link" data-id="https://learn.microsoft.com/windows/client-management/client-tools/quick-assist" rel="noreferrer noopener">Quick Assist</a> is a remote assistance tool that helps to connect two PCs over the Internet. It allows IT support teams to remotely view and control another user’s computer to diagnose and fix technical issues. The Quick Assist app is installed by default on Windows 11, and it encrypts the connection between the two computers to maintain data privacy.</p> <p>In a new <a href="https://www.microsoft.com/en-us/security/blog/2024/05/15/threat-actors-misusing-quick-assist-in-social-engineering-attacks-leading-to-ransomware/" target="_blank" data-type="link" data-id="https://www.microsoft.com/en-us/security/blog/2024/05/15/threat-actors-misusing-quick-assist-in-social-engineering-attacks-leading-to-ransomware/" rel="noreferrer noopener">threat intelligence report</a>, Microsoft revealed that hackers are leveraging social engineering campaigns to trick victims into granting access to their computers via Quick Assist. The attackers pose as IT support to bombard targets with spam emails and flood their inboxes with subscribed content. They then use voice phishing (<a href="https://www.microsoft.com/microsoft-365-life-hacks/privacy-and-safety/what-is-a-vishing-attack" target="_blank" data-type="link" data-id="https://www.microsoft.com/microsoft-365-life-hacks/privacy-and-safety/what-is-a-vishing-attack" rel="noreferrer noopener">vishing</a>) to convince victims to address the spam issue.</p> <p>“During the call, the threat actor persuades the user to grant them access to their device through Quick Assist. The target user only needs to press CTRL + Windows + Q and enter the security code provided by the threat actor,” the Microsoft Threat Intelligence team explained. “After the target enters the security code, they receive a dialog box asking for permission to allow screen sharing. Selecting Allow shares the user’s screen with the actor.”</p> <div class="wp-block-image"><figure class="aligncenter size-full"><img fetchpriority="high" decoding="async" width="365" height="270" src="https://petri.com/wp-content/uploads/2024/05/image-20.png" alt="Hackers Exploit Windows Quick Assist App to Deploy Black Basta Ransomware" class="wp-image-712685" srcset="https://petri.com/wp-content/uploads/2024/05/image-20.png 365w, https://petri.com/wp-content/uploads/2024/05/image-20-300x222.png 300w" sizes="(max-width: 365px) 100vw, 365px" /><figcaption class="wp-element-caption">Quick Assist prompt to enter security code (Image Credits: Microsoft)</figcaption></figure></div> <p>Additionally, Microsoft observed that Storm-1811 is deploying various malware to escalate privileges and maintain control over compromised devices. This includes remote monitoring and management (RMM) tools like ScreenConnect and NetSupport Manager, as well as malicious payloads such as Qakbot and Cobalt Strike.</p> <h2 class="wp-block-heading">How to mitigate Quick Assist attacks</h2> <p>Microsoft advises administrators to <a href="https://learn.microsoft.com/windows/client-management/client-tools/quick-assist#disable-quick-assist-within-your-organization" target="_blank" data-type="link" data-id="https://learn.microsoft.com/windows/client-management/client-tools/quick-assist#disable-quick-assist-within-your-organization" rel="noreferrer noopener">uninstall or block</a> Quick Assist and other management tools if they are not in use within their organizations. They also recommend implementing <a href="https://petri.com/azure-ad-privileged-identity-management/" data-type="link" data-id="https://petri.com/azure-ad-privileged-identity-management/">privilege access management</a> solutions to prevent unauthorized access to sensitive information. </p> <p>Additionally, Microsoft urges organizations to enable <a href="https://learn.microsoft.com/defender-endpoint/enable-cloud-protection-microsoft-defender-antivirus" data-type="link" data-id="https://learn.microsoft.com/defender-endpoint/enable-cloud-protection-microsoft-defender-antivirus" target="_blank" rel="noreferrer noopener">cloud-delivered protection</a>, <a href="https://learn.microsoft.com/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection" data-type="link" data-id="https://learn.microsoft.com/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection" target="_blank" rel="noreferrer noopener">tamper protection</a>, and network protection as well as invest in advanced anti-phishing solutions. IT admins should also conduct employee training sessions to educate staff about tech support scams and social engineering attacks.</p><p>The post <a rel="nofollow" href="https://petri.com/windows-quick-assist-black-basta-ransomware/">Hackers Exploit Windows Quick Assist App to Deploy Black Basta Ransomware</a> appeared first on <a rel="nofollow" href="https://petri.com">Petri IT Knowledgebase</a>.</p>]]></content:encoded> <wfw:commentRss>https://petri.com/windows-quick-assist-black-basta-ransomware/feed/</wfw:commentRss> <slash:comments>0</slash:comments> </item> <item> <title>Microsoft Teams Gets New Channel Management Capabilities</title> <link>https://petri.com/microsoft-teams-channel-management/</link> <comments>https://petri.com/microsoft-teams-channel-management/#respond</comments> <dc:creator><![CDATA[Rabia Noureen]]></dc:creator> <pubDate>Thu, 16 May 2024 13:05:25 +0000</pubDate> <category><![CDATA[Microsoft Teams]]></category> <category><![CDATA[Microsoft 365]]></category> <category><![CDATA[News]]></category> <guid isPermaLink="false">https://petri.com/?p=712616</guid> <description><![CDATA[<p>Microsoft has announced a slew of updates to streamline channel management in its Teams collaboration service. The company has reduced the number of steps that were previously required to create and join teams and channels in Microsoft Teams. Microsoft mentioned that “create a team from scratch” is now the default experience in Microsoft Teams. Users...</p><p>The post <a rel="nofollow" href="https://petri.com/microsoft-teams-channel-management/">Microsoft Teams Gets New Channel Management Capabilities</a> appeared first on <a rel="nofollow" href="https://petri.com">Petri IT Knowledgebase</a>.</p>]]></description> <content:encoded><![CDATA[<blockquote class="wp-block-quote"><h3 class="wp-block-heading">Key Takeaways:</h3> <ul><li>Microsoft Teams users can now enjoy streamlined processes for creating and joining teams and channels.</li> <li>The AI-powered Discover feed in Teams enhances content consumption by offering users a personalized hub to catch up on the most relevant channel updates.</li> <li>Microsoft has introduced new admin controls to prevent users from finding private teams.</li></ul></blockquote> <p>Microsoft has <a href="https://techcommunity.microsoft.com/t5/microsoft-teams-blog/new-capabilities-to-help-you-manage-microsoft-teams-channels/ba-p/4139186" target="_blank" data-type="link" data-id="https://techcommunity.microsoft.com/t5/microsoft-teams-blog/new-capabilities-to-help-you-manage-microsoft-teams-channels/ba-p/4139186" rel="noreferrer noopener">announced a slew of updates</a> to streamline channel management in its Teams collaboration service. The company has reduced the number of steps that were previously required to create and join teams and channels in Microsoft Teams.</p> <p>Microsoft mentioned that “<strong>create a team from scratch</strong>” is now the default experience in Microsoft Teams. Users will need to click “<strong>More create team options</strong>” to select a template from the template library. Microsoft has also introduced a new <strong>Create channel</strong> option in the menu for creating a new team.</p> <p>Additionally, Microsoft Teams now allows users to <strong>find and join public and private teams</strong>. There are also new settings that let <strong>IT admins control</strong> whether users will be able to find a private team. Later this year, Microsoft Teams will enable users to choose to <strong>show only the channels</strong> that are relevant to them when joining a team.</p> <figure class="wp-block-image size-full"><img decoding="async" width="907" height="499" src="https://petri.com/wp-content/uploads/2024/05/image-17.png" alt="Microsoft Teams Gets New Channel Management Capabilities" class="wp-image-712634" srcset="https://petri.com/wp-content/uploads/2024/05/image-17.png 907w, https://petri.com/wp-content/uploads/2024/05/image-17-300x165.png 300w, https://petri.com/wp-content/uploads/2024/05/image-17-768x423.png 768w, https://petri.com/wp-content/uploads/2024/05/image-17-610x336.png 610w" sizes="(max-width: 907px) 100vw, 907px" /><figcaption class="wp-element-caption">Discover public and private teams (Image Credits: Microsoft)</figcaption></figure> <h2 class="wp-block-heading">New Discover Feed enhances collaboration in Microsoft Teams channels</h2> <p>Microsoft Teams has <a href="https://petri.com/microsoft-teams-channels-discover-feed/" data-type="link" data-id="https://petri.com/microsoft-teams-channels-discover-feed/">introduced a new AI-powered <strong>Discover feed</strong></a> that allows users to catch up on the most relevant content from channels. This new Discover feed helps to easily catch up on news as well as like/comment/share a post.</p> <p>In Microsoft Teams, users can now <strong>share a link to the channel, a post, or a reply</strong> with their colleagues. Moreover, users can choose to <strong>hide the general channel</strong> of a team and mark all notifications as read with a single click in the activity feed.</p> <figure class="wp-block-image size-full"><img decoding="async" width="861" height="402" src="https://petri.com/wp-content/uploads/2024/05/image-18.png" alt="Microsoft Teams Discover feed" class="wp-image-712636" srcset="https://petri.com/wp-content/uploads/2024/05/image-18.png 861w, https://petri.com/wp-content/uploads/2024/05/image-18-300x140.png 300w, https://petri.com/wp-content/uploads/2024/05/image-18-768x359.png 768w, https://petri.com/wp-content/uploads/2024/05/image-18-610x285.png 610w" sizes="(max-width: 861px) 100vw, 861px" /><figcaption class="wp-element-caption">Discover Feed (Image Credits: Microsoft)</figcaption></figure> <h2 class="wp-block-heading">Archive channel is now generally available</h2> <p>Furthermore, Microsoft has released a new feature that lets channel owners and IT admins <strong>archive Teams channels</strong>. This capability should help to preserve channel content (such as messages, files, and tabs) when the collaboration in a project ends.</p> <figure class="wp-block-image size-full"><img decoding="async" width="999" height="563" src="https://petri.com/wp-content/uploads/2024/05/image-19.png" alt="Archive channels" class="wp-image-712638" srcset="https://petri.com/wp-content/uploads/2024/05/image-19.png 999w, https://petri.com/wp-content/uploads/2024/05/image-19-300x169.png 300w, https://petri.com/wp-content/uploads/2024/05/image-19-768x433.png 768w, https://petri.com/wp-content/uploads/2024/05/image-19-610x344.png 610w" sizes="(max-width: 999px) 100vw, 999px" /><figcaption class="wp-element-caption">Archive channel (Image Credits: Microsoft)</figcaption></figure> <p>Later this year, Microsoft Teams is getting a new feature that will automatically <strong>hide inactive channels</strong> that haven’t been interacted with over the past 45 days. Additionally, it will be possible to <strong>rename the general channel</strong> in Microsoft Teams. Users will also be able to <strong>mute all notifications</strong> for a specific channel post and customize the sound of notifications.</p><p>The post <a rel="nofollow" href="https://petri.com/microsoft-teams-channel-management/">Microsoft Teams Gets New Channel Management Capabilities</a> appeared first on <a rel="nofollow" href="https://petri.com">Petri IT Knowledgebase</a>.</p>]]></content:encoded> <wfw:commentRss>https://petri.com/microsoft-teams-channel-management/feed/</wfw:commentRss> <slash:comments>0</slash:comments> </item> <item> <title>VMware Makes Workstation Pro and Fusion Pro Free for Personal Use</title> <link>https://petri.com/vmware-workstation-pro-fusion-pro-free-personal-use/</link> <comments>https://petri.com/vmware-workstation-pro-fusion-pro-free-personal-use/#respond</comments> <dc:creator><![CDATA[Rabia Noureen]]></dc:creator> <pubDate>Wed, 15 May 2024 13:59:52 +0000</pubDate> <category><![CDATA[VMware]]></category> <category><![CDATA[News]]></category> <category><![CDATA[vmware]]></category> <guid isPermaLink="false">https://petri.com/?p=712574</guid> <description><![CDATA[<p>VMware announced yesterday that its Workstation Pro and Fusion Pro desktop hypervisor products are now free for personal use. Starting this week, VMware will offer two license models for its Pro apps: a Free Personal Use or a Paid Commercial Use subscription for organizations. According to VMware, customers should notice consistent functionality across both free...</p><p>The post <a rel="nofollow" href="https://petri.com/vmware-workstation-pro-fusion-pro-free-personal-use/">VMware Makes Workstation Pro and Fusion Pro Free for Personal Use</a> appeared first on <a rel="nofollow" href="https://petri.com">Petri IT Knowledgebase</a>.</p>]]></description> <content:encoded><![CDATA[<blockquote class="wp-block-quote"><h3 class="wp-block-heading">Key Takeaways:</h3> <ul><li>VMware has made its Workstation Pro and Fusion Pro desktop hypervisor products free for personal use.</li> <li>VMware is also discontinuing its Workstation Player and Fusion Player solutions. </li> <li>VMware has simplified its paid offerings to a single SKU called Desktop Hypervisor for commercial customers, priced at $120 per year.</li></ul></blockquote> <p>VMware <a href="https://blogs.vmware.com/workstation/2024/05/vmware-workstation-pro-now-available-free-for-personal-use.html" data-type="link" data-id="https://blogs.vmware.com/workstation/2024/05/vmware-workstation-pro-now-available-free-for-personal-use.html" target="_blank" rel="noreferrer noopener">announced yesterday</a> that its Workstation Pro and Fusion Pro desktop hypervisor products are now free for personal use. Starting this week, VMware will offer two license models for its Pro apps: a Free Personal Use or a Paid Commercial Use subscription for organizations.</p> <p>According to VMware, customers should notice consistent functionality across both free and paid subscription models. However, the free version will display the message “This product is licensed for personal use only” on the screens.</p> <p><a href="https://www.vmware.com/content/vmware/vmware-published-sites/us/products/desktop-hypervisor.html.html" target="_blank" data-type="link" data-id="https://www.vmware.com/content/vmware/vmware-published-sites/us/products/desktop-hypervisor.html.html" rel="noreferrer noopener">VMware Workstation Pro and Fusion Pro</a> are virtualization products that enable customers to create and operate <a href="https://petri.com/what-is-a-virtual-machine/" data-type="link" data-id="https://petri.com/what-is-a-virtual-machine/">virtual machines (VMs)</a> on their computers. These services let users run multiple VMs to facilitate testing, development, and other virtualization tasks. VMware Workstation Pro is available for PCs running Windows and Linux, while VMware Fusion Pro is tailored for macOS.</p> <p>“VMware Desktop Hypervisor products Fusion and Workstation are used by millions of people every day to run virtual machines on their Windows, Linux, and Mac computers,” VMware explained. “They give users the ability to quickly and easily build ‘local virtual’ environments to install other operating systems, learn about technology, build and test software, complex systems, browsers, apps, games, and more.”</p> <div class="wp-block-image"><figure class="aligncenter size-full"><img decoding="async" width="501" height="469" src="https://petri.com/wp-content/uploads/2024/05/image-16.png" alt="VMware Makes Workstation Pro and Fusion Pro Free for Personal Use" class="wp-image-712592" srcset="https://petri.com/wp-content/uploads/2024/05/image-16.png 501w, https://petri.com/wp-content/uploads/2024/05/image-16-300x281.png 300w, https://petri.com/wp-content/uploads/2024/05/image-16-427x400.png 427w" sizes="(max-width: 501px) 100vw, 501px" /><figcaption class="wp-element-caption">VMware Workstation (Image Credits: VMware)</figcaption></figure></div> <h2 class="wp-block-heading">How to download Workstation Pro and Fusion Pro 13 for free</h2> <ul><li>Go to the <a href="https://support.broadcom.com/" target="_blank" data-type="link" data-id="https://support.broadcom.com/" rel="noreferrer noopener">Broadcom’s Support website</a>.</li> <li>Click <strong>Register</strong> to create a new basic Broadcom account if you don’t already have one.</li> <li>Once logged in, navigate to the Support Portal and select the “<strong>VMware Cloud Foundation division</strong>” from the dropdown menu.</li> <li>Click the “<strong>My Downloads</strong>” option on the left and then search for either Fusion or Workstation.</li> <li>Select <strong>VMware Fusion</strong> or <strong>VMware Workstation Pro</strong> from the list and choose version 17.5.2 or 13.5.2.</li> <li>Finally, click the <strong>download and install</strong> option.</li></ul> <h2 class="wp-block-heading">VMware deprecates Workstation Player and Fusion Player </h2> <p>VMware has announced its plans to phase out its Workstation Player and Fusion Player solutions. These products will no longer be available for purchase, and customers are encouraged to transition to the Pro versions at no additional cost. VMware assures that all virtual machines (VMs) utilized in the VMware Player products are compatible with Workstation Pro and Fusion Pro.</p> <p>Lastly, Broadcom has simplified its paid offering into a single product for VMware commercial customers. This new subscription, called VMware Desktop Hypervisor, is priced at $120 per year and provides access to VMware Workstation Pro and Fusion Pro products. Commercial customers can purchase the new paid subscription through the new <a href="https://store.cloudvista.com" data-type="link" data-id="https://store.cloudvista.com" target="_blank" rel="noreferrer noopener">online store</a> or an authorized Broadcom Advantage partner.</p> <p>Overall, VMware’s decision to make Workstation Pro and Fusion Pro free for personal use marks a significant advancement in virtualization accessibility for IT professionals. This move not only promotes cost efficiency and flexibility but also facilitates skill development, collaboration, and career advancement within the IT community. </p><p>The post <a rel="nofollow" href="https://petri.com/vmware-workstation-pro-fusion-pro-free-personal-use/">VMware Makes Workstation Pro and Fusion Pro Free for Personal Use</a> appeared first on <a rel="nofollow" href="https://petri.com">Petri IT Knowledgebase</a>.</p>]]></content:encoded> <wfw:commentRss>https://petri.com/vmware-workstation-pro-fusion-pro-free-personal-use/feed/</wfw:commentRss> <slash:comments>0</slash:comments> </item> <item> <title>Microsoft’s May 2024 Patch Tuesday Updates Fix Two Zero-Day Vulnerabilities</title> <link>https://petri.com/microsofts-may-2024-patch-tuesday-updates/</link> <comments>https://petri.com/microsofts-may-2024-patch-tuesday-updates/#respond</comments> <dc:creator><![CDATA[Rabia Noureen]]></dc:creator> <pubDate>Wed, 15 May 2024 10:35:02 +0000</pubDate> <category><![CDATA[Windows 10]]></category> <category><![CDATA[Windows 11]]></category> <category><![CDATA[News]]></category> <guid isPermaLink="false">https://petri.com/?p=712551</guid> <description><![CDATA[<p>Microsoft has released the May 2024 Patch Tuesday updates for Windows 11 and Windows 10. This month, Microsoft fixed a total of 59 security vulnerabilities in Windows and other components, and there are two zero-day flaws that are already being exploited by attackers. On the quality and experience updates front, Microsoft has released some changes...</p><p>The post <a rel="nofollow" href="https://petri.com/microsofts-may-2024-patch-tuesday-updates/">Microsoft’s May 2024 Patch Tuesday Updates Fix Two Zero-Day Vulnerabilities</a> appeared first on <a rel="nofollow" href="https://petri.com">Petri IT Knowledgebase</a>.</p>]]></description> <content:encoded><![CDATA[<blockquote class="wp-block-quote"><h3 class="wp-block-heading">Key Takeaways:</h3> <ul><li>Microsoft’s May 2024 Patch Tuesday updates address 59 vulnerabilities, including two zero-day flaws already being exploited by attackers.</li> <li>Microsoft has fixed a high-severity security feature bypass vulnerability in the Windows MSHTML platform and an elevation of privilege flaw in Windows DWM Core Library. </li> <li>Microsoft has introduced minor changes to Widgets icons on the taskbar and enhancements to lock screen widgets on Windows 11.</li></ul></blockquote> <p>Microsoft has released the May 2024 Patch Tuesday updates for Windows 11 and Windows 10. This month, Microsoft fixed a total of 59 security vulnerabilities in Windows and other components, and there are two zero-day flaws that are already being exploited by attackers.</p> <p>On the quality and experience updates front, Microsoft has released some changes to the Widgets icons on the taskbar and widgets cards on the lock screen on <a href="https://petri.com/install-windows-11/" data-type="link" data-id="https://petri.com/install-windows-11/">Windows 11</a>. The latest update also fixes a known issue that was causing the Settings app to become unresponsive on Windows 11 PCs.</p> <h2 class="wp-block-heading">59 vulnerabilities fixed in the May 2024 Patch Tuesday updates</h2> <p>As highlighted by the <a href="https://www.zerodayinitiative.com/blog/2024/5/14/the-may-2024-security-update-review" target="_blank" data-type="link" data-id="https://www.zerodayinitiative.com/blog/2024/5/14/the-may-2024-security-update-review" rel="noreferrer noopener">Zero Day Initiative</a>, Microsoft’s May 2024 Patch Tuesday Updates include fixes for 59 vulnerabilities. Among these, only one is categorized as “Critical,” 57 are deemed “Important,” and one carries a “Moderate” severity rating.</p> <ul><li><strong><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-30040" target="_blank" data-type="link" data-id="https://nvd.nist.gov/vuln/detail/CVE-2024-30040" rel="noreferrer noopener">CVE-2024-30040</a></strong>: This is a high-severity security feature bypass vulnerability in the <a href="https://microsoft.fandom.com/wiki/MSHTML#:~:text=MSHTML%20(also%20known%20as%20Trident,Internet%20Explorer%204%20in%201997." target="_blank" data-type="link" data-id="https://microsoft.fandom.com/wiki/MSHTML#:~:text=MSHTML%20(also%20known%20as%20Trident,Internet%20Explorer%204%20in%201997." rel="noreferrer noopener">Windows MSHTML platform</a> that received an 8.8 CVSS score. The flaw could allow attackers to deceive users into opening a harmful file and then bypass OLE mitigations in Microsoft 365 and Microsoft Office to execute malicious code.</li> <li><strong><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30051" target="_blank" data-type="link" data-id="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30051" rel="noreferrer noopener">CVE-2024-30051</a></strong>: This elevation of privilege flaw in <a href="https://learn.microsoft.com/en-us/windows/win32/dwm/dwm-overview" target="_blank" data-type="link" data-id="https://learn.microsoft.com/en-us/windows/win32/dwm/dwm-overview" rel="noreferrer noopener">Windows DWM</a> Core Library received a 7.8 CVSS score. The security vulnerability could let local attackers gain system privileges on the target system and take complete ownership of the device.</li> <li><strong><a href="https://www.tenable.com/cve/CVE-2024-30044" target="_blank" data-type="link" data-id="https://www.tenable.com/cve/CVE-2024-30044" rel="noreferrer noopener">CVE-2024-30044</a></strong>: This is a remote code execution (RCE) vulnerability in SharePoint Server. It could let an unauthenticated hacker with site owner permissions inject and execute arbitrary code in the context of SharePoint Server.</li> <li><strong><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-30033" target="_blank" data-type="link" data-id="https://nvd.nist.gov/vuln/detail/CVE-2024-30033" rel="noreferrer noopener">CVE-2024-30033</a></strong>: This is an important rated elevation of privileges vulnerability in the Windows Search Service. An attacker could exploit this bug to system-level privileges and perform unauthorized actions.</li> <li><strong><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-30018" target="_blank" data-type="link" data-id="https://nvd.nist.gov/vuln/detail/CVE-2024-30018" rel="noreferrer noopener">CVE-2024-30018</a></strong>: This is another important-rated elevation of privileges vulnerability in the Windows Kernel with a 7.8 CVSS score. The security flaw enables hackers to bypass security protections and potentially take full control of the target system.</li></ul> <p>Here’s the complete list of resolved vulnerabilities in the May 2024 Patch Tuesday updates:</p> <figure class="wp-block-table"><table><tbody><tr><td><strong>Product</strong></td><td><strong>Impact</strong></td><td><strong>Max Severity</strong></td><td><strong>Article</strong></td><td><strong>Download</strong></td><td><strong>Details</strong></td></tr><tr><td colspan="2">Microsoft Edge (Chromium-based)</td><td></td><td><a href="https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security" target="_blank" rel="noopener">Release Notes</a></td><td>Security Update</td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-4761" target="_blank" rel="noopener">CVE-2024-4761</a></td></tr><tr><td>Windows 10 Version 1607 for 32-bit Systems</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037763" target="_blank" rel="noopener">5037763</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037763" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows 10 for x64-based Systems</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037788" target="_blank" rel="noopener">5037788</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037788" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows 10 for 32-bit Systems</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037788" target="_blank" rel="noopener">5037788</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037788" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows Server 2022, 23H2 Edition (Server Core installation)</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037781" target="_blank" rel="noopener">5037781</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037781" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows 11 Version 23H2 for x64-based Systems</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037771" target="_blank" rel="noopener">5037771</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037771" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows 11 Version 23H2 for ARM64-based Systems</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037771" target="_blank" rel="noopener">5037771</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037771" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows 10 Version 22H2 for 32-bit Systems</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037768" target="_blank" rel="noopener">5037768</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037768" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows 10 Version 22H2 for ARM64-based Systems</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037768" target="_blank" rel="noopener">5037768</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037768" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows 10 Version 22H2 for x64-based Systems</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037768" target="_blank" rel="noopener">5037768</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037768" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows 11 Version 22H2 for x64-based Systems</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037771" target="_blank" rel="noopener">5037771</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037771" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows 11 Version 22H2 for ARM64-based Systems</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037771" target="_blank" rel="noopener">5037771</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037771" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows 10 Version 21H2 for x64-based Systems</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037768" target="_blank" rel="noopener">5037768</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037768" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows 10 Version 21H2 for ARM64-based Systems</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037768" target="_blank" rel="noopener">5037768</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037768" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows 10 Version 21H2 for 32-bit Systems</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037768" target="_blank" rel="noopener">5037768</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037768" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows 11 version 21H2 for ARM64-based Systems</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037770" target="_blank" rel="noopener">5037770</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037770" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows 11 version 21H2 for x64-based Systems</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037770" target="_blank" rel="noopener">5037770</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037770" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows Server 2022 (Server Core installation)</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037782" target="_blank" rel="noopener">5037782</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037782" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows Server 2022 (Server Core installation)</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037848" target="_blank" rel="noopener">5037848</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037848" target="_blank" rel="noopener">SecurityHotpatchUpdate</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows Server 2022</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037782" target="_blank" rel="noopener">5037782</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037782" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows Server 2022</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037848" target="_blank" rel="noopener">5037848</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037848" target="_blank" rel="noopener">SecurityHotpatchUpdate</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows Server 2019 (Server Core installation)</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037765" target="_blank" rel="noopener">5037765</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037765" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows Server 2019</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037765" target="_blank" rel="noopener">5037765</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037765" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows 10 Version 1809 for ARM64-based Systems</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037765" target="_blank" rel="noopener">5037765</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037765" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows 10 Version 1809 for x64-based Systems</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037765" target="_blank" rel="noopener">5037765</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037765" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows 10 Version 1809 for 32-bit Systems</td><td>Security Feature Bypass</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037765" target="_blank" rel="noopener">5037765</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037765" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040" target="_blank" rel="noopener">CVE-2024-30040</a></td></tr><tr><td>Windows Server 2012 R2 (Server Core installation)</td><td>Information Disclosure</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037823" target="_blank" rel="noopener">5037823</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037823" target="_blank" rel="noopener">Monthly Rollup</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30039" target="_blank" rel="noopener">CVE-2024-30039</a></td></tr><tr><td>Windows Server 2012 R2</td><td>Information Disclosure</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037823" target="_blank" rel="noopener">5037823</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037823" target="_blank" rel="noopener">Monthly Rollup</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30039" target="_blank" rel="noopener">CVE-2024-30039</a></td></tr><tr><td>Windows Server 2012 (Server Core installation)</td><td>Information Disclosure</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037778" target="_blank" rel="noopener">5037778</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037778" target="_blank" rel="noopener">Monthly Rollup</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30039" target="_blank" rel="noopener">CVE-2024-30039</a></td></tr><tr><td>Windows Server 2012</td><td>Information Disclosure</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037778" target="_blank" rel="noopener">5037778</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037778" target="_blank" rel="noopener">Monthly Rollup</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30039" target="_blank" rel="noopener">CVE-2024-30039</a></td></tr><tr><td>Windows Server 2016 (Server Core installation)</td><td>Elevation of Privilege</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037763" target="_blank" rel="noopener">5037763</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037763" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30038" target="_blank" rel="noopener">CVE-2024-30038</a></td></tr><tr><td>Windows Server 2016</td><td>Elevation of Privilege</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037763" target="_blank" rel="noopener">5037763</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037763" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30038" target="_blank" rel="noopener">CVE-2024-30038</a></td></tr><tr><td>Windows 10 Version 1607 for x64-based Systems</td><td>Elevation of Privilege</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037763" target="_blank" rel="noopener">5037763</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037763" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30038" target="_blank" rel="noopener">CVE-2024-30038</a></td></tr><tr><td>PowerBI-client JS SDK</td><td>Information Disclosure</td><td>Important</td><td><a href="https://www.nuget.org/packages/Microsoft.PowerBI.JavaScript/" target="_blank" rel="noopener">Release Notes</a></td><td><a href="https://www.nuget.org/packages/Microsoft.PowerBI.JavaScript/" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30054" target="_blank" rel="noopener">CVE-2024-30054</a></td></tr><tr><td>Microsoft Visual Studio 2022 version 17.8</td><td>Remote Code Execution</td><td>Important</td><td><a href="https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes" target="_blank" rel="noopener">Release Notes</a></td><td><a href="https://my.visualstudio.com/Downloads?q=Visual%20Studio%202022%20version%2017.8" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-32004" target="_blank" rel="noopener">CVE-2024-32004</a></td></tr><tr><td>Microsoft Visual Studio 2022 version 17.6</td><td>Remote Code Execution</td><td>Important</td><td><a href="https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes" target="_blank" rel="noopener">Release Notes</a></td><td><a href="https://my.visualstudio.com/Downloads?q=Visual%20Studio%202022%20version%2017.6" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-32004" target="_blank" rel="noopener">CVE-2024-32004</a></td></tr><tr><td>Microsoft Visual Studio 2022 version 17.4</td><td>Remote Code Execution</td><td>Important</td><td><a href="https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes" target="_blank" rel="noopener">Release Notes</a></td><td><a href="https://my.visualstudio.com/Downloads?q=Visual%20Studio%202022%20version%2017.4" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-32004" target="_blank" rel="noopener">CVE-2024-32004</a></td></tr><tr><td>Microsoft Visual Studio 2022 version 17.9</td><td>Remote Code Execution</td><td>Important</td><td><a href="https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes" target="_blank" rel="noopener">Release Notes</a></td><td><a href="https://my.visualstudio.com/Downloads?q=Visual%20Studio%202022%20version%2017.9" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-32004" target="_blank" rel="noopener">CVE-2024-32004</a></td></tr><tr><td>Microsoft Visual Studio 2019 version 16.11 (includes 16.0 – 16.10)</td><td>Remote Code Execution</td><td>Important</td><td><a href="https://docs.microsoft.com/en-us/visualstudio/releases/2019/release-notes-v16.11" target="_blank" rel="noopener">Release Notes</a></td><td><a href="https://my.visualstudio.com/Downloads?q=Visual%20Studio%202019%20version%2016.11" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-32004" target="_blank" rel="noopener">CVE-2024-32004</a></td></tr><tr><td>Microsoft Visual Studio 2017 version 15.9 (includes 15.0 – 15.8)</td><td>Remote Code Execution</td><td>Important</td><td><a href="https://docs.microsoft.com/en-us/visualstudio/releasenotes/vs2017-relnotes" target="_blank" rel="noopener">Release Notes</a></td><td><a href="http://aka.ms/vs/15/release/latest" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-32004" target="_blank" rel="noopener">CVE-2024-32004</a></td></tr><tr><td>Dynamics 365 Customer Insights</td><td>Spoofing</td><td>Important</td><td><a href="https://learn.microsoft.com/en-us/dynamics365/customer-insights/journeys/whats-new-marketing" target="_blank" rel="noopener">Release Notes</a></td><td><a href="https://learn.microsoft.com/en-us/dynamics365/customer-insights/journeys/apply-updates" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30048" target="_blank" rel="noopener">CVE-2024-30048</a></td></tr><tr><td>.NET 7.0</td><td>Remote Code Execution</td><td>Important</td><td><a href="https://support.microsoft.com/help/5038351" target="_blank" rel="noopener">5038351</a></td><td><a href="https://dotnet.microsoft.com/en-us/download/dotnet/7.0" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30045" target="_blank" rel="noopener">CVE-2024-30045</a></td></tr><tr><td>.NET 8.0</td><td>Remote Code Execution</td><td>Important</td><td><a href="https://support.microsoft.com/help/5038352" target="_blank" rel="noopener">5038352</a></td><td><a href="https://dotnet.microsoft.com/en-us/download/dotnet/8.0" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30045" target="_blank" rel="noopener">CVE-2024-30045</a></td></tr><tr><td>Microsoft SharePoint Server Subscription Edition</td><td>Information Disclosure</td><td>Important</td><td><a href="https://support.microsoft.com/help/5002599" target="_blank" rel="noopener">5002599</a></td><td><a href="https://www.microsoft.com/downloads/details.aspx?familyid=523339ec-3e36-44d3-a5ea-49d09d535343" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30043" target="_blank" rel="noopener">CVE-2024-30043</a></td></tr><tr><td>Microsoft SharePoint Server 2019</td><td>Information Disclosure</td><td>Important</td><td><a href="https://support.microsoft.com/help/5002596" target="_blank" rel="noopener">5002596</a></td><td><a href="https://www.microsoft.com/downloads/details.aspx?familyid=b2979480-9728-409f-bce4-c2e574dc83ce" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30043" target="_blank" rel="noopener">CVE-2024-30043</a></td></tr><tr><td>Microsoft Office 2019 for 64-bit editions</td><td>Remote Code Execution</td><td>Important</td><td><a href="https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates" target="_blank" rel="noopener">Click to Run</a></td><td>Security Update</td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30042" target="_blank" rel="noopener">CVE-2024-30042</a></td></tr><tr><td>Microsoft Office 2019 for 32-bit editions</td><td>Remote Code Execution</td><td>Important</td><td><a href="https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates" target="_blank" rel="noopener">Click to Run</a></td><td>Security Update</td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30042" target="_blank" rel="noopener">CVE-2024-30042</a></td></tr><tr><td>Office Online Server</td><td>Remote Code Execution</td><td>Important</td><td><a href="https://support.microsoft.com/help/5002503" target="_blank" rel="noopener">5002503</a></td><td><a href="https://www.microsoft.com/downloads/details.aspx?familyid=c17819a8-c580-4ad9-b094-97247199f060" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30042" target="_blank" rel="noopener">CVE-2024-30042</a></td></tr><tr><td>Microsoft Bing Search for iOS</td><td>Spoofing</td><td>Important</td><td><a href="https://apps.apple.com/us/app/bing-chat-with-ai-gpt-4/id345323231" target="_blank" rel="noopener">Release Notes</a></td><td><a href="https://apps.apple.com/us/app/bing-chat-with-ai-gpt-4/id345323231" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30041" target="_blank" rel="noopener">CVE-2024-30041</a></td></tr><tr><td>Microsoft SharePoint Enterprise Server 2016</td><td>Information Disclosure</td><td>Important</td><td><a href="https://support.microsoft.com/help/5002598" target="_blank" rel="noopener">5002598</a></td><td><a href="https://www.microsoft.com/downloads/details.aspx?familyid=c6668bbd-c1c8-45c4-9a1f-3013d6db3569" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30043" target="_blank" rel="noopener">CVE-2024-30043</a></td></tr><tr><td>Microsoft Excel 2016 (64-bit edition)</td><td>Remote Code Execution</td><td>Important</td><td><a href="https://support.microsoft.com/help/5002587" target="_blank" rel="noopener">5002587</a></td><td><a href="https://www.microsoft.com/downloads/details.aspx?familyid=550506c2-07a8-437a-944b-442705634144" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30042" target="_blank" rel="noopener">CVE-2024-30042</a></td></tr><tr><td>Microsoft Excel 2016 (32-bit edition)</td><td>Remote Code Execution</td><td>Important</td><td><a href="https://support.microsoft.com/help/5002587" target="_blank" rel="noopener">5002587</a></td><td><a href="https://www.microsoft.com/downloads/details.aspx?familyid=ec742c29-85f8-4abe-a92f-7f68f5748dc7" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30042" target="_blank" rel="noopener">CVE-2024-30042</a></td></tr><tr><td>Microsoft Office LTSC 2021 for 32-bit editions</td><td>Remote Code Execution</td><td>Important</td><td><a href="https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates" target="_blank" rel="noopener">Click to Run</a></td><td>Security Update</td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30042" target="_blank" rel="noopener">CVE-2024-30042</a></td></tr><tr><td>Microsoft Office LTSC 2021 for 64-bit editions</td><td>Remote Code Execution</td><td>Important</td><td><a href="https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates" target="_blank" rel="noopener">Click to Run</a></td><td>Security Update</td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30042" target="_blank" rel="noopener">CVE-2024-30042</a></td></tr><tr><td>Microsoft Office LTSC for Mac 2021</td><td>Remote Code Execution</td><td>Important</td><td><a href="https://go.microsoft.com/fwlink/p/?linkid=831049" target="_blank" rel="noopener">Release Notes</a></td><td><a href="https://go.microsoft.com/fwlink/p/?linkid=831049" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30042" target="_blank" rel="noopener">CVE-2024-30042</a></td></tr><tr><td>Microsoft 365 Apps for Enterprise for 64-bit Systems</td><td>Remote Code Execution</td><td>Important</td><td><a href="https://docs.microsoft.com/en-us/officeupdates/office365-proplus-security-updates" target="_blank" rel="noopener">Click to Run</a></td><td>Security Update</td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30042" target="_blank" rel="noopener">CVE-2024-30042</a></td></tr><tr><td>Microsoft 365 Apps for Enterprise for 32-bit Systems</td><td>Remote Code Execution</td><td>Important</td><td><a href="https://docs.microsoft.com/en-us/officeupdates/office365-proplus-security-updates" target="_blank" rel="noopener">Click to Run</a></td><td>Security Update</td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30042" target="_blank" rel="noopener">CVE-2024-30042</a></td></tr><tr><td>Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)</td><td>Elevation of Privilege</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037780" target="_blank" rel="noopener">5037780</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037780" target="_blank" rel="noopener">Monthly Rollup</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30049" target="_blank" rel="noopener">CVE-2024-30049</a></td></tr><tr><td>Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)</td><td>Elevation of Privilege</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037803" target="_blank" rel="noopener">5037803</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037803" target="_blank" rel="noopener">Security Only</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30049" target="_blank" rel="noopener">CVE-2024-30049</a></td></tr><tr><td>Windows Server 2008 R2 for x64-based Systems Service Pack 1</td><td>Elevation of Privilege</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037780" target="_blank" rel="noopener">5037780</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037780" target="_blank" rel="noopener">Monthly Rollup</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30049" target="_blank" rel="noopener">CVE-2024-30049</a></td></tr><tr><td>Windows Server 2008 R2 for x64-based Systems Service Pack 1</td><td>Elevation of Privilege</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037803" target="_blank" rel="noopener">5037803</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037803" target="_blank" rel="noopener">Security Only</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30049" target="_blank" rel="noopener">CVE-2024-30049</a></td></tr><tr><td>Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)</td><td>Elevation of Privilege</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037800" target="_blank" rel="noopener">5037800</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037800" target="_blank" rel="noopener">Monthly Rollup</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30049" target="_blank" rel="noopener">CVE-2024-30049</a></td></tr><tr><td>Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)</td><td>Elevation of Privilege</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037836" target="_blank" rel="noopener">5037836</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037836" target="_blank" rel="noopener">Security Only</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30049" target="_blank" rel="noopener">CVE-2024-30049</a></td></tr><tr><td>Windows Server 2008 for x64-based Systems Service Pack 2</td><td>Elevation of Privilege</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037800" target="_blank" rel="noopener">5037800</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037800" target="_blank" rel="noopener">Monthly Rollup</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30049" target="_blank" rel="noopener">CVE-2024-30049</a></td></tr><tr><td>Windows Server 2008 for x64-based Systems Service Pack 2</td><td>Elevation of Privilege</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037836" target="_blank" rel="noopener">5037836</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037836" target="_blank" rel="noopener">Security Only</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30049" target="_blank" rel="noopener">CVE-2024-30049</a></td></tr><tr><td>Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)</td><td>Elevation of Privilege</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037800" target="_blank" rel="noopener">5037800</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037800" target="_blank" rel="noopener">Monthly Rollup</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30049" target="_blank" rel="noopener">CVE-2024-30049</a></td></tr><tr><td>Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)</td><td>Elevation of Privilege</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037836" target="_blank" rel="noopener">5037836</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037836" target="_blank" rel="noopener">Security Only</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30049" target="_blank" rel="noopener">CVE-2024-30049</a></td></tr><tr><td>Windows Server 2008 for 32-bit Systems Service Pack 2</td><td>Elevation of Privilege</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037800" target="_blank" rel="noopener">5037800</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037800" target="_blank" rel="noopener">Monthly Rollup</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30049" target="_blank" rel="noopener">CVE-2024-30049</a></td></tr><tr><td>Windows Server 2008 for 32-bit Systems Service Pack 2</td><td>Elevation of Privilege</td><td>Important</td><td><a href="https://support.microsoft.com/help/5037836" target="_blank" rel="noopener">5037836</a></td><td><a href="https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5037836" target="_blank" rel="noopener">Security Only</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30049" target="_blank" rel="noopener">CVE-2024-30049</a></td></tr><tr><td>Microsoft Intune Mobile Application Management for Android</td><td>Tampering</td><td>Important</td><td><a href="https://learn.microsoft.com/en-us/mem/intune/fundamentals/whats-new#week-of-may-6-2024" target="_blank" rel="noopener">Release Notes</a></td><td><a href="https://play.google.com/store/apps/details?id=com.microsoft.windowsintune.companyportal" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30059" target="_blank" rel="noopener">CVE-2024-30059</a></td></tr><tr><td>Azure Migrate</td><td>Spoofing</td><td>Important</td><td><a href="https://learn.microsoft.com/en-us/azure/migrate/whats-new" target="_blank" rel="noopener">Release Notes</a></td><td><a href="https://learn.microsoft.com/en-us/azure/migrate/migrate-appliance#manually-update-an-older-version" target="_blank" rel="noopener">Security Update</a></td><td><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30053" target="_blank" rel="noopener">CVE-2024-30053</a></td></tr></tbody></table></figure> <h2 class="wp-block-heading">Quality and experience updates</h2> <p>If you’re running Windows 11 versions 23H2 and 22H2, Microsoft has introduced new larger widget icons on the taskbar. The company has also added more customization options and visuals to improve the lock screen widgets for sports, weather, and finance news. Windows 11 users will also start seeing ads for some Microsoft Store apps and frequently used apps in the Recommended section of the Start menu.</p> <p>For Windows 10, this month’s Patch Tuesday Update brings the same minor changes to widgets cards on the lock screen. The <a href="https://support.microsoft.com/en-us/topic/may-14-2024-kb5037768-os-builds-19044-4412-and-19045-4412-cb676101-1641-4a6c-b512-8b277606c6e3" target="_blank" data-type="link" data-id="https://support.microsoft.com/en-us/topic/may-14-2024-kb5037768-os-builds-19044-4412-and-19045-4412-cb676101-1641-4a6c-b512-8b277606c6e3" rel="noreferrer noopener">KB5037768</a> patch brings a new personalized app search experience and reliability improvements for Windows Search. Microsoft has also added support for account-related notifications for Microsoft accounts in Settings.</p> <p>Microsoft has also addressed an issue that was previously causing VPN connections to fail on Windows 11 and Windows 10 devices. The company has also fixed Bluetooth connection problems with some wireless earbuds.</p> <h2 class="wp-block-heading">Windows Update testing and best practices</h2> <p>Organizations looking to deploy this month’s patches should conduct thorough testing before deploying them widely on production systems. That said, applying the patches widely shouldn’t be delayed longer than necessary as hackers start to work out how to weaponize newly reported vulnerabilities.</p> <p>A best practice is to make sure you have backed up systems before applying updates. Every month, users experience issues with Windows updates that lead to systems not booting, application and hardware compatibility issues, or even data loss in extreme cases.</p> <p>There are backup tools built into Windows and Windows Server that you can use to restore systems in the event a patch causes a problem. The backup features in Windows can be used to restore an entire system, or files and folders on a granular basis.</p><p>The post <a rel="nofollow" href="https://petri.com/microsofts-may-2024-patch-tuesday-updates/">Microsoft’s May 2024 Patch Tuesday Updates Fix Two Zero-Day Vulnerabilities</a> appeared first on <a rel="nofollow" href="https://petri.com">Petri IT Knowledgebase</a>.</p>]]></content:encoded> <wfw:commentRss>https://petri.com/microsofts-may-2024-patch-tuesday-updates/feed/</wfw:commentRss> <slash:comments>0</slash:comments> </item> <item> <title>PSA: Windows 10 version 21H2 Enterprise and Education Editions Set to Reach End of Support Next Month</title> <link>https://petri.com/windows-10-version-21h2-end-support/</link> <comments>https://petri.com/windows-10-version-21h2-end-support/#respond</comments> <dc:creator><![CDATA[Rabia Noureen]]></dc:creator> <pubDate>Tue, 14 May 2024 16:35:22 +0000</pubDate> <category><![CDATA[Windows 10]]></category> <category><![CDATA[News]]></category> <guid isPermaLink="false">https://petri.com/?p=712523</guid> <description><![CDATA[<p>Microsoft is warning customers still using Windows 10 version 21H2 that it will soon reach end of support. The consumer editions of Windows 10 version 21H2 already reached end of servicing last year, and June 2024 will mark the end of support for enterprise and education customers for the operating system. Microsoft plans to release...</p><p>The post <a rel="nofollow" href="https://petri.com/windows-10-version-21h2-end-support/">PSA: Windows 10 version 21H2 Enterprise and Education Editions Set to Reach End of Support Next Month</a> appeared first on <a rel="nofollow" href="https://petri.com">Petri IT Knowledgebase</a>.</p>]]></description> <content:encoded><![CDATA[<blockquote class="wp-block-quote"><h3 class="wp-block-heading">Key Takeaways:</h3> <ul><li>Windows 10 version 21H2 will reach end of support in June 2024. </li> <li>Microsoft recommends users to upgrade to Windows 10 version 22H2 for continued security patching.</li> <li>Microsoft will automatically install Windows 10 version 22H2 on non-managed business PCs in the coming weeks to facilitate the transition.</li></ul></blockquote> <p>Microsoft is warning customers still using Windows 10 version 21H2 that it will soon reach end of support. The consumer editions of Windows 10 version 21H2 already reached end of servicing last year, and June 2024 will mark the end of support for enterprise and education customers for the operating system.</p> <p>Microsoft plans to release the last security update for enterprise, education, and IoT enterprise editions of Windows 10 version 21H2 on June 11. After this date, the company will no longer provide security patches and bug fixes for affected Windows 10 devices. However, Microsoft will continue to support Windows 10 Enterprise LTSC 2021 and Windows 10 IoT Enterprise LTSC 2021 until January 12, 2027.</p> <p>Microsoft advises customers currently running Windows 10 version 21H2 to upgrade to version 22H2 to continue receiving security patches beyond June 2024. These security updates help to ensure protection against critical vulnerabilities on Windows 10 PCs. Microsoft will begin force-installing Windows 10 version 22H2 on non-managed business PCs in the next few weeks.</p> <p>“To help keep you protected and productive, Windows Update will automatically initiate a feature update for Windows 10 business devices not managed by IT departments when these are nearing end of servicing. Moving to Windows 10, version 22H2 keeps your device supported and receiving monthly updates that are critical to security and ecosystem health,” Microsoft <a href="https://learn.microsoft.com/en-us/windows/release-health/windows-message-center#recent-announcements" target="_blank" data-type="link" data-id="https://learn.microsoft.com/en-us/windows/release-health/windows-message-center#recent-announcements" rel="noreferrer noopener">explained</a>.</p> <h2 class="wp-block-heading">Microsoft urges upgrade to Windows 10 version 22H2</h2> <p>Microsoft says that administrators will need to upgrade managed devices to Windows 10 version 22H2. Additionally, the company urges IT admins to consider migrating all eligible devices meeting the <a href="https://www.microsoft.com/en-us/windows/windows-11-specifications?r=1#" target="_blank" data-type="link" data-id="https://www.microsoft.com/en-us/windows/windows-11-specifications?r=1#" rel="noreferrer noopener">minimum hardware requirements</a> to Windows 11.</p> <p>Microsoft will officially end support for Windows 10 version 22H2 on October 14, 2025. The company will offer <a href="https://petri.com/windows-10-extended-security-updates-price/" data-type="link" data-id="https://petri.com/windows-10-extended-security-updates-price/">extended security updates</a> for both businesses and enterprise customers for up to three years. The pricing starts at $61 for the first year and doubles to $122 and $244 in the second and third years, respectively.</p><p>The post <a rel="nofollow" href="https://petri.com/windows-10-version-21h2-end-support/">PSA: Windows 10 version 21H2 Enterprise and Education Editions Set to Reach End of Support Next Month</a> appeared first on <a rel="nofollow" href="https://petri.com">Petri IT Knowledgebase</a>.</p>]]></content:encoded> <wfw:commentRss>https://petri.com/windows-10-version-21h2-end-support/feed/</wfw:commentRss> <slash:comments>0</slash:comments> </item> <item> <title>Microsoft Places Uses AI to Enhance Workplace Coordination</title> <link>https://petri.com/microsoft-places-workplace-coordination/</link> <comments>https://petri.com/microsoft-places-workplace-coordination/#respond</comments> <dc:creator><![CDATA[Rabia Noureen]]></dc:creator> <pubDate>Tue, 14 May 2024 12:59:04 +0000</pubDate> <category><![CDATA[Microsoft 365]]></category> <category><![CDATA[News]]></category> <guid isPermaLink="false">https://petri.com/?p=712492</guid> <description><![CDATA[<p>Microsoft has announced the public preview of a new application called Microsoft Places. This new AI-powered app leverages insights from Microsoft Teams and Outlook to help employees synchronize their in-office time. Microsoft first unveiled the new Places app during its Ignite conference in October 2022. With Microsoft Places, users can specify their office hours and...</p><p>The post <a rel="nofollow" href="https://petri.com/microsoft-places-workplace-coordination/">Microsoft Places Uses AI to Enhance Workplace Coordination</a> appeared first on <a rel="nofollow" href="https://petri.com">Petri IT Knowledgebase</a>.</p>]]></description> <content:encoded><![CDATA[<blockquote class="wp-block-quote"><h3 class="wp-block-heading">Key Takeaways:</h3> <ul><li>Microsoft Places, a new AI-powered application, facilitates seamless coordination of in-office schedules by leveraging data from Microsoft Teams and Outlook.</li> <li>The new Places app offers various features to help employees efficiently manage their in-office time and connect with colleagues.</li> <li>The upcoming integration with Microsoft Copilot promises further optimization by enabling automatic booking of shared desks and meeting rooms.</li></ul></blockquote> <p>Microsoft has <a href="https://www.microsoft.com/en-us/microsoft-365/blog/2024/05/13/ai-brings-new-life-to-flexible-work-with-microsoft-places/" target="_blank" data-type="link" data-id="https://www.microsoft.com/en-us/microsoft-365/blog/2024/05/13/ai-brings-new-life-to-flexible-work-with-microsoft-places/" rel="noreferrer noopener">announced the public preview</a> of a new application called Microsoft Places. This new AI-powered app leverages insights from Microsoft Teams and Outlook to help employees synchronize their in-office time.</p> <p>Microsoft first unveiled the new Places app during its Ignite conference in October 2022. With Microsoft Places, users can specify their office hours and locations, and coordinate schedules with colleagues seamlessly. This feature works like the “set your work location” functionality available in Google Calendar.</p> <p>“AI innovation is already improving how you work; improving where you work is the next opportunity, “ said Jared Spataro, CVP for AI at Work. With Microsoft Places, an app that reimagines flexible work, AI can make coordinating in-office time and connecting with coworkers even easier. In addition to fostering improved coordination and connection, Places optimizes the effectiveness and engagement of the workplace.”</p> <figure class="wp-block-image size-large"><img decoding="async" width="1024" height="689" src="https://petri.com/wp-content/uploads/2024/05/image-14-1024x689.png" alt="Microsoft Places Uses AI for Enhanced Workplace Coordination" class="wp-image-712503" srcset="https://petri.com/wp-content/uploads/2024/05/image-14-1024x689.png 1024w, https://petri.com/wp-content/uploads/2024/05/image-14-300x202.png 300w, https://petri.com/wp-content/uploads/2024/05/image-14-768x516.png 768w, https://petri.com/wp-content/uploads/2024/05/image-14-595x400.png 595w, https://petri.com/wp-content/uploads/2024/05/image-14.png 1401w" sizes="(max-width: 1024px) 100vw, 1024px" /><figcaption class="wp-element-caption">Microsoft Places location plan (Image Credits: Microsoft)</figcaption></figure> <p>Microsoft Places includes a location planning section that allows employees to set and monitor their own and their colleagues’ location schedules. Additionally, the team guidance feature lets managers designate priority days for in-office activities. All location information seamlessly syncs with Outlook calendars to help employees keep track of office events.</p> <p>In Microsoft Teams group chats, users can easily view the location of their colleagues. Moreover, they can simply type “@nearby” to promptly inform coworkers of any updates or changes in meeting rooms. Microsoft notes that IT administrators have opt-in/opt-out controls to manage presence information, which specifically pertains to in-office locations.</p> <h2 class="wp-block-heading">Microsoft Places to get new Copilot integration</h2> <p>Later this year, Microsoft plans to integrate this new Places experience into Microsoft Copilot. This new feature will let users ask the AI assistant to automatically find and book shared desks and meeting rooms. This capability should help to reduce the administrative work in hybrid environments.</p> <figure class="wp-block-image size-full"><img decoding="async" width="900" height="664" src="https://petri.com/wp-content/uploads/2024/05/image-15.png" alt="Microsoft Places Uses AI for Enhanced Workplace Coordination" class="wp-image-712505" srcset="https://petri.com/wp-content/uploads/2024/05/image-15.png 900w, https://petri.com/wp-content/uploads/2024/05/image-15-300x221.png 300w, https://petri.com/wp-content/uploads/2024/05/image-15-768x567.png 768w, https://petri.com/wp-content/uploads/2024/05/image-15-542x400.png 542w" sizes="(max-width: 900px) 100vw, 900px" /><figcaption class="wp-element-caption">Copilot integration in Microsoft Places (Image Credits: Microsoft)</figcaption></figure> <p>It’s important to note that the new Places app will be available for commercial customers as a part of <a href="https://petri.com/microsoft-teams-premium/" data-type="link" data-id="https://petri.com/microsoft-teams-premium/">Microsoft Teams Premium</a>. The subscription is priced at $10 per user per month, with a current promotional offer of $7 per month for new customers available until June 30, 2024.</p> <p>The launch of Microsoft Places is a part of the company’s efforts aimed at helping organizations adapt to the new hybrid work era. The upcoming Copilot integration, slated for release in the second half of 2024, promises to enhance the app’s utility for businesses even further. Microsoft invites customers to enroll in the Microsoft Places Preview Program via <a href="https://sway.cloud.microsoft/vO4yNkvgrJDJSepU" target="_blank" data-type="link" data-id="https://sway.cloud.microsoft/vO4yNkvgrJDJSepU" rel="noreferrer noopener">this page</a>.</p><p>The post <a rel="nofollow" href="https://petri.com/microsoft-places-workplace-coordination/">Microsoft Places Uses AI to Enhance Workplace Coordination</a> appeared first on <a rel="nofollow" href="https://petri.com">Petri IT Knowledgebase</a>.</p>]]></content:encoded> <wfw:commentRss>https://petri.com/microsoft-places-workplace-coordination/feed/</wfw:commentRss> <slash:comments>0</slash:comments> </item> <item> <title>Microsoft to Launch System Center 2025 Later This Year</title> <link>https://petri.com/microsoft-launch-system-center-2025/</link> <comments>https://petri.com/microsoft-launch-system-center-2025/#respond</comments> <dc:creator><![CDATA[Rabia Noureen]]></dc:creator> <pubDate>Mon, 13 May 2024 16:32:46 +0000</pubDate> <category><![CDATA[System Center]]></category> <category><![CDATA[News]]></category> <guid isPermaLink="false">https://petri.com/?p=712456</guid> <description><![CDATA[<p>System Center 2025, the next release of Long-Term Servicing Channel (LTSC) will be released in Fall 2024. Microsoft has announced that the latest versions of Center Operations Manager (SCOM), Virtual Machine Manager (VMM), Service Manager (SM), System Center Orchestrator (SCO), and Data Protection Manager (DPM) will be available later this year. System Center is a...</p><p>The post <a rel="nofollow" href="https://petri.com/microsoft-launch-system-center-2025/">Microsoft to Launch System Center 2025 Later This Year</a> appeared first on <a rel="nofollow" href="https://petri.com">Petri IT Knowledgebase</a>.</p>]]></description> <content:encoded><![CDATA[<blockquote class="wp-block-quote"><h3 class="wp-block-heading">Key Takeaways:</h3> <ul><li>Microsoft has announced that System Center 2025, the next LTSC release, arrives in Fall 2024.</li> <li>Key improvements focus on modernizing infrastructure, managing heterogeneous environments, and enhancing security.</li> <li>Microsoft will add support for TLS 1.3 for data transmission security and securely storing passphrases in Azure Key Vault.</li></ul></blockquote> <p>System Center 2025, the next release of Long-Term Servicing Channel (LTSC) <a href="https://techcommunity.microsoft.com/t5/system-center-blog/announcement-system-center-2025-is-here/ba-p/4138510" target="_blank" data-type="link" data-id="https://techcommunity.microsoft.com/t5/system-center-blog/announcement-system-center-2025-is-here/ba-p/4138510" rel="noreferrer noopener">will be released</a> in Fall 2024. Microsoft has announced that the latest versions of Center Operations Manager (SCOM), Virtual Machine Manager (VMM), Service Manager (SM), System Center Orchestrator (SCO), and Data Protection Manager (DPM) will be available later this year.</p> <p>System Center is a suite of management tools that helps organizations to manage large-scale IT infrastructure. The service offers a comprehensive set of solutions to deploy, configure, manage, monitor, and automate datacenters, hybrid cloud infrastructures, and virtualized environments.</p> <p>Microsoft highlights that System Center 2025 brings several improvements that should help organizations modernize infrastructure, manage heterogeneous infrastructure, and boost security. “By delivering System Center 2025 (VMM, DPM, SCOM, SM & SCO) together with Windows Server 2025, we are bringing you management support for the latest Windows Server version right from Day 0,” Microsoft explained.</p> <p>Microsoft plans to add managing and monitoring support for <a href="https://learn.microsoft.com/en-us/azure-stack/hci/whats-new" data-type="link" data-id="https://learn.microsoft.com/en-us/azure-stack/hci/whats-new" target="_blank" rel="noreferrer noopener">Azure Stack HCI 23H2 clusters</a> with VMM & SCOM 2025. This release should also make it easier for administrators to convert VMware VMs to Windows Server via VMM. Microsoft plans to introduce support for the latest versions of Linux distros when <a href="https://learn.microsoft.com/en-us/system-center/vmm/whats-new-in-vmm?view=sc-vmm-2022" data-type="link" data-id="https://learn.microsoft.com/en-us/system-center/vmm/whats-new-in-vmm?view=sc-vmm-2022" target="_blank" rel="noreferrer noopener">System Center Virtual Machine Manager</a> (SCVMM) 2025 hits general availability.</p> <p>Additionally, Data Protection Manager 2025 will enable IT admins to exclude specific disks from backups in Hyper-V environments. The service will also offer <a href="https://trustedcomputinggroup.org/about/what-is-a-virtual-trusted-platform-module-vtpm/" target="_blank" data-type="link" data-id="https://trustedcomputinggroup.org/about/what-is-a-virtual-trusted-platform-module-vtpm/" rel="noreferrer noopener">virtual TPM (vTPM)</a> support for VMware and seamless integration with SharePoint Subscription Edition.</p> <h2 class="wp-block-heading">System Center 2025 to enhance storage & authentication mechanisms</h2> <p>Microsoft will introduce several security features to enhance the security and reliability of System Center products. The company has added support for <a href="https://datatracker.ietf.org/doc/html/rfc8446" target="_blank" data-type="link" data-id="https://datatracker.ietf.org/doc/html/rfc8446" rel="noreferrer noopener">Transport Layer Security (TLS) version 1.3</a> to ensure that the latest security standards protect all data transmission. Moreover, DPM 2025 lets administrators securely store passphrases in Azure Key Vault to prevent unauthorized access to sensitive information.</p> <p>Last but not least, Microsoft has announced plans to discontinue support for the Azure Profiles feature in VMM and <a href="https://learn.microsoft.com/en-us/system-center/spf/overview?view=sc-spf-2022" target="_blank" data-type="link" data-id="https://learn.microsoft.com/en-us/system-center/spf/overview?view=sc-spf-2022" rel="noreferrer noopener">System Center Service Provider Foundation </a>(SPF). The company mentioned that these built-in capabilities are already available in Arc-enabled VMM. Microsoft notes that administrators can sign up for a private preview of System Center 2025 on <a href="https://aka.ms/SC2025preview" target="_blank" data-type="link" data-id="https://aka.ms/SC2025preview" rel="noreferrer noopener">this page</a>.</p><p>The post <a rel="nofollow" href="https://petri.com/microsoft-launch-system-center-2025/">Microsoft to Launch System Center 2025 Later This Year</a> appeared first on <a rel="nofollow" href="https://petri.com">Petri IT Knowledgebase</a>.</p>]]></content:encoded> <wfw:commentRss>https://petri.com/microsoft-launch-system-center-2025/feed/</wfw:commentRss> <slash:comments>0</slash:comments> </item> <item> <title>Microsoft Teams’ New Presenter Window Elevates Virtual Meetings</title> <link>https://petri.com/microsoft-teams-presenter-window/</link> <comments>https://petri.com/microsoft-teams-presenter-window/#respond</comments> <dc:creator><![CDATA[Rabia Noureen]]></dc:creator> <pubDate>Mon, 13 May 2024 13:55:05 +0000</pubDate> <category><![CDATA[Microsoft Teams]]></category> <category><![CDATA[Microsoft 365]]></category> <category><![CDATA[News]]></category> <guid isPermaLink="false">https://petri.com/?p=712427</guid> <description><![CDATA[<p>Microsoft Teams meetings are about to get a lot more interactive with the latest enhancements to the Presenter window. Now, users can effortlessly keep track of up to four participants, active speakers, raised hands, and shared content previews. In Microsoft Teams, the extended Presenter window enables users to view meeting notifications at the center of...</p><p>The post <a rel="nofollow" href="https://petri.com/microsoft-teams-presenter-window/">Microsoft Teams’ New Presenter Window Elevates Virtual Meetings</a> appeared first on <a rel="nofollow" href="https://petri.com">Petri IT Knowledgebase</a>.</p>]]></description> <content:encoded><![CDATA[<blockquote class="wp-block-quote"><h3 class="wp-block-heading">Key Takeaways:</h3> <ul><li>Microsoft Teams has introduced enhanced Presenter window features for improved meeting interaction.</li> <li>Meeting notifications are now prominently displayed at the center of the screen.</li> <li>Users have enhanced control and flexibility with the ability to manage meeting options directly from the Presenter window.</li></ul></blockquote> <p>Microsoft Teams meetings are about to get a lot more interactive with the <a href="https://insider.microsoft365.com/en-us/blog/teams-enhancements-to-the-presenter-window-while-screensharing" target="_blank" data-type="link" data-id="https://insider.microsoft365.com/en-us/blog/teams-enhancements-to-the-presenter-window-while-screensharing" rel="noreferrer noopener">latest enhancements</a> to the Presenter window. Now, users can effortlessly keep track of up to four participants, active speakers, raised hands, and shared content previews.</p> <p>In Microsoft Teams, the extended Presenter window enables users to view meeting notifications at the center of the screen. This feature makes it easier for presenters to monitor the participants’ activity during Teams meetings.</p> <p>“These enhancements help you stay aware of what’s happening in your meeting and make it easier to engage with other attendees while you’re screensharing. You can also manage actions in your meeting such as lowering raised hands and muting participants,” Microsoft explained.</p> <div class="wp-block-image"><figure class="aligncenter size-full"><img decoding="async" width="266" height="864" src="https://petri.com/wp-content/uploads/2024/05/image-13.png" alt="Microsoft Teams' New Presenter Window Elevates Virtual Meetings" class="wp-image-712447" srcset="https://petri.com/wp-content/uploads/2024/05/image-13.png 266w, https://petri.com/wp-content/uploads/2024/05/image-13-92x300.png 92w, https://petri.com/wp-content/uploads/2024/05/image-13-123x400.png 123w" sizes="(max-width: 266px) 100vw, 266px" /><figcaption class="wp-element-caption">Expanded Presenter window (Image Credits: Microsoft)</figcaption></figure></div> <h2 class="wp-block-heading">How the new Presenter window works in Microsoft Teams</h2> <ul><li>Join a Microsoft Teams meeting and click <strong>Share</strong> > <strong>Screen</strong> or <strong>Window</strong>.</li> <li>Microsoft Teams users will notice that the new Presenter window now shows up to 4 participants. This new Presenter window can be moved around on the screen as well as minimized or resized.</li> <li>Users can click the <strong>arrow</strong> button to expand the self-video title at the bottom of the Presenter window.</li> <li>The self-video tile also allows users to change the presenter layout during the screen sharing session.</li></ul> <p>Microsoft is currently rolling out the new Presenter window experience to Targeted release customers and users enrolled in the Teams public preview program. It’s up to the IT admins to <a href="https://learn.microsoft.com/en-us/microsoft-365/admin/manage/release-options-in-office-365?view=o365-worldwide#set-up-the-release-option-in-the-admin-center" target="_blank" data-type="link" data-id="https://learn.microsoft.com/en-us/microsoft-365/admin/manage/release-options-in-office-365?view=o365-worldwide#set-up-the-release-option-in-the-admin-center" rel="noreferrer noopener">give access</a> to select end users or the entire organization through the Microsoft 365 admin center.</p> <p>As of this writing, this feature supports the new Teams client for Windows and macOS. The new Presenter window is expected to become generally available for all commercial customers in mid-June.</p> <p>Last month, Microsoft <a href="https://petri.com/new-planner-app-microsoft-teams/" data-type="link" data-id="https://petri.com/new-planner-app-microsoft-teams/">announced the general availability</a> of the new Planner experience in Teams. This new Planner app combines task management and planning tools, including Microsoft Planner, To Do, and the Project web app.</p><p>The post <a rel="nofollow" href="https://petri.com/microsoft-teams-presenter-window/">Microsoft Teams’ New Presenter Window Elevates Virtual Meetings</a> appeared first on <a rel="nofollow" href="https://petri.com">Petri IT Knowledgebase</a>.</p>]]></content:encoded> <wfw:commentRss>https://petri.com/microsoft-teams-presenter-window/feed/</wfw:commentRss> <slash:comments>0</slash:comments> </item> <item> <title>What is Single Sign-On (SSO): Everything You Need to Know</title> <link>https://petri.com/what-is-single-sign-on/</link> <comments>https://petri.com/what-is-single-sign-on/#comments</comments> <dc:creator><![CDATA[Chester Avey]]></dc:creator> <pubDate>Mon, 13 May 2024 11:00:49 +0000</pubDate> <category><![CDATA[Security]]></category> <category><![CDATA[featured-top-right]]></category> <guid isPermaLink="false">https://petri.com/?p=712420</guid> <description><![CDATA[<p>When it comes to cloud services and security technology, IT and systems administrators should seriously consider having SSO implemented for greater convenience and security. What is single sign-on (SSO)? SSO is an authentication method that allows users to securely access multiple SaaS (Software-as-a-Service) applications, websites, and other digital resources with a single set of login...</p><p>The post <a rel="nofollow" href="https://petri.com/what-is-single-sign-on/">What is Single Sign-On (SSO): Everything You Need to Know</a> appeared first on <a rel="nofollow" href="https://petri.com">Petri IT Knowledgebase</a>.</p>]]></description> <content:encoded><![CDATA[<p>When it comes to cloud services and security technology, IT and systems administrators should seriously consider having SSO implemented for greater convenience and security.</p> <h2 class="wp-block-heading"><strong>What is single sign-on (SSO)?</strong></h2> <p>SSO is an authentication method that allows users to securely access multiple SaaS (Software-as-a-Service) applications, websites, and other digital resources with a single set of login credentials. As opposed to remembering and entering separate usernames and passwords for each service, SSO enables users to authenticate themselves once and then be granted access to all authorized systems and applications. Microsoft SSO, in particular, has become a pivotal centerpiece in its evolutionary, security- and AI-led approach across <a href="https://petri.com/windows-365-ai-features-security-protections/">its entire ecosystem</a>.</p> <p>At its core, SSO establishes a trusted relationship between a user and one or more service providers (SPs). The user is responsible for providing the credentials, the service then creates an authentication token that validates the user as verified. This token is stored either in a browser or within the SSO vendor’s servers. The SSO vendor then passes the user’s token details to any apps on the server and the user is granted access without the need to enter their details again.</p> <p>SSO plays a crucial role in securely managing access and authentication across geographically distributed teams and infrastructure. It allows organizations to manage user identities and access permissions from a centralized platform, simplifying the switching between various tools and services without the need to re-authenticate, fostering more efficient and streamlined workflows. Additionally, organizations can use SSO to validate users’ attempts to access and interact with mission-critical systems and enhance their DevOps operations, with <a href="https://clearhub.tech/en-us/blog/a-beginners-guide-to-ci-cd-pipelines/" target="_blank" rel="noopener">CI/CD pipelines</a> and cloud applications proving inherently more agile with this authentication method embedded.</p> <h2 class="wp-block-heading"><strong>How does single sign-on work?</strong></h2> <p>Firstly, however, it’s important to establish how SSO works in a business context. An SSO configuration setup can be viewed as a go-between that confirms whether a user’s login information matches their identity on a separately managed database. Most SSO services don’t manage databases themselves but can access them quickly to validate a login request. </p> <figure class="wp-block-image size-large"><img decoding="async" width="1024" height="733" src="https://petri.com/wp-content/uploads/2024/05/Single-sign-on-powered-by-Microsoft-Entra-ID-1024x733.png" alt="Computer screen showing list of applications" class="wp-image-712423" srcset="https://petri.com/wp-content/uploads/2024/05/Single-sign-on-powered-by-Microsoft-Entra-ID-1024x733.png 1024w, https://petri.com/wp-content/uploads/2024/05/Single-sign-on-powered-by-Microsoft-Entra-ID-300x215.png 300w, https://petri.com/wp-content/uploads/2024/05/Single-sign-on-powered-by-Microsoft-Entra-ID-768x550.png 768w, https://petri.com/wp-content/uploads/2024/05/Single-sign-on-powered-by-Microsoft-Entra-ID-559x400.png 559w, https://petri.com/wp-content/uploads/2024/05/Single-sign-on-powered-by-Microsoft-Entra-ID.png 1470w" sizes="(max-width: 1024px) 100vw, 1024px" /><figcaption class="wp-element-caption">Single sign-on powered by Microsoft Entra ID (Image Credit: Microsoft.com)</figcaption></figure> <p>The SSO process typically follows these steps:</p> <ol><li>A user attempts to access a secure application or resource.</li> <li>The application redirects the user to the identity provider’s login page.</li> <li>The user provides their username and password to the application.</li> <li>The application establishes a secure session through identity verification.</li> <li>The resource generates an authentication token and returns it to the user’s browser.</li> <li>The user’s browser automatically includes the authentication token when accessing the original application or other connected services.</li> <li>The service provider validates the token and grants the user secure access to the requested resource(s).</li></ol> <p>Authentication tokens have specific communication standards to adhere to when confirming a request’s validity. The main token standard is known as <a href="https://www.oracle.com/uk/security/cloud-security/what-is-saml/" target="_blank" rel="noopener">Security Assertion Markup Language (SAML)</a>, but there are several common SSO configurations that organizations – of all sizes – can implement.</p> <h2 class="wp-block-heading"><strong>Types of SSO configurations</strong></h2> <h3 class="wp-block-heading"><strong>SAML-based SSO</strong></h3> <p>SAML is an XML standard for exchanging authentication and authorization data between users and service providers. SAML-based SSO involves communication between the user, the identity provider (IdP) that oversees a user directory or database, and the service provider.</p> <h3 class="wp-block-heading"><strong>Kerberos-based SSO</strong></h3> <p>Kerberos is a network authentication protocol that authenticates secure service requests between trusted hosts across non-secure networks. In a Kerberos-based SSO setup, a user initially provides their credentials before a ticket-granting ticket (TGT) is issued, which obtains service tickets for other wanted resources without the need for re-entering information.</p> <h3 class="wp-block-heading"><strong>Smart Card-based SSO</strong></h3> <p>Smart card-based SSO utilizes a physical smart card or security token as the primary or initial authentication factor. Once the data from the card is used, the user does not have to re-enter their credentials, with the SSO vendor storing certificates or passwords after first entry.</p> <h3 class="wp-block-heading"><strong>Social SSO</strong></h3> <p>Some organizations allow users to validate their access requests if they log in using their social media account credentials. This can provide a convenient login experience but it also introduces potential security risks that users should consider carefully, given that it creates a single point of failure easily exploitable by attackers.</p> <h3 class="wp-block-heading"><strong>Enterprise SSO</strong></h3> <p>Enterprise single sign-on (eSSO) services usually comprise password managers with server and client components that align users and target applications with securely stored user-generated credentials. </p> <h2 class="wp-block-heading"><strong>Benefits of SSO</strong></h2> <p>The enterprise SSO market is <a href="https://www.researchnester.com/reports/enterprise-single-sign-on-market/5433" target="_blank" rel="noopener">projected to reach</a> an $11 billion valuation by 2036, expanding at a 14% CAGR from this year onwards. Given the current cyber threat landscape, it’s clear that enterprises are taking SSO seriously, and with good reason. Implementing a robust SSO solution can provide organizations with several advantages. </p> <ol><li><strong>Improved user experience: </strong>By removing the need for multiple login prompts and the need to remember separate passwords, SSO improves overall productivity and efficiency for users.<br></li> <li><strong>Enhanced security:</strong> SSO can help IT teams strengthen security by enforcing stronger and specific password policies, multi-factor authentication (MFA), and the centralized management of user identities and access permissions.<br></li> <li><strong>Reduced IT support costs:</strong> With the help of SSO, administrators spend less time implementing repeated password resets and can take advantage of a single place from which to initiate re-entry for internal applications. As such, business productivity improves and IT teams can dedicate more resources to higher-value work.<br></li> <li><strong>Aiding in compliance:</strong> Many SSO solutions provide high-quality logging and reporting capabilities, which can help organizations meet regulations with greater oversight and less ambiguity.</li></ol> <ol start="5"><li><strong>Scalability and flexibility</strong>: Third-party SSO platforms can be seamlessly integrated with a wide range of on-premise and cloud-based applications, making them adaptable to the evolving needs of modern organizations.</li></ol> <h2 class="wp-block-heading"><strong>Are there any security risks of SSO?</strong></h2> <p>While SSO offers several benefits, it’s important to be aware of potential security risks. If malicious actors gain access to a user’s credentials, resources connected through SSO can be potentially compromised through a single point of failure. Organizations must maintain strict controls and processes to reduce both <a href="https://www.incognia.com/the-authentication-reference/what-is-password-fatigue" target="_blank" rel="noopener">password fatigue</a> and an overreliance on service provider availability. To mitigate these risks, organizations should implement stringent identity and access management (IAM) practices, regular audits and 24/7 incident response.</p> <h2 class="wp-block-heading"><strong>Microsoft Entra ID SSO implementation </strong></h2> <p>Microsoft Entra ID, formerly known as Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service. The Microsoft Entra SSO is an incumbent feature within the Entra platform and is the primary SSO solution that permits users to use one set of credentials to access multiple Microsoft applications.</p> <figure class="wp-block-image size-large"><img decoding="async" width="1024" height="735" src="https://petri.com/wp-content/uploads/2024/05/Single-sign-on-in-action-in-for-a-Microsoft-work-or-school-account-1024x735.png" alt="Diagram showing how single sign-on works at Microsoft" class="wp-image-712425" srcset="https://petri.com/wp-content/uploads/2024/05/Single-sign-on-in-action-in-for-a-Microsoft-work-or-school-account-1024x735.png 1024w, https://petri.com/wp-content/uploads/2024/05/Single-sign-on-in-action-in-for-a-Microsoft-work-or-school-account-300x215.png 300w, https://petri.com/wp-content/uploads/2024/05/Single-sign-on-in-action-in-for-a-Microsoft-work-or-school-account-768x551.png 768w, https://petri.com/wp-content/uploads/2024/05/Single-sign-on-in-action-in-for-a-Microsoft-work-or-school-account-557x400.png 557w, https://petri.com/wp-content/uploads/2024/05/Single-sign-on-in-action-in-for-a-Microsoft-work-or-school-account.png 1232w" sizes="(max-width: 1024px) 100vw, 1024px" /><figcaption class="wp-element-caption">Single sign-on in action in for a Microsoft work or school account (Image Credit: Microsoft Learning)</figcaption></figure> <p>The service offers extensive support for app integrations, passwordless and multi-factor authentication and a notable conditional access functionality which allows administrators to set specific conditions that grant users access to certain applications based on location, device, and other data. This is an agile and proactive workaround for users who have lost access to or forgotten logins, while giving administrators flexibility to ensure infrastructure stability and minimize risk.</p> <p>Microsoft Entra also supports all OAuth 2.0 flows, which are connected to OpenID Connect (OIDC), a proven and reliable authorization layer.</p> <p>Microsoft Entra ID additionally allows users to create an application identity that can connect to other resources using Entra authentication, with it recently permitting enterprise customers to <a href="https://petri.com/microsoft-entra-id-convert-external-accounts-internal/">convert external accounts</a> to internal accounts with ease. Administrators can connect many Azure resources, for example, by supporting managed user identities with the help of Entra ID, including but not limited to Azure Virtual Machines, Azure SQL, Azure IoT Hub, and Azure Communication Services, to name just a few. </p> <p>As such, administrators can create a robust, comprehensive security and regulatory compliance framework for their infrastructure and processes. </p> <hr class="wp-block-separator has-alpha-channel-opacity"/> <p>It’s clear that SSO is a powerful authentication solution that simplifies user access and identity management across an organization’s Microsoft infrastructure. Using SSO is a definitive way to enhance security and productivity across your estate, and by understanding the various configurations and benefits it can provide, as well as the potential security risks, IT administrators can implement the right enterprise-grade SSO solution that aligns with their unique business needs. </p> <p>Enterprises have access to a user-friendly and established SSO tool within incumbent Microsoft setups, known as Entra ID, which can be leveraged to further streamline user authentication and access management across a range of cloud-based and on-premises applications. As organizations continue to scale with the help of DevOps, the role of SSO in securely managing user identities and access becomes increasingly vital. </p> <p>As security becomes more of a hot topic among IT professionals, staying informed about SSO developments will help you make more informed choices about how best to implement a well-designed and reliable SSO solution. </p><p>The post <a rel="nofollow" href="https://petri.com/what-is-single-sign-on/">What is Single Sign-On (SSO): Everything You Need to Know</a> appeared first on <a rel="nofollow" href="https://petri.com">Petri IT Knowledgebase</a>.</p>]]></content:encoded> <wfw:commentRss>https://petri.com/what-is-single-sign-on/feed/</wfw:commentRss> <slash:comments>1</slash:comments> </item> </channel></rss><!-- plugin=object-cache-pro client=phpredis metric#hits=68171 metric#misses=60 metric#hit-ratio=99.9 metric#bytes=6577090 metric#prefetches=5110 metric#store-reads=60 metric#store-writes=2 metric#store-hits=5116 metric#store-misses=56 metric#sql-queries=13 metric#ms-total=417.26 metric#ms-cache=46.15 metric#ms-cache-avg=0.7565 metric#ms-cache-ratio=11.1 -->If you would like to create a banner that links to this page (i.e. this validation result), do the following:
Download the "valid RSS" banner.
Upload the image to your own server. (This step is important. Please do not link directly to the image on this server.)
Add this HTML to your page (change the image src attribute if necessary):
If you would like to create a text link instead, here is the URL you can use:
http://www.feedvalidator.org/check.cgi?url=http%3A//feeds.feedburner.com/Petri%3Fformat%3Dxml
