May 2024 Newsletter

What’s New at eGroup Enabling Technologies?

eGroup Enabling Technologies Recognized with the Microsoft Verified Managed XDR Solution Status

eGroup Enabling Technologies has achieved Microsoft Verified Managed Extended Detection and Response (MXDR) solution status. By achieving this status, our team has proven our robust MXDR services including a Security Operation Center (SOC) with 24/7/365 proactive hunting, monitoring, and response capabilities all built on tight integrations with the Microsoft Security platform.

“Being Microsoft Verified for our MXDR solution is not just a badge of honor; it’s a testament to our commitment to excellence in cybersecurity. Being among the ~70 MXDR verified solutions validates our hunters’ dedication to protecting our customers from threats using the best available security platform.” -Chris Stegh, CTO and VP of Strategy at eGroup Enabling Technologies

What’s New in the Hybrid Data Center?

Cisco

  • Cisco recently patched two critical zero-day vulnerabilities in their firewall products, discovered after probable nation-state actors targeted them in a campaign dubbed “ArcaneDoor.” These vulnerabilities and their patches for devices running ASA and FTD software are summarized in our recent blog.  
  • Cisco joined Microsoft and IBM in signing a Vatican-sponsored pledge to ensure the ethical use and development of artificial intelligence. This pledge advocates for AI to be developed and regulated with transparency, inclusion, responsibility, impartiality, and security. 
  • Cisco’s cloud-based version of its Meraki/Azure security and SD-WAN appliance (virtual MX) had a mid-April update. The vMX connects physical MX gear to Azure through the same Meraki dashboard. A vMX can act as your Cisco Meraki SD-WAN and Auto VPN node to link your network with your Azure services.  

Nutanix

  • Nutanix Move, a cross-hypervisor mobility solution to move VMs with minimal downtime, has an updated release 5.2.0. Move now supports the customization of target VM IP configurations. It supports TLS 1.3, resolves file migration issues, and is available in the following migrations: 

    • ESXi to AHV on Ubuntu 20.04, 22.04 

    • ESXi to ESXi on Nutanix on Ubuntu 22.04, RHEL 9.

  • Key stats included in the latest 2024 Enterprise Cloud Index (nutanix.com) include: 
    • Hybrid Multicloud is the Standard: Over 90% of organizations adopt a “cloud smart” approach, making hybrid and multicloud environments the standard for managing applications and data. 
    • Ransomware Protection Investment: 78% of organizations plan to increase their investment in ransomware protection solutions, as 71% of those attacked took days or weeks to restore operations. 
    • AI and Modernization are Priorities: The top investment priorities for enterprises are AI support and IT modernization, with 37% finding it challenging to run AI apps on current infrastructure. 

Rubrik

VMware

What’s New with Microsoft?

Defender for Cloud Apps

  • The “Investigation Priority Score Increase” policy in Microsoft Defender for Cloud Apps will be retired between June and July 2024 due to high false positives and limited value. Administrators should use the Advanced Hunting query as an alternative. 

  • The “Cloud Discovery Anomaly Detection” policy is also retiring in July due to high false positives. Switch to “App Discovery Policy” and set filters as needed.

Defender for Office 365

  • The subject line format for end-user reported notification messages will change to improve readability and rule creation. Rollout starts late May 2024 and ends mid-June 2024. 

  • New “Take Action” wizard in Threat Explorer for efficient threat remediation. Rollout: April-June 2024

Defender XDR

  • The SOC optimizations page in the Microsoft Defender portal is now available. Organizations who integrate Microsoft Defender XDR and Microsoft Sentinel can use SOC optimizations to optimize both processes and outcomes, without having SOC teams spend time on manual analysis and research. 

  • Microsoft Copilot in Microsoft Defender is now generally available. Copilot in Defender helps investigate and respond to incidents faster and more effectively. Copilot provides guided responses, incident summaries and reports, helps build Kusto Query Language (KQL) queries to hunt for threats, file and script analyses, and enables summaries of relevant and actionable threat intelligence. 

  • Copilot in Defender customers can now export incident data to PDF. Use the exported data to easily share incident data, facilitating discussions with your security teams and other stakeholders. For details, see Export incident data to PDF. 

  • Notifications in the Microsoft Defender portal are now available. On the top right-hand side of the Defender portal, select the bell icon to view all of your active notifications, such as success, info, warning, and error. Dismiss individual notifications or dismiss all from the notifications tab.

Edge for Business

  • Customize Organizational Branding: Admins can customize branding assets onto Edge for Business through the Microsoft Edge management service.

Entra ID

  • Group Writeback in Cloud Sync: Security groups provisioning to Active Directory is now available through Microsoft Entra Cloud Sync. 

  • Dynamic Groups Quota Increase: The quota for dynamic groups and administrative units combined has been increased to 15,000. 

  • FIDO2 Authentication on Android: Users can now sign in with a FIDO2 security key on Chrome and Microsoft Edge on Android devices. 

  • Passkeys in Microsoft Authenticator: Device-bound passkeys are now supported in the Authenticator app for secure and seamless authentication. 

  • Conditional Access What If API: This API allows for testing the impact of conditional access policies programmatically. 

  • SSPR Policy Expansion: Self-service password reset policy now includes three additional built-in admin roles. 

  • TLS 1.3 Support: Microsoft Entra endpoints now support TLS 1.3 protocol for enhanced security. 

  • Guest Account Monitoring: Provides insights into inactive guest users and allows customization of the inactivity threshold. 

  • Identity Protection Enhancements: Password hash synchronization now allows on-premises password changes to remediate user risk, integrating with risk-based Conditional Access policies. 

  • PIM on Azure Mobile App: Privileged Identity Management (PIM) is accessible on the Azure mobile app, allowing for approval or denial of PIM activation requests on-the-go. 

Exchange Online

  • Retirement of Basic Auth: Exchange Online will retire Basic Auth for Client Submission (SMTP AUTH) in September 2025. Users must switch to OAuth or other alternatives before this date, as applications using Basic Auth will no longer be supported. 

  • External Recipient Rate Limit: A new rate limit to prevent abuse of services will begin in January 2025, enforcing a new External Recipient Rate limit of 2000 recipients per 24 hours. Organizations exceeding this limit should consider Azure Communication Services for Email. 

Intune

  • Intune Endpoint for Remote Help: Effective May 30, 2024, the Intune Endpoint for Remote Help will change to https://remotehelp.microsoft.com. Organizations using Remote Help should update firewall rules and update the Remote Help app on Windows to version 5.1.124.0. 

  • Windows Autopatch: End of servicing on June 11, 2024, for Windows 10, version 21H2 with Autopatch targeting version 22H2 starting May 8, 2024. 

  • The ‘Modern Workplace – Autopatch Client Setup’ script is being upgraded to version 1.2 starting June 3, 2024, with improvements and a technical cleanup. The upgrade will roll out to different deployment groups throughout June. No action is needed from users. 

  • Company Portal Update: Users must update to the minimum Company Portal app versions by July 10, 2024, to maintain access. Automatic updates will handle this for most users; others must update manually. Classic Conditional Access policies need migration. Users should be notified to prepare. 

    • Windows Company Portal: version 11.2.58.0 

    • Android Company Portal: version 5.0.5750.0 

    • Intune app for Android Enterprise: version 23.5.3 

    • Intune app for Android Open Source Project: version 21.12.5 

    • iOS Company Portal: version 5.2311.1 

    • macOS Company Portal: version 5.2401.2

Microsoft 365 Apps Admin Center

  • Cloud Update: Now generally available, enabling admins to prepare for Copilot and manage updates more efficiently.

Outlook (Classic)

  • Copilot will be in Public Preview in classic Outlook for Windows starting early May, and for General Availability by early June 2024. 

Outlook (New)

  • Attachment Saving: Choose a local folder when saving attachments in the new Outlook for Windows. Rollout: April-May 2024. 

  • Graph-Grounded Chat: Copilot for Outlook introduces graph-grounded chat. Rollout: April-May 2024. 

  • Follow Response for Meetings: New response option for attendees who want to stay informed. 

OneDrive for Business

  • Offline Mode: OneDrive for Web introduces “Offline mode” for Windows and macOS devices, allowing file management even when offline. Rollout: February-May 2024. 

  • Users can edit PDFs in OneDrive and SharePoint by opening the file and using the ‘Edit’ and ‘Add Text’ commands. This is rolling out mid-May to early June 2024. 

  • OneDrive File Creation with Templates: A refreshed file creation experience in OneDrive for the web will roll out from March to May 2024. Users can also create files using company templates and choose file storage locations. No admin action is required for preparation. 

Planner

  • The new Microsoft Planner app in Teams is rolling out, and with Project Plan 3 or 5 includes Copilot to manage plan data via language prompts. General Availability is set for late April to May 2024. Admins will have a control to disable it by mid-May 2024.  

  • Teams is updating the existing Tasks by Planner and To Do app to the new Microsoft Planner app. It will maintain all existing app functionality and add new options and features. By early May 2024, you should update any internal documentation that references the previous app name (Tasks by Planner and To Do to use the new app name ‘Planner’). 

     

Purview Information Protection

  • Enhanced incident communication with DLP email templates. 

  • New eDiscovery Hold reports and a new Data Governance preview experience rolled out in April. 

  • Audit Logs: New logs for audit activities and policy changes. Rollout: May-June 2024. 

  • Insider Risk Management: Enhancements to risk level settings and new indicators for communication compliance. Preview: May 2024, GA: June-July 2024. 

  • Data Loss Prevention: OCR for Mac devices to detect sensitive content in images. 

  • Logging and Microsoft Purview eDiscovery support for Copilot features in Outlook will roll out from mid to late April 2024. 

  • Azure Information Protection Add-in Retirement: Transition to the Microsoft Purview Information Protection client by May 2024. 

Stream

  • Stream Mobile App Retirement: The Stream mobile apps will retire on July 1, 2024. Users are encouraged to switch to the OneDrive and Microsoft 365 mobile apps. 

SharePoint

  • Tenant Rename: Advanced Tenant Rename feature in SharePoint Advanced Management, rollout begins late April, completion by early May 2024. 

  • Version History Controls: Improved version history controls for better data protection. Preview: May 2024, GA: August 2024. 

  • Content Align: Align content across columns on pages. Rollout: May 2024. 

  • Archive Inactive Sites: Archive feature for SharePoint to save on storage costs. Rollout: April-May 2024. 

  • Microsoft Image Tagger: Enhanced tagging feature for specific sites. 

  • SharePoint Add-In Retirement: SharePoint Add-Ins will be retired by April 2026, with installations ending July 2024. 

  • SharePoint 2013 Workflow Retirement will occur with new tenants in April 2024 and for existing tenants from April 2026. 

  • Files and items modified by Power Automate or Power Apps will show as “Microsoft Power Platform” on behalf of the user. This change, starting mid-May to early June 2024, does not affect “Created By” and “Modified By” columns. Inform users about this update. 

Teams Chat and Channels

  • Microsoft Whiteboard @mentions in comments: Users can now mention others within their tenant in Whiteboard comments. Notifications will be sent via email and Outlook. 

  • Message Reactions in Right-Click Menu: Users can react to messages directly from the right-click menu in Teams for web and desktop. 

  • Avatars from Photos: Create avatars using AI in Teams. Rollout: May-June 2024. It requires a quad-core processor, 4 GB RAM, and is available for various Microsoft Teams and Office 365 licenses. Users can create up to three avatars and need Teams 2.1 or newer on Windows PC or Mac. To prepare, enable Mesh Avatars in the Teams Admin Center. 

  • Access Multiple Accounts: Users can access work, school, and personal accounts in a single app. 

  • Classic Teams will end support on July 1, 2024, and availability on July 1, 2025. 

Teams Meetings

  • Meeting Recordings Saved in Organizer’s OneDrive: Meeting recordings in Teams will now be saved to the organizer’s OneDrive by default, with rollout from mid-May to late August 2024. 

  • View, Download, and Delete Microsoft OneDrive Transcript Files: Teams will standardize all transcript storage to OneDrive, improving the experience for meeting organizers and IT administrators. 

  • Explicit Transcription Consent: Participants must now explicitly consent to be transcribed in Teams meetings. 

  • Integrate Chat Notification with Meeting RSVP Status: Users can control notifications in meeting chats based on their RSVP status. 

  • Mute with Windows Taskbar: The new Teams on Windows has a Mute feature available in the Windows Taskbar. 

  • Cloud IntelliFrame: Smart video feeds in Teams Rooms on Windows to complete by mid-May. 

  • Copilot for Teams Mobile: Accessible after meetings end. 

  • Meeting Experiences on Safari and Firefox will be getting performance improvements. 

  • App Sharing Enhancements: Updates to app sharing in meetings are coming, with a Public Developer Preview in April and General Availability in May 2024. 

  • Meeting Content as Whiteboard: Save meeting content with collaborative annotations as a Microsoft Whiteboard, with rollout beginning late May 2024. 

Teams Phone

  • Adjusting the Record a Greeting Button: The ‘Record a Greeting’ button under Voicemail settings will only allow greeting recordings, enhancing data protection and simplifying the recording process. 

  • Walkie Talkie with iOS Push-to-Talk: Integration for audio transmission from the lock screen. 

  • Auto Attendant will be integrated with the main Address Book search in Microsoft products, aligning search results and being affected by tenant Address Book settings in Exchange. Rollout begins late May 2024, completing by late June 2024, with no admin action required. 

Teams Admin

  • Extended Directory: Enhanced Teams Connect chat with external directory. Rollout: February 2024. 

  • Tenant-Wide Policy for Downloading Meeting Transcription: A new policy allows IT admins to control permissions for downloading meeting transcripts. 

  • New Virtual Desktop Infrastructure Solution: Enhanced performance, reliability, and supportability for Teams in VDI environments. 

  • Approvals Graph APIs: Now in public preview, enabling developers to create and manage approvals programmatically within the Approvals app. 

  • External Domain Activity Report: Export functionality for these reports in the Teams Admin Center will be available from late April 2024 

Teams Premium

  • Co-Organizer Experience Updates in Teams Webinars and Townhalls: Co-organizers can now edit event details, publish, and cancel events. 

  • Organizers Can Configure Recording and Transcription Roles: Teams Premium license organizers can manage roles for recording and transcription. 

  • Priority Account Chat Controls: New chat management features in Teams Premium rolling out now. 

  • Intelligent Meeting Recap: AI-generated meeting notes and action items for scheduled channel meetings will be available for Teams Premium users starting in May 2024. 

Viva Goals

  • Custom check-in templates for new teams will be available by late April 2024. 

Windows

  • Windows is making updates to address a known security vulnerability exploited by BlackLotus to bypass Windows Secure Boot. Enable and test these controls starting April 9 to prepare your environment for the enforcement of security requirements which will become mandatory in the future. This release and later includes controls to manually deploy the “Windows UEFI CA 2023” certificate to the Secure Boot DB, and revoke trust for the “Microsoft Windows Production PCA 2011” signing certificate.  

  • The April 2024 security update released addresses a security vulnerability in the Kerberos PAC Validation Protocol, related to CVE-2022-37967. This is the initial deployment phase, followed by October 15 “Enforced by Default” phase, where Windows domain controllers and clients will move to Enforced mode, but can be overridden. Then, in April, 2025, enforcement phase begins with no admin options to delay the new secure behavior. 

Conclusion

If any of these updates or changes are concerning to you, or pose as a challenge for your team, please don’t hesitate to reach out to our team! We will be happy to work with you and navigate the changes with you. Feel free to fill out the form below to get in contact with our team.

We Want to Hear From You!

Like any good partner, we’re listening! Since the latest advancements and announcements are coming in quickly, we’ve separated the list into subcategories below. Let us know what you’d like to see more of! 

Need Assistance with These Updates?

Contact our team today to get help with any of the changes mentioned above!