Tech news for the week of November 25th, 2024
Topics in this week’s Tech Newsletter
What’s New Updates
Training
Copilot and AI
Microsoft 365
Windows 365 and Azure Virtual Desktop
Microsoft Defender
Azure
Server
Identity Protection and Management
Information Protection and Management
Intune
Device Management
Scripting and Automation
Microsoft News
?
What’s New Updates
Microsoft Ignite 2024 Book of News (1st party)
Welcome to Microsoft Ignite, our annual event that spotlights the updates and creations that enable customers, partners and developers to unleash the full potential of Microsoft’s technology and change the way people and organizations approach work. This year’s Microsoft Ignite features an array of new products and key updates that touch on the continued growth of Microsoft Copilot, new capabilities in the Copilot + AI stack, exciting new tools for developers and new devices designed with powerful AI technology in mind. The Book of News is your guide to our announcements, crafted to streamline your access to the most current updates and furnish you with essential insights into the topics that are most interesting to you.
Welcome to Ignite 2024! We’re excited to share a LOT of really innovative and useful new features with you. Getting everything ready to present at Ignite keeps us incredibly busy this time of year, as you might imagine. But it’s also a time when I find myself reflecting on the impact that all of these Teams features that we’re about to highlight can have on so many different aspects of work. I’m continually impressed that with each update, collaboration in Teams gets smoother, and new Copilot features help me be more productive, and work smarter and faster. This year’s additions to Teams move the bar even further as they support a richer flexible working experience and harness the power of AI to help you do more.
The latest updates to WSL bring new enterprise security features, new improvements to WSL distros, and the announcement that RedHat is officially becoming a WSL distro! Check out the table of contents in this post for a quick overview of all the announcements!
?
Training
FREE Azure Services for NON-Azure Windows Servers Covered by SA Powered by Azure Arc! (3rd party) [VIDEO]
Join John Savill as he walks through the new free Azure Services available for on-prem Windows Servers that are covered by Software Assurance. Learn what these features are, how to enable them, and how much these features will be able to help you automate and improve your environment.
Skilling snack: Windows compliance reports and analytics (1st party) [FREE]
One of the most important questions asked is, “How many of our devices are up to date?” This question is one you can easily answer using Microsoft Intune, Windows Autopatch, or Windows Update for Business reports. Learn more about the tools and reports you can use to identify exactly which devices are up to date, which might need attention, and other insights. Feel free to choose the resources best suited to your needs and interests.
CISA Launches New Learning Platform to Enhance Training and Education U.S. Veterans and Other Stakeholders (3rd party)
The Cybersecurity and Infrastructure Security Agency (CISA) announced the launch of CISA Learning, a learning management system that will modernize training and education for its employees and key stakeholders. This transformative platform is a critical component of CISA's ongoing efforts to streamline and enhance its enterprise learning environment, ensuring the same training available to CISA personnel is also available free of charge to the nation’s veterans and partners from federal, state, local, tribal, and territorial levels of government. CISA Learning replaces the Federal Virtual Training Environment (FedVTE). Courses and functionalities from FedVTE will be fully transitioned to CISA Learning, ensuring that users continue to have uninterrupted access to critical training content.
?
Copilot and AI
Microsoft 365 Copilot is becoming a daily habit for people around the world—already, nearly 70% of Fortune 500 companies are using it. Dow anticipates that Copilot will save it millions of dollars on shipping operations in the first year; at Bank of Queensland Group, 70% of users are saving two and a half to five hours per week; Eaton is speeding up internal documentation processes by 83%; and Accenture is going big, rolling out Copilot to 100,000 employees. Today at Microsoft Ignite 2024, we’re accelerating our ambition to empower every employee with Copilot as a personal assistant and to transform every business process with agents built in Microsoft Copilot Studio.
The foundation of Microsoft’s AI advancements is its infrastructure. It was custom designed and built from the ground up to power some of the world’s most widely used and demanding services. While generative AI is now transforming how businesses operate, we’ve been on this journey for over a decade developing our infrastructure and designing our systems and reimagining our approach from software to silicon. The end-to-end optimization that forms our systems approach gives organizations the agility to deploy AI capable of transforming their operations and industries. From agile startups to multinational corporations, Microsoft’s infrastructure offers more choice in performance, power, and cost efficiency so that our customers can continue to innovate. At Microsoft Ignite, we’re introducing significant updates across our entire cloud and AI infrastructure, from advancements in chips and liquid cooling, to new data integrations, and more flexible cloud deployments.
Two things can be true at the same time. In the case of AI, it is absolutely true that the industry is moving incredibly fast and evolving quickly. It’s also true that hundreds of thousands of customers are using Microsoft AI technology today and, by making early bets on the platform, are seeing big benefits now and future-proofing their ability to benefit from the next big wave of AI improvements. This year, we are announcing about 80 new products and features, including new capabilities in Microsoft 365 Copilot, additions to the Copilot + AI stack and new Copilot+ devices offerings. Underpinning each of these innovations is our commitment to security.
Delivering 3 trusted platforms for the AI age (1st party)
With every platform shift, it is good to understand the context and underlying forces. And today it's scaling laws. With Moore’s law, we saw a doubling in performance every 18 months. With AI, we have started to see performance double roughly every six months. There is a lot of debate about whether we've hit the wall with scaling laws. At the end of the day, these aren’t physical laws but empirical observations that hold true over long periods of time. So it's valuable to debate and have that motivation for innovation in model and system architectures as well as data regimes. In that context, if anything, we are seeing the emergence of a new scaling law with test-time compute, which OpenAI's o1 and Copilot's "Think Deeper" feature leverage to solve harder problems.
Toyota is deploying AI agents to harness the collective wisdom of engineers and innovate faster (1st party)
Cars are going through some of the most rapid engineering shifts in their 100-year history, putting intense pressure on global automakers to innovate more quickly. That includes the Toyota Motor Corporation, which last year sold more than 10 million vehicles, more than any other automaker in the world. At its headquarters in Toyota City, an hour’s drive east of the industrial hub of Nagoya, the carmaker is building a system of generative AI agents to store and share internal expertise with the goal of developing new vehicle models faster, even as droves of engineers are retiring.
Introducing new agents in Microsoft 365 (1st party)
As AI continues to evolve, it is transforming the way we work by enabling seamless human and AI collaboration and automating business processes. With Microsoft 365 Copilot, users have a personal AI assistant that is deeply grounded in your data and integrated into your Microsoft apps. Now, we’re augmenting Copilot’s capabilities with specialized expertise and automation through new agents, designed to unlock every user’s full potential. Today at Microsoft Ignite, we’re introducing the preview of new agents in Microsoft 365. These agents supercharge Copilot – adding specialized skills and knowledge while automating specific tasks. These out-of-the-box agents take on unique roles, working alongside or on behalf of a team or organization to handle both simple, mundane tasks to more complex, multi-step business processes. These agents in Microsoft 365 will drive the next level of business value for every organization.
?
Microsoft 365
In the era of AI, the potential to transform and elevate the employee experience is immense, and top-of-mind for HR and IT professionals. To meet this need, we are excited to introduce the Employee Self-Service Agent, a groundbreaking feature within Microsoft 365 Copilot designed to expedite and streamline HR and IT-related tasks, providing faster resolutions and a more intuitive user experience. From business chat, users can retrieve benefits and payroll information, start a leave of absence, request a new laptop with IT and even get assistance for Microsoft 365 products and services, all in one place. The agent is customizable in Copilot Studio, where admins can use a variety of tools and data sources including pre-configured templates, workflows, authoritative knowledge sources from Sharepoint, and Microsoft-built connectors to HR and IT systems of record, like Workday, SAP and ServiceNow; and a library of tailored responses to sensitive topics. This new agent is available in private preview now.
Today’s work environment doesn’t look the same as it did a few years ago. You’re supporting flexible work patterns, with remote users who are often using personal devices. Cybersecurity threats are more sophisticated, complicating the task of protecting sensitive information. And seemingly overnight, the responsibility of stopping unauthorized AI use is falling on your shoulders as IT and security professionals. Combine all this with the fact that today’s work relies heavily on software as a service (SaaS), and you’ll see that the web browser is crucial to accessing corporate resources and AI. This makes it an endpoint you simply cannot afford to overlook. You need a secure, business-ready browser. The challenge is that not all browsers can meet that bar. And some solutions meet security requirements only to get in the way of productivity. This is where Microsoft Edge for Business aims to help: to calm the chaos by addressing this mix of needs holistically, and give you control without adding to the noise—or your costs. In this blog, you’ll learn how Edge for Business as a secure enterprise browser can help you, as well as new innovations to make the workday better for you and your users.
Today, we are excited to share the latest security and governance capabilities coming to Microsoft 365 Copilot to help customers protect sensitive data, discover AI risks, and govern Copilot usage. Effective content governance has always been crucial for maintaining the integrity, security, and relevance of organizational content. AI’s power to make content more discoverable than ever before amplifies this need. Enhancing content governance practices in this new context requires implementing both strategies and tools that streamline the content management processes, ensure data is relevant and secure, while improving overall content quality. Microsoft offers two powerful tools to address this concern of oversharing: SharePoint Advanced Management for site management and content governance capabilities, and Microsoft Purview for security,?compliance, and governance across data and files. Today, we’re excited to share new capabilities in both areas to help customers address oversharing.
Building a smart, simple, more secure frontline (1st party) [VIDEO]
Frontline workers make up 80% of the world's workforce and deserve to benefit from Microsoft's newest groundbreaking technology. In this session, learn more about custom AI solutions, like Copilot Studio and Extensions in SharePoint, and new security offerings, like Windows365 Shared Device Mode and Working Time, built to increase efficiency and support of your frontline.
Microsoft Ignite 2024 kicked off today online, and it started with a flurry of announcements. A destkop running Windows 11 by streaming, improved Windows 11 Search powered by AI, and new IT admin tools that help save bricked PCs without requiring physical access made early headlines, but arguably the most important announcements from the conference center around Microsoft Teams. Hundreds of millions of people use the communication platform, so any major update to Teams affects a massive swath of people. That's especially the case given the global focus of upcoming updates to Teams. Meeting transcription will soon support 51 spoken languages and 31 translation languages, greatly expanding the accessibility of meetings held on Teams. Teams will transcribe a meeting spoken in any of the supported languages without you having to select a specific language for the app to listen for. In addition to meeting transcription working with multilingual meetings, live translated captions and live translated transcripts will work with multilingual meetings.
Microsoft Teams Phone System offers you the ability to replace your telephone system (PBX) with Microsoft Teams. There are different options for connecting Microsoft Teams with the Public Switched Network (PSTN). And all of them have the same challenge. Normally, a company acquires a phone number range from the provider and has for example 100 phone numbers available. But not all phone numbers are in use. Perhaps the company just has 70 employees. So, 30 numbers are unused and available. Or an employee leaves the company, and the employee’s phone number becomes available again. A classic PBX system usually has a feature that allows incoming calls to unknown phone numbers to be redirected to a specific user in the company or to the receptionist. This is extremely useful if a company does not want to lose external callers. Or when someone from the sales team retires, but their number has been used and known by customers for decades. This blog post covers how to deal with unassigned numbers and how the Teams Administrator can configure the unassigned number feature in the Teams Admin Center (TAC).
?
Windows 365 and Azure Virtual Desktop
In 2021, we announced Windows 365 to the world and introduced the Cloud PC, a whole new category of cloud computing. Windows 365 Cloud PCs let employees securely stream their Windows desktop experience from the Microsoft Cloud to any device. As more and more organizations adopt Windows 365, we see them rethinking their endpoint strategy to improve user productivity, enhance security, increase IT efficiency, and advance sustainability. This is why we are now introducing Windows 365 Link, the first Cloud PC device purpose-built by Microsoft to connect securely to Windows 365 in seconds.
We’re excited to announce the public preview of enhanced host pool management for Azure Virtual Desktop. Enhanced host pool management is a collection of features and capabilities designed to help admins save time, confirm consistent configurations, and achieve cost-effective scalability. Enhanced host pool management features include session host configuration and update, creating and deleting session hosts at scale, and using Ephemeral OS disks to improve session host performance. These capabilities make it easier than ever for organizations to improve admin productivity while maintaining secure, efficient virtual environments tailored to their needs.
Announcing App-V support in App attach (1st party)
For customers with large application portfolios the challenges of migrating to a new packaging format are daunting. While many customers are excited about the prospect of embracing MSIX, a modern application packaging format, the impending April 2026 deprecation is weighing heavily on IT pros. We have news that addresses those concerns. We’re excited to announce that Microsoft Application Virtualization (App-V) for Windows is now supported by App attach in Azure Virtual Desktop, marking a significant update in application delivery for virtual environments. With this new capability, organizations can incorporate their existing App-V packages into the App attach framework, enabling seamless integration and streamlined application delivery. Additionally, we’re happy to share that App-V is shifting to an extended support phase, making it easier for admins to move their business-critical applications to Azure Virtual Desktop using App attach. Learn more about App-V entering an extended support phase.
Introducing Windows 365 Link (1st party) [VIDEO]
Windows 365 Link is the first Cloud PC device purpose-built for Windows 365. It can connect to your Cloud PC in seconds with a simple sign-in, accessing a familiar Windows Desktop with high-fidelity performance. Windows 365 Link offers seamless setup and streamlined management through Microsoft Intune, ensuring your IT environment is efficiently maintained alongside other PCs. As a stateless and adminless device, it does not store user profile data or install additional software. Optimize your work experience with passwordless authentication, high-performance video conferencing, and support for essential peripherals. Designed with a robust security posture, Windows 365 Link provides data protection with features like Secure Boot, BitLocker encryption, Hypervisor-based Code Integrity, and more. Jalleen Ringer, Partner GPM for Windows Cloud Endpoints, shows how Windows 365 Link is the ideal choice for secure, scalable, and efficient cloud computing.
At Microsoft, we prioritize security at every stage of our development process—from design to coding to feature creation. A common challenge for organizations is the complexity of managing security policies across their infrastructure. To simplify complex security management across organizational infrastructure, we recently released several key features in Windows 365 and Azure Virtual Desktop. These updates, paired with a turnkey approach that enables critical security measures by default, help admins implement strong security policies without manual configuration. To better understand the risks, let’s consider a typical Internet of Things (IoT)–based attack: hackers can hijack compromised devices or networks to steal data, control systems, or form botnets used in denial of service (DoS) or distributed denial of service (DDoS) attacks. When powered by AI, these threats become even more sophisticated and challenging to combat. To counteract these risks, Windows Cloud solutions include a robust suite of features covering secure identity, secure access, and secure data, ensuring that security is built in from the start. Plus, these capabilities are secure by default, delivering out-of-the-box solutions that help protect against today’s most advanced threats.
Starting November 27, 2024, the Azure Virtual Desktop Preview app from the Microsoft Store will no longer be available for download or installation. Users of the Azure Virtual Desktop Preview app need to transition to Windows App. Azure Virtual Desktop customers will continue to receive support for the Azure Virtual Desktop Preview app until it reaches end of support on December 27, 2024. After that date, it will no longer be eligible for support and won’t receive security or feature updates.
Welcome to the future - take a first look at Windows 365 Link, the first Cloud PC device (1st party) [VIDEO]
Reimagine your endpoint strategy and get introduced to the first Cloud PC device purpose-built for Windows 365 that is simple to manage and secure by design. Discover the benefits of this dedicated endpoint for Windows 365 and learn how to join the preview!
?
Microsoft Defender
Unlock Proactive Defense: Microsoft Security Exposure Management Now Generally Available (1st party)
Earlier this year, we launched Microsoft Security Exposure Management in public preview, introducing defenders to powerful foundational capabilities for holistic exposure management. Backed by extensive threat research and Microsoft’s vast visibility into security signals, these tools provide coverage for commonly observed attack techniques. Exposure Management includes Attack Surface Management, Attack Path Analysis, and Unified Exposure Insights— solutions that offer security teams unmatched visibility and insight into their risk landscape. Traditional vulnerability management is no longer sufficient. While patching every potential weakness might seem like a solution, it's neither practical nor effective. Instead, modern security strategies must focus on the exposures that are easiest for attackers to exploit, prioritizing vulnerabilities that present the greatest risk. This shift marks the evolution of vulnerability management into what we now call exposure management.
The Security Copilot team is continuously enhancing threat intelligence (TI) capabilities in Copilot. At Microsoft Ignite 2024, we’re excited to announce several powerful innovations that provide a more comprehensive and integrated TI experience for customers. Now generally available, Security Copilot customers can build a '360-degree' view of threats by tapping into a wider range of TI sources for more insight into attacker tooling and methodology and how they may impact the organization. Below, we’ll cover these innovations in more detail.
The Security Copilot team is consistently improving the threat intelligence (TI) experience for customers. At Microsoft Ignite 2024, we're thrilled to unveil two out-of-the-box promptbooks that create guided experiences for cyberthreat intelligence and SOC analysts for investigating and responding to threats affecting their organization, simplifying complex workflows and making difficult, repetitive tasks easier to do for all experience levels. Below, we’ll cover each of these promptbooks in more detail.
?
Azure
With Azure Arc, our mission is to bring comprehensive capabilities of the Azure platform to customers wherever they are. As part of expanding our solutions across hybrid, multicloud, and edge environments, we introduced Azure Arc-enabled VMware vSphere, to enable customers to manage their VMware vSphere based deployments running anywhere including Azure VMware Solution (AVS) using Azure Arc.
We’re committed to making AKS the easiest to use managed Kubernetes service for developers and platform teams. Recently, Microsoft was named a leader in the Gartner MQ for Container Management for the second year in a row. At Microsoft Ignite 2024, we’re building on that achievement by announcing new capabilities that simplify operations, enhance security, and enable efficient resource utilization and better observability. Read on for more details on the latest announcements and AKS content at Ignite.
Azure Dedicated HSM (1st party)
With Azure Dedicated HSM, you manage who in your organization can access your HSMs and the scope and assignment of their roles. You have full administrative and cryptographic control over your HSMs. Microsoft has no access to or visibility into the keys stored in them. Each HSM device comes validated against FIPS 140-2 Level 3 and eIDAS Common Criteria EAL4+, ensuring tamper resistance. This enables you to meet a wide variety of security and compliance requirements. Developed in partnership with Thales, the Thales Luna 7 HSM model A790 cloud-based HSM is compatible with many applications, simplifying migration of legacy or custom on-premises applications to Azure. Because minimal changes are needed for your on-premises applications to work in Azure, you save time. Hybrid capabilities allow you to run your legacy or custom applications on your on-premises Thales HSM or on Azure. Keep a copy of your keys on the Thales HSM for added security.
Unlock New AI and Cloud Potential with .NET 9 & Azure: Faster, Smarter, and Built for the Future (1st party)
.NET 9, now available to developers, marks a significant milestone in the evolution of the .NET platform, pushing the boundaries of performance, cloud-native development, and AI integration. This release, shaped by contributions from over 9,000 community members worldwide, introduces thousands of improvements that set the stage for the future of application development. With seamless integration with Azure and a focus on cloud-native development and AI capabilities, .NET 9 empowers developers to build scalable, intelligent applications with unprecedented ease.
We are pleased to announce the launch of the first cloud private preview of the Azure ND GB200 V6 VM series, based on the NVIDIA accelerating computing platform. This latest VM, powered by the NVIDIA GB200 Grace Blackwell Superchip, features NVIDIA Grace CPUs and NVIDIA Blackwell GPUs with exceptional AI supercomputing capabilities for training state-of-the-art frontier models as well as accelerating generative inferencing. The Azure ND GB200 V6 VM series is built on Microsoft’s custom server with NVIDIA Blackwell, featuring two GB200 Grace Blackwell Superchips. Each GB200 Superchip connects two high-performance Blackwell GPUs and a Grace CPU via the NVIDIA NVLink-C2C interface. With NVLink-C2C, applications gain high-speed, coherent access to a unified memory space, simplifying programming and supporting the high-speed memory needs of next-generation trillion-parameter large language models (LLMs).
Businesses of all sizes have been building and operating their mission-critical distributed systems on Azure. We are seeing increased urgency among our customers to leverage artificial intelligence to reduce their operating costs, delight their customers, and innovate faster. Operations teams that are more productive with AI are responding faster to these growing business needs and helping their companies succeed. At Microsoft Azure, my team’s mission is to make the life of operators easier by providing comprehensive tools that streamline the operation and management of infrastructure – across clouds, on-premises, and at the edge. With Azure’s AI-enhanced management offerings, our customers realize the benefits of configuration management and governance, resiliency and observability, built-in security and control, and universal AI assistants like Copilot in Azure. Today, I’m thrilled to share the many new capabilities that we’ve added to Azure’s management offerings that will further increase your productivity.
?
Server
Azure's expanded set of modern server management capabilities including Azure Update Manager, Machine Configuration, and Change Tracking and Inventory are now available for free to customers enrolled in Windows Server Pay as you Go or with active Software Assurance coverage for their Azure Arc-enabled servers. Windows Server Management enabled by Azure Arc offers customers with Windows Server licenses that have active Software Assurances or Windows Server licenses that are active subscription licenses many new features, including Azure Update Manager, Azure Change Tracking and Inventory, Azure Machine Configuration, and Best Practices Assessment.
Introducing Azure Local: cloud infrastructure for distributed locations enabled by Azure Arc (1st party)
Azure’s adaptive cloud approach, powered by Azure Arc, is helping over 39,000 customers unify their hybrid, multicloud, and edge infrastructure in Azure. You can use Azure Arc to apply cloud services and tools wherever you need them, from Azure’s 60+ regions to your own distributed locations. In many industries, new demands for distributed computing are emerging. Many retailers are using in-store AI inferencing to transform the shopping experience. Manufacturers are locating their critical apps in the factory to improve uptime and overall efficiency. And in regulated industries like finance, energy, and government, customers are looking for ways to leverage the cloud while keeping data and control local.
Windows Server 2025 Security Book (1st party)
Security affects everyone in an organization from upper-level management to the information worker. Inadequate security is a real risk for organizations as a security breach can disrupt all normal business and bring the organization to a halt. Information technology infrastructure is susceptible to a wide variety of attacks. Attackers typically take advantage of vulnerabilities in the hardware, firmware, operating system, or the application layer. Once they gain a foothold, they use techniques such as privilege escalation to move laterally to other systems in the organization. Windows Server supports security capabilities that can help protect, as well as detect and respond to such attacks. To learn about security capabilities in Windows Server 2025, read the Windows Server 2025 security book attached to this blog.
Windows Firewall dynamic keywords (1st party)
Windows Firewall includes a functionality called dynamic keywords, which simplifies the configuration and management of Windows Firewall. With dynamic keywords, you can define a set of IP address ranges, fully qualified domain names (FQDNs), and autoresolution options, to which one or more Firewall rules can refer.
This article describes disconnected operations and how they can be used in the deployment and management of your Azure Local. Disconnected operations for Azure Local enable the deployment and management of Azure Local instances without a connection to the Azure public cloud. This feature allows you to build, deploy, and manage virtual machines (VMs) and containerized applications using select Azure Arc-enabled services from a local control plane, providing a familiar Azure portal and CLI experience.
Azure Automanage for Arc enabled servers (3rd party)
At the last Azure Hybrid and Multicloud digital event, Microsoft not just announced the general availability of Azure SQL enabled by Azure Arc, but also announced the public preview of Azure Automanage for Azure Arc enabled servers. Azure Automanage is a service that eliminates the need to discover, know how to onboard, and how to configure certain services in Azure Management services for your Azure Virtual Machine (VM) and with the new preview also for Linux and Windows Servers which are running outside of Azure. These servers can run on-premises, at the edge, or at other cloud providers, and can now benefit from the automatic configuration of Azure Management services.
?
Identity Protection and Management
One of the longest-running previews in Entra ID is the support for hardware (OATH) tokens. Hardware tokens can create OTP tokens that can be used to satisfy MFA requirements in Entra ID. That said, I also must point out that this method is not phishing-resistant. (T)OTP tokens can easily be stolen using AiTM attacks. But that’s for another time. This post will focus on the management of the hardware keys itself. According to the documentation, this feature has received several improvements that, in my opinion, went a bit under the radar: global administrator requirements have been removed (about time) and users can self-assign and activate tokens from their Security info page. That last one got my attention, so let’s see how that works.
?
Information Protection and Management
In today's era of AI, data governance and security have become essential for businesses to safely derive insights and drive responsible innovation. This blog explores the challenges of an ever-growing data estate and showcases recent innovations in Microsoft Purview that enable organizations to navigate these modern challenges. Data Governance is not a new concept but with the proliferation of AI and evolving regulatory landscape, data governance is critical for safeguarding data related to AI-driven business innovation. With 95% of organizations implementing or developing an AI strategy, customers are facing emerging governance challenges.
One year ago, we launched an end-to-end data platform into general availability designed to help organizations power their AI transformation and reimagine how to connect, manage, and analyze their data. Microsoft Fabric is an all-in-one, software-as-a-service (SaaS) platform with AI-powered services to accomplish any data project—all in a pre-integrated and optimized environment so all your data teams could work faster, together. With Fabric, we focused on simplicity, openness, and autonomy. All Fabric workloads work together seamlessly out-of-the-box without the myriad of infrastructure and configuration settings you typically find in data platforms so you can focus on getting results. You can ingest structured and unstructured data in any format into OneLake’s open Delta Parquet format and even access third-party tools from industry leading software companies built directly into Fabric. Advanced security, governance, and continuous integration and continuous delivery (CI/CD) capabilities are woven into the platform with personalized experiences for admins and users alike.
Today at Microsoft Ignite, we introduced agents in Microsoft 365 to drive the next level of business value for organizations. These agents are ready to use, each with specialized skills and knowledge to support unique roles. They work alongside or on behalf of a person, team, or organization to handle simple tasks and more complex, business processes. As part of agents in Microsoft 365, we’re excited to announce the general availability of agents in SharePoint today, enabling users to turn SharePoint sites and documents into scoped agents that are subject matter experts for your business needs. These agents empower everyone to quickly surface insights, scale expertise, and make informed decisions. Agents in SharePoint will begin rolling out this week with expected completion by the end of this calendar year.
Enable every employee in your organization with agents in SharePoint for better business outcomes (1st party)
Today at Ignite we announce the general availability of agents in SharePoint, enabling users to turn SharePoint sites and documents into scoped agents that are subject matter experts for your business needs. These agents empower everyone to quickly surface insights, scale expertise, and make informed decisions. For a limited time, every employee in your organization can experience agents created in SharePoint to get the answers they need.? ?Starting December 1, if your organization has at least 50 Microsoft 365 Copilot licenses, any employee in the organization will be able to create, share, and interact with agents in SharePoint. Qualifying organizations will receive 10,000 queries per month through June 30, 2025. This is a unique opportunity for everyone in your organization to experience agents in SharePoint to enhance knowledge sharing and teamwork.
?
Intune
Intune Cloud-native Management: Prepare for AI and Next-Gen Cloud PCs (1st party) [VIDEO]
Now with complete visibility across your physical and virtual device inventory in Microsoft Intune, empower your IT teams with full device context and AI assistance for expert, simplified management. Secure by default, the new generation of AI PCs are here. Learn why a cloud native approach is the way to build a foundation for your AI-enabled future.
Windows Autopatch is the cloud service that streamlines security and feature updates for Windows Enterprise. It bolsters security and productivity with the least amount of disruption across your organization. Our team is dedicated to continuously enhancing the update process through improvements to Windows Autopatch. The latest feature releases give you greater control over the update process by helping you simplify your patch management routines, which boosts your productivity while saving you valuable time. Learn how the latest enhancements assist you in tailoring your update management to support your organization’s unique needs without extra costs or unexpected disruptions. Delve into how you can keep your devices secure and up to date with fewer challenges and more control using the versatile, robust tools within Windows Autopatch to enhance your update strategy.
Today, we’re announcing that Windows device hardware inventory is now generally available. Over the years, Microsoft Intune cloud management has improved device management for organizations like Audi, Crocs, and New York City Public Schools. Each month we release updates and introduce new capabilities, often in response to feedback and input from our user base. One of those asks: make more hardware information available about enrolled devices from the cloud. In September, we announced enhanced device hardware inventory for Windows devices. This makes it possible to create a policy in Microsoft Intune to collect details about more Windows hardware properties. The results of that collection can be viewed in the Resource explorer blade for an individual device. Having this information readily accessible can inform troubleshooting, business decisions, and even vendor negotiations.
Microsoft Intune news at Microsoft Ignite 2024 (1st party)
At Microsoft Ignite 2024, Microsoft Intune is introducing updates that make endpoint management smarter, safer, and more efficient than ever. In an evolving tech landscape where security and productivity are crucial, Intune’s latest capabilities underscore our commitment to helping customers get to cloud native. Intune uses data as a foundation, applying AI-powered intelligence to make information actionable, strengthening security, and supporting efficient management. Together, these capabilities create a modern and agile digital environment ready for the future.
Each year at Microsoft Ignite we present a vision for the future. For IT teams, this year’s vision is especially bright, with exciting announcements about security and productivity. Through the lens of endpoint management, we’ll look at what the future holds for end users, organizations, and IT professionals. Then we’ll examine how to get there with Microsoft Intune, and finally, which parts of that future are already available now.
Today, IT teams are at the forefront of security and innovation, balancing the need to protect against evolving cyber threats with ensuring a seamless digital experience for end users. With growing responsibilities and complex environments, IT teams require effective tools to stay ahead and continue driving value across the organization. Since the public preview of Microsoft Copilot in April 2024, Microsoft Intune has been pushing the boundaries of what's possible in endpoint management with a clear and focused goal: provide IT with a solution that is simple, intuitive, and secure at its core, which helps you focus on what truly matters. Today we’re thrilled to share the next wave of Copilot innovations in Intune, continuing our commitment to help IT secure endpoints, boost productivity, and succeed in a fast-paced digital world. With new capabilities, Copilot now helps IT teams further reduce the attack surface by highlighting potential risks, streamlining critical workflows, and responding to issues with speed and precision.
Intune Company Portal App Refreshed! (3rd party)
This blog will focus on the new look of the improved Intune Company Portal UI and examine how this refreshed look will also improve the user experience! The Intune Company Portal app is designed to make life easier for both end users and IT administrators. It allows users to install third-party applications, corporate apps, and other apps. Luckily, Patch My PC has almost every app you need in its catalog. This ensures that the end user can manually install every app they need on their own. After opening the new, improved Intune Company Portal app, the end user can install the app themselves by selecting it and clicking on install. Easy, right?
?
Device Management
Administrator protection on Windows 11 (1st party)
In today's digital landscape, the importance of maintaining a robust security posture cannot be overstated. A critical aspect of achieving this is ensuring that users operate with the least privilege required. Users with Administrator rights on Windows have powerful capabilities to modify configurations and make systemwide changes that might impact the overall security posture of a Windows 11 device. These powerful administrative privileges represent a significant attack vector and are frequently abused by malicious actors to gain unauthorized access to user data, compromise privacy, and disable OS security features without a user’s knowledge. Recent statistics from Microsoft Digital Defense Report 2024 indicate that token theft incidents, which abuse user privileges, have grown to an estimated 39,000 per day. To address this, Microsoft is embarking on a transformative journey to help protect administrator users on Windows—with Administrator protection, a new platform security feature in Windows 11. Administrator protection aims to protect users while still allowing them to perform necessary functions with just-in-time administrator privileges.
At Microsoft, security is our top priority, and with every release, Windows becomes even more secure. At Ignite 2024, we will highlight new Windows security innovations that will provide the clarity and confidence our customers and organizations require while navigating this evolving digital landscape. We will also talk about our learnings from the July incident, and investments we are making as a result. Protecting your data and ensuring the integrity of your systems is paramount. From chip to cloud, Microsoft provides multiple layers of security to help protect identities and data, and enables an expansive ecosystem for innovation at a critical time. As the security landscape evolves, we continuously enhance Windows’ security and resilience, ensuring it remains a secure platform for our partners, developers and customers. A strong security posture is essential for your business, and a shared responsibility across our ecosystem.
Universal Print is an ideal choice for businesses aiming to simplify print management. It moves print management to the cloud, incorporating modern authentication and Zero Trust principles. With its cloud infrastructure, ability to print from every app on every device, and robust security features, Universal Print sets a new standard in printing technology. Now, macOS support and “pull print” functionality makes Universal Print truly "universal."
Windows 11, version 24H2 represents significant improvements to the already robust update foundation of Windows. With the latest version, you get reduced installation time, restart time, and central processing unit (CPU) usage for Windows monthly updates. Additionally, enhancements to the handling of feature updates further reduce download sizes for most endpoints by extending conditional downloads to include Microsoft Edge. Let's take a closer look at these advancements.
Windows: AI-powered, cloud-enabled, and secure (1st party)
At Microsoft Ignite 2024, Windows is showcasing new innovations powered by AI, delivered from the cloud, and focused on bolstering security and resiliency. We are reinventing what IT can achieve as part of a unified Microsoft end-user computing solution, which is more intelligent, secure, and efficient to manage—unlocking greater productivity for everyone. Below, we highlight the Microsoft Ignite announcements that reinforce our commitment to getting you and your organization future-ready. Windows is focused on bringing innovations that create new opportunities for people, organizations, and partners alike.
Microsoft is working on a new Windows "Quick Machine Recovery" feature that will allow IT administrators to use Windows Update "targeted fixes" to remotely fix systems rendered unbootable. This new feature is part of a new Windows Resiliency Initiative launched in response to a widespread July 2024 outage caused by a buggy CrowdStrike Falcon update that rendered hundreds of thousands of Windows devices unbootable, impacting airlines, hospitals, and emergency services worldwide. Those affected said their Windows hosts got stuck in a boot loop or showed the Blue Screen of Death (BSOD) after installing the latest CrowdStrike Falcon Sensor update.
Last month, Microsoft unveiled a wave of new Copilot+ features that would begin rolling out this holiday. Those features included a new AI overlay called Click To Do, Recall, and AI-powered search in File Explorer, Settings, and Windows Search. Today, the company has now provided more details about the availability of AI-powered search experiences, confirming that it won't be here until early 2025. That means Intel and AMD powered Copilot+ PCs will not be able to join in on the fun right away. It also means that the feature won't begin rolling out to people outside the Insider testing program until at least a number of months into the year, meaning we're still a long way off before this specific Copilot+ feature reaches general audiences.
Windows has been around in some format for almost four decades and has become ubiquitous in professional environments. With billions of PCs running Windows, systems running the operating system are often the target of attacks. Microsoft invests a massive amount of time and money to help secure systems and provide tools that IT admins can utilize to protect data and devices. During Microsoft's Ignite 2024 conference, the tech giant outlined its efforts to secure Windows 11, explained why systems should be upgraded to the latest version of Windows, and shared details about new security features that are on the way. The headline security feature announced at Ignite 2024 is Quick Machine Recovery. The feature allows IT admins to execute targeted fixes from Windows Update remotely, even if a PC is unable to boot. Remote access is the key, as it reduces the time required to fix bricked PCs.
Microsoft has announced its first desktop PC today, but it’s not what you might be expecting. The company is launching the world’s first dedicated “boot to cloud” device, designed to run Windows 11 only by streaming it online via Windows 365. It's called the "Windows 365 Link" and is expected to go on sale in April 2025 for $349. The device is essentially a mini PC, featuring a fanless design that boots in seconds and wakes instantly from sleep. It can output up to two 4K displays and features three USB-A ports, one USB-C port, an audio jack, an ethernet jack, DisplayPort, and an HDMI port. It also supports Wi-Fi 6E and Bluetooth 5.3.
Microsoft’s new Windows Resiliency Initiative aims to avoid another CrowdStrike incident (3rd party)
The CrowdStrike catastrophe that took down 8.5 million Windows PCs and servers in July has left many of Microsoft’s biggest customers looking for answers to make sure that such an event never happens again. Now, Microsoft has some answers in the form of a new Windows Resiliency Initiative that’s designed to improve Windows security and reliability. The Windows Resiliency Initiative includes core changes to Windows that will make it easier for Microsoft’s customers to recover Windows-based machines if there’s ever another CrowdStrike-like incident. There are also some new Windows platform improvements to provide stronger controls over what apps and drivers are allowed to run and to help allow antivirus processing outside of kernel mode. Microsoft has developed a new Quick Machine Recovery feature in light of the CrowdStrike incident that will enable IT admins to target fixes at machines remotely even when they’re unable to boot properly.
Last summer's CrowdStrike meltdown caused billions of dollars in damage and exposed some fundamental architectural flaws in the Windows platform. A single flawed update from one vendor was enough to crash millions of PCs and servers worldwide, and getting those machines back online required direct human intervention on many of those endpoints, until an automated fix was deployed. In a blog post kicking off this week's Ignite conference, Microsoft VP of Enterprise and OS Security David Weston announced changes that should dramatically lessen the likelihood of another such meltdown. Today's announcements are the first tangible results from a cooperative effort between Microsoft and the community of endpoint security vendors that collectively bring in billions of dollars in revenue each year protecting business networks. Security product developers will be bound by a new set of Safe Deployment Practices that require them to do additional testing and to deliver product updates gradually; instead of pushing out updates to an entire installed base at once, security vendors will be expected to use deployment rings and monitoring tools to detect a flawed update and pause or roll back the deployment before it can do extensive damage.
Originally teased by Meta back in September, Microsoft has today formally announced deeper integration between Windows 11 and Meta Quest headsets. Unveiled during its Ignite 2024 event, soon Meta Quest users will have a seamless and easy way to pair and stream their Windows 11 PC directly into their VR environment on the Meta Quest 3 and 3S. The feature is said to work with PCs in your local space or via the cloud with Windows 365, and will let you use Windows 11 via virtual monitors that can be resized and positioned how you want them in your VR space. Microsoft says the feature will launch in preview next month, sometime in December.
?
Scripting and Automation
Advancements in generative AI (GenAI) have enabled the development of sophisticated applications like chatbots and agentic systems, enhancing innovation, customer experiences, and decision-making across industries. Continuous monitoring is crucial to help ensure these applications deliver high-quality, safe, and reliable results in production. Now, Azure AI Foundry and Azure Monitor seamlessly integrate to enable ongoing, comprehensive monitoring of your GenAI application's performance from various perspectives, including token usage, operational metrics (e.g. latency and request count), and the quality and safety of generated outputs.
We are thrilled to announce that Managed DevOps Pools for Azure DevOps is now generally available! This milestone marks a significant advancement in our mission to improve developer productivity in the CI/CD loop, reduce your cloud bill for ES infra and to reduce the toil associated with creating and maintaining custom CI/CD infrastructure for your pipelines. If you are new to Managed DevOps Pools, you can read about it in the Managed DevOps Pools documentation.
After a successful first session that covered foundational strategies for AI integration, we’re thrilled to dive even deeper into the second session: Integrating AI into Your Workflows with Azure Logic Apps. Our three-part webinar series, Building Intelligent Workflows with Azure Integration Services, is in full swing! After a successful first session that covered foundational strategies for AI integration, we’re thrilled to dive even deeper into the second session: Integrating AI into Your Workflows with Azure Logic Apps.
Using the new VS Code GitHub Copilot "Code Review" (3rd party) [VIDEO]
Imagine an AI not just helping you write code but also reviewing it, suggesting improvements, and ensuring best practices—all within your favorite editor. Sounds like a game-changer, right? In this video, we'll dive deep into generating code from simple comments, AI-powered code reviews, applying smart suggestions, and boosting productivity.
?
Microsoft News
Microsoft and Atom Computing have made rapid progress in reliable quantum computing by creating and entangling 24 logical qubits made from neutral atoms—they have also demonstrated the ability to detect and correct errors, and perform computation, on 28 logical qubits. Together, the companies are offering a reliable quantum machine built with these state-of-the-art logical qubits and Microsoft’s qubit-virtualization system, and integrated with Azure Elements. This comprehensive package is available to order today with delivery in 2025. The results reported here showcase the advances being made toward scientific quantum advantage, which will require not only reliable quantum computation, but also integration with AI and high-performance computing.
It’s Monday morning, the caffeine hasn’t kicked in yet, and you have a busy day ahead: Maybe you have piles of returns or new shipping invoices to review, or you need to get the latest updates out to your field technicians or help employees get more efficient IT support. Now you can get help with all of this and more by simply asking an AI agent to take care of it — while you drink a second cup of coffee and focus on your team’s long-term strategy. An agent can tackle certain tasks with you or for you, from acting as a virtual project manager to handling more complex assignments like reconciling financial statements to close the books. Microsoft 365 Copilot is already a personal assistant that helps with everything from tedious daily duties to jumpstarting creative projects. Using it to interact with various agents brings a new world of possibilities for organizations to empower their employees, drive business and accomplish even more.
Windows has been at the heart of modern computing for nearly 40 years. It is the ubiquitous, open platform that powers computing experiences around the world and plays a significant role across multiple industries, such as education, government, military, hospitals and corporations, many of which provide mission critical services requiring a high level of security and resiliency. And this responsibility that Windows holds to keep businesses of every size running is one we take seriously. In close collaboration with our ecosystem partners, we ensure that Windows remains the optimal platform for organizations to perform at their best. As we enter this new era of work, we are focused on empowering our customers and organizations to modernize their computing experience with AI experiences and the cloud.