2022 CW 35 Microsoft 365 Message Center changes

[Key points:]

Timing: This change will start to rollout in mid-August (previously late May), and we expect to complete the rollout by late September (previously early July).

Roll-out: tenant level

Control type: Team owner and team member control

Action: review and assess for appropriate experience

[Key points:]

Timing: We will communicate via Message center when we are ready to proceed.

Roll-out: tenant level

Control type: Team owner and team member control

Action: review and assess for appropriate experience

We are expanding on this scenario to identify any user clicks on URLs going back 48 hours from the time of the verdict change. This reevaluation gives SecOps teams more insight into the historic clicks on malicious URLs and takes the appropriate actions.

This message is associated with Microsoft 365 Roadmap ID 93300

[When this will happen:]

This update will begin rollout in mid-August (previously mid-July) and complete deployment by mid-September (previously late August).

We are expanding on this scenario to identify any user clicks on URLs going back 48 hours from the time of the verdict change. This reevaluation gives SecOps teams more insight into the historic clicks on malicious URLs and takes the appropriate actions.

This message is associated with Microsoft 365 Roadmap ID 93300

[When this will happen:]

This update will begin rollout in mid-September (previously mid-August) and complete deployment by mid-October (previously mid-September).

This message is associated with Microsoft 365 Roadmap ID 93280.

[When this will happen:]

Rollout will begin in mid-August (previously late July) and is expected to be complete by mid-September (previously late August).

This message is associated with Microsoft 365 Roadmap ID 93280.

[When this will happen:]

Rollout will begin in early December (previously mid-August) and is expected to be complete by late December (previously mid-September).

If there is more than 1 user on the call and/or the scheduled meeting end time has not passed yet, then the feature will not trigger.

If the user dismisses the notification, they will not see it again for the same meeting, and it will not be at risk to automatically end anymore.

This message is associated with Microsoft 365 Roadmap ID 96710

[When this will happen:]

We will begin rolling out to Production in mid-September 2022 (previously early August 2022) and expect to complete by late October (previously early September).

We will begin rolling out to GCC, GCC-H, and DoD in late October (previously late September) and expect to complete by late November (previously late October).

If there is more than 1 user on the call and/or the scheduled meeting end time has not passed yet, then the feature will not trigger.

If the user dismisses the notification, they will not see it again for the same meeting, and it will not be at risk to automatically end anymore.

This message is associated with Microsoft 365 Roadmap ID 96710

[When this will happen:]

We will begin rolling out to Production in early December (previously mid-September 2022) and expect to complete by mid-December (previously late October).

We will begin rolling out to GCC, GCC-H, and DoD in mid-January (previously late October) and expect to complete by mid-March (previously late November).

This message is associated with Microsoft 365 Roadmap ID 97020

[When this will happen:]

We expect to start rolling out in mid-July and expect to complete rollout by late July.

This message is associated with Microsoft 365 Roadmap ID 97020

[When this will happen:]

We expect to start rolling out in mid-July and expect to complete rollout by late July.

Organizations rely on Distribution Lists (DLs) as a tool to create groups of users that mirror organizational knowledge and workflows. Bringing this awareness to target audiences for specific content will enhance the core Teams experience. Allowing our customers to leverage DLs can increase workflow efficiency and bridge the gap between legacy knowledge of organization structure and a new Teams structure.

This message is associated with Microsoft 365 Roadmap ID 62354

[When this will happen:]

We will begin rollout in mid-August and expect to complete rollout by late August.

Organizations rely on Distribution Lists (DLs) as a tool to create groups of users that mirror organizational knowledge and workflows. Bringing this awareness to target audiences for specific content will enhance the core Teams experience. Allowing our customers to leverage DLs can increase workflow efficiency and bridge the gap between legacy knowledge of organization structure and a new Teams structure.

This message is associated with Microsoft 365 Roadmap ID 62354

[When this will happen:]

We will begin rollout in late Septemer (previously mid-August) and expect to complete rollout by late October (previously late August).

This message is associated with Microsoft 365 Roadmap ID 93421

[When this will happen:]

Standard Release: We will begin rolling out in early August and expect to complete by mid-August.

This message is associated with Microsoft 365 Roadmap ID 93421

[When this will happen:]

Standard Release: We will begin rolling out in late August (previously early August) and expect to complete by mid-September (previously mid-August).

Production Release: This is expected to start in mid-September and continue till early October.

Production Release: This is expected to start in mid-November (previously mid-September) and continue till late December (previously early October).

When will this happen:

This feature is available starting August 4, 2022.

Note: If users have the latest version of Windows but still don’t see all widgets features, it may be because some features are being rolled out to customers over several weeks and aren't available to all customers at once

Windows 11 is bringing you more live content on your taskbar. This change allows users to see live updates from other widgets such as sports, finance, and breaking news. Their taskbar should show the weather widget most of the time, but when something important happens related to one of their other widgets, they may see an announcement from that widget on their taskbar.

At this time, Widget notifications cannot be turned off. Microsoft is constantly listening and learning, and welcomes customer feedback that helps shape Windows.

When will this happen:

This feature is available starting August 4, 2022.

Note: If users have the latest version of Windows but still don’t see all widgets features, it may be because some features are being rolled out to customers over several weeks and aren't available to all customers at once

For more details, read the official announcement: Windows Server 2022 now generally available

For additional guidance, please see the following resources:

The Windows Server preview blog and tech documentation for deeper details on Windows Server 2022 preview features.

The complimentary digital event Windows Server Summit on September 16, 2021, for more information about Windows Server 2022.

https://aka.ms/smbcompression

https://aka.ms/ws2022gacontainerblog

https://azure.microsoft.com/services/azure-arc/

https://azuremarketplace.microsoft.com/marketplace/apps/microsoftwindowsserver.windowsserver?tab=Overview

https://cloudblogs.microsoft.com/windowsserver/?p=15165&preview=1&_ppp=74d7b6cd69

https://cloudblogs.microsoft.com/windowsserver/2021/03/02/announcing-windows-server-2022-now-in-preview/

https://docs.microsoft.com/windows-server/storage/file-server/smb-security

https://docs.microsoft.com/windows-server/windows-server-2022/get-started/whats-new

https://info.microsoft.com/ww-landing-windows-server-summit.html

https://www.microsoft.com/cloud-platform/windows-server-pricing

https://www.microsoft.com/evalcenter/evaluate-windows-server-2022

https://www.microsoft.com/Licensing/servicecenter/default.aspx

https://www.microsoft.com/security/blog/2021/03/02/microsoft-brings-advanced-hardware-security-to-server-and-edge-with-secured-core/

https://www.microsoft.com/windows-server/windows-admin-center?rtc=1

For more details, read the official announcement: Windows Server 2022 now generally available

For additional guidance, please see the following resources:

The Windows Server preview blog and tech documentation for deeper details on Windows Server 2022 preview features.

The complimentary digital event Windows Server Summit on September 16, 2021, for more information about Windows Server 2022.

ps://aka.ms/smbcompr

ps://aka.ms/ws2022gacontainerbl

ps://azure.microsoft.com/services/azure-arc/

ps://azuremarketplace.microsoft.com/marketplace/apps/microsoftwindowsserver.windowsserver?tab=Overvi

ps://cloudblogs.microsoft.com/windowsserver/?p=15165&preview=1&_ppp=74d7b6cd69

ps://cloudblogs.microsoft.com/windowsserver/2021/03/02/announcing-windows-server-2022-now-in-preview/

ps://docs.microsoft.com/windows-server/storage/file-server/smb-security

ps://docs.microsoft.com/windows-server/windows-server-2022/get-started/wha

ps://info.microsoft.com/ww-landing-windows-server-summit.html

ps://www.microsoft.com/cloud-platform/windows-server-prici

ps://www.microsoft.com/evalcenter/evaluate-windows-server

ps://www.microsoft.com/Licensing/servicecenter/default.aspx

ps://www.microsoft.com/security/blog/2021/03/02/microsoft-brings-advanced-hardware-security-to-server-and-edge-with-secured-core/

ps://www.microsoft.com/windows-server/windows-admin-center?rtc

If you are using Microsoft Intune, simply set “Servicing channel” to “Windows Insider – Release Preview” in the Microsoft Endpoint Manager admin center.

Access commercial previews using Windows Server Update Service (WSUS)

Both Windows 11 and Windows 10, version 21H2 are now available in the “Windows Insider Pre-release” category in WSUS and Configuration Manager. If you do not see them offered, simply sync the category and you will see them.

To access the Windows 11 preview build, devices must first take the September 1, 2021 optional cumulative update (KB 5005101). If a device is configured to send diagnostic data, but does not meet the hardware requirements, the Windows 11 upgrade will be marked as inapplicable in WSUS.

To access the Windows 10, version 21H2 preview build, devices running Windows 10, version 2004, version 20H2, or version 21H1 can leverage the enablement package path to update to version 21H2. Devices running versions prior to Windows 10, version 2004 will first need to do a full OS swap to receive Windows 10, version 21H2.

Access commercial previews from the Windows Insider Program ISO Download page

Go to the Windows Insider Program ISO Downloads site and select either the Windows 11 ISO (listed under Dev Channel and Beta Channel) or the Windows 10, version 21H2 ISO (listed under the Release Preview Channel).

Access commercial previews through Azure Marketplace

We have added a new Windows 11 Preview offering with various images. For Windows 10, version 21H2, simply check out the Windows 10 Preview offering.

For more details, read the official announcement: Commercial previews for Windows 11 and Windows 10, version 21H2.

For additional guidance, see the following resources:

Support for business (microsoft.com) to report an issue or provide feedback.

App Assure with Microsoft FastTrack for compatibility issues.

https://aka.ms/WIPISO

https://azuremarketplace.microsoft.com/marketplace/apps/microsoft-hyperv.windows10preview

https://azuremarketplace.microsoft.com/marketplace/apps/microsoftwindowsdesktop.windows-11-preview

https://docs.microsoft.com/windows/deployment/update/waas-manage-updates-wufb

https://docs.microsoft.com/windows/privacy/configure-windows-diagnostic-data-in-your-organization

https://docs.microsoft.com/windows/whats-new/windows-11-requirements

https://support.microsoft.com/help/5005101

https://support.serviceshub.microsoft.com/supportforbusiness/onboarding

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/commercial-previews-for-windows-11-and-windows-10-version-21h2/ba-p/2676467

https://www.microsoft.com/fasttrack/microsoft-365/app-assure

If you are using Microsoft Intune, simply set “Servicing channel” to “Windows Insider – Release Preview” in the Microsoft Endpoint Manager admin center.

Access commercial previews using Windows Server Update Service (WSUS)

Both Windows 11 and Windows 10, version 21H2 are now available in the “Windows Insider Pre-release” category in WSUS and Configuration Manager. If you do not see them offered, simply sync the category and you will see them.

To access the Windows 11 preview build, devices must first take the September 1, 2021 optional cumulative update (KB 5005101). If a device is configured to send diagnostic data, but does not meet the hardware requirements, the Windows 11 upgrade will be marked as inapplicable in WSUS.

To access the Windows 10, version 21H2 preview build, devices running Windows 10, version 2004, version 20H2, or version 21H1 can leverage the enablement package path to update to version 21H2. Devices running versions prior to Windows 10, version 2004 will first need to do a full OS swap to receive Windows 10, version 21H2.

Access commercial previews from the Windows Insider Program ISO Download page

Go to the Windows Insider Program ISO Downloads site and select either the Windows 11 ISO (listed under Dev Channel and Beta Channel) or the Windows 10, version 21H2 ISO (listed under the Release Preview Channel).

Access commercial previews through Azure Marketplace

We have added a new Windows 11 Preview offering with various images. For Windows 10, version 21H2, simply check out the Windows 10 Preview offering.

For more details, read the official announcement: Commercial previews for Windows 11 and Windows 10, version 21H2.

For additional guidance, see the following resources:

Support for business (microsoft.com) to report an issue or provide feedback.

App Assure with Microsoft FastTrack for compatibility issues.

ps://aka.ms/WIPISO

ps://azuremarketplace.microsoft.com/marketplace/apps/microsoft-hyperv.windows10previ

ps://azuremarketplace.microsoft.com/marketplace/apps/microsoftwindowsdesktop.windows-11-previ

ps://docs.microsoft.com/windows/deployment/update/waas-manage-updates-wufb

ps://docs.microsoft.com/windows/privacy/configure-windows-diagnostic-data-in-your-organiz

ps://docs.microsoft.com/windows/whats-new/windows-11-requirem

ps://support.microsoft.com/help/500510

ps://support.serviceshub.microsoft.com/supportforbusiness/onboardi

ps://techcommunity.microsoft.com/t5/windows-it-pro-blog/commercial-previews-for-windows-11-and-windows-10-version-21h2/ba-p/2676467

ps://www.microsoft.com/fasttrack/microsoft-365/app-a

To validate your applications against pre-release security updates for Windows Server 2022 operating systems on Test Base for Microsoft 365:

Sign up today to start using the Test Base service.

Log on to our self-service onboarding portal.

See the Test your apps on Windows Server 2022 with Test Base for Microsoft 365 post for a step-by-step guide on how to opt in your app for testing.

For additional guidance, see the following resources:

Windows Server release information

Microsoft Security Baselines

Microsoft Test Base

Test Base for Microsoft 365

https://aka.ms/testbaseportal

https://docs.microsoft.com/windows-server/get-started/windows-server-release-info

https://techcommunity.microsoft.com/t5/microsoft-security-baselines/bd-p/Security-Baselines

https://techcommunity.microsoft.com/t5/microsoft-security-baselines/windows-server-2022-security-baseline/ba-p/2724685

https://techcommunity.microsoft.com/t5/test-base-blog/test-your-apps-on-windows-server-2022-with-test-base-for/ba-p/2740701

https://techcommunity.microsoft.com/t5/test-base-for-microsoft-365/ct-p/UpdateStagingLab

https://www.microsoft.com/download/details.aspx?id=55319

https://www.microsoft.com/testbase

To validate your applications against pre-release security updates for Windows Server 2022 operating systems on Test Base for Microsoft 365:

Sign up today to start using the Test Base service.

Log on to our self-service onboarding portal.

See the Test your apps on Windows Server 2022 with Test Base for Microsoft 365 post for a step-by-step guide on how to opt in your app for testing.

For additional guidance, see the following resources:

Windows Server release information

Microsoft Security Baselines

Microsoft Test Base

Test Base for Microsoft 365

ps://aka.ms/testbaseportal

ps://docs.microsoft.com/windows-server/get-started/windows-server-release-inf

ps://techcommunity.microsoft.com/t5/microsoft-security-baselines/bd-p/Security-Baseli

ps://techcommunity.microsoft.com/t5/microsoft-security-baselines/windows-server-2022-security-baseline/ba-p/2724685

ps://techcommunity.microsoft.com/t5/test-base-blog/test-your-apps-on-windows-server-2022-with-test-base-for/ba-p/274070

ps://techcommunity.microsoft.com/t5/test-base-for-microsoft-365/ct-p/UpdateStagingLab

ps://www.microsoft.com/download/details.aspx?id=55319

ps://www.microsoft.com/testba

End users can download languages and language-related features directly from the Settings app in Windows without needing to go to the Store. For more details, see Install a language.

https://docs.microsoft.com/windows-hardware/manufacture/desktop/available-language-packs-for-windows#language-interface-packs-lips

https://docs.microsoft.com/windows-hardware/manufacture/desktop/available-language-packs-for-windows#language-packs

https://support.microsoft.com/windows/install-a-language-for-windows-ccd853d3-9ecd-7da7-9ef0-72b4a055410a

End users can download languages and language-related features directly from the Settings app in Windows without needing to go to the Store. For more details, see Install a language.

ps://docs.microsoft.com/windows-hardware/manufacture/desktop/available-language-packs-for-windows#language-interface-packs-lip

ps://docs.microsoft.com/windows-hardware/manufacture/desktop/available-language-packs-for-windows#language-pack

ps://support.microsoft.com/windows/install-a-language-for-windows-ccd853d3-9ecd-7da7-9ef0-72b4a0554

Additional information:

We recommend that you read How to get Windows 10, version 21H2 for information on our rollout strategy and What's new for IT pros in Windows 10, version 21H2 for a list of commercial release channels, features, and deployment tools. The Windows 10 release information has also been updated, with a list of current Windows 10 versions by servicing option along with release dates, build numbers, end of service dates, and release history.

https://aka.ms/tools-to-support-21H2

https://blogs.windows.com/windowsexperience/?p=176473

https://docs.microsoft.com/windows/release-health/release-information

Additional information:

We recommend that you read How to get Windows 10, version 21H2 for information on our rollout strategy and What's new for IT pros in Windows 10, version 21H2 for a list of commercial release channels, features, and deployment tools. The Windows 10 release information has also been updated, with a list of current Windows 10 versions by servicing option along with release dates, build numbers, end of service dates, and release history.

ps://aka.ms/tools-to-support-21H

ps://blogs.windows.com/windowsexperience/?p=176473

ps://docs.microsoft.com/windows/release-health/release-inf

Additional information:

We'll have more information about our investments in this area over the next several months. In the meantime, there are several resources you can review today.

A data-driven approach to managing devices in your organization

Work from anywhere report - Windows 11 hardware readiness

Microsoft Endpoint Manager tenant attach: Device sync and device actions

Overview of Windows as a service - Servicing tools

https://aka.ms/eagetstarted

https://docs.microsoft.com/mem/analytics/work-from-anywhere#bkmk_windows11

https://docs.microsoft.com/mem/configmgr/comanage/tutorial-co-manage-clients#set-up-hybrid-azure-ad

https://docs.microsoft.com/mem/configmgr/tenant-attach/device-sync-actions

https://docs.microsoft.com/windows/deployment/update/waas-overview#servicing-tools

https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fmicrosoft-endpoint-manager-blog%2Funderstanding-readiness-for-windows-11-with-microsoft-endpoint%2Fba-p%2F2770866&data=04%7C01%7Cv-frsilv%40microsoft.com%7C542c0d7211b2451490c308d9b44407e3%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637739026558181885%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=7M8OIb8PXdeQIGB0Z8M9Bya7xraTRfqJfvOm9Xmqmb8%3D&reserved=0

https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/understanding-readiness-for-windows-11-with-microsoft-endpoint/ba-p/2770866

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/a-data-driven-approach-to-managing-devices-in-your-organization/ba-p/2932082

Additional information:

We'll have more information about our investments in this area over the next several months. In the meantime, there are several resources you can review today.

A data-driven approach to managing devices in your organization

Work from anywhere report - Windows 11 hardware readiness

Microsoft Endpoint Manager tenant attach: Device sync and device actions

Overview of Windows as a service - Servicing tools

ps://aka.ms/ea

ps://docs.microsoft.com/mem/analytics/work-from-anywhere#bkmk_wind

ps://docs.microsoft.com/mem/configmgr/comanage/tutorial-co-manage-clients#set-up-hybrid-azur

ps://docs.microsoft.com/mem/configmgr/tenant-attach/device-sync-acti

ps://docs.microsoft.com/windows/deployment/update/waas-overview#servicing-tool

ps://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fmicrosoft-endpoint-manager-blog%2Funderstanding-readiness-for-windows-11-with-microsoft-endpoint%2Fba-p%2F2770866&data=04%7C01%7Cv-frsilv%40microsoft.com%7C542c0d7211b2451490c308d9b44407e3%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637739026558181885%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=7M8OIb8PXdeQIGB0Z8M9Bya7xraTRfqJfvOm9Xmqmb8%3D&reserved

ps://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/understanding-readiness-for-windows-11-with-microsoft-endpoint/ba-p/2770866

ps://techcommunity.microsoft.com/t5/windows-it-pro-blog/a-data-driven-approach-to-managing-devices-in-your-organization/ba-p/293208

Deployment service for driver updates public preview coming soon

Overview of Microsoft Graph

Introducing a new deployment service for driver and firmware updates

Video - Driver and firmware servicing in the enterprise

Get started with Update Compliance

https://docs.microsoft.com/graph/overview

https://docs.microsoft.com/windows/deployment/update/update-compliance-get-started

https://techcommunity.microsoft.com/t5/video-hub/commercial-driver-and-firmware-servicing-with-the-windows-update/ba-p/2908502

https://techcommunity.microsoft.com/t5/video-hub/driver-and-firmware-servicing-in-the-enterprise/ba-p/2177277

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/deployment-service-for-driver-updates-public-preview-coming-soon/ba-p/2914212

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/introducing-a-new-deployment-service-for-driver-and-firmware/ba-p/2176942

Deployment service for driver updates public preview coming soon

Overview of Microsoft Graph

Introducing a new deployment service for driver and firmware updates

Video - Driver and firmware servicing in the enterprise

Get started with Update Compliance

ps://docs.microsoft.com/graph/overvi

ps://docs.microsoft.com/windows/deployment/update/update-complianc

ps://techcommunity.microsoft.com/t5/video-hub/commercial-driver-and-firmware-servicing-with-the-windows-update/ba-p/29085

ps://techcommunity.microsoft.com/t5/video-hub/driver-and-firmware-servicing-in-the-enterprise/ba-p/2177277

ps://techcommunity.microsoft.com/t5/windows-it-pro-blog/deployment-service-for-driver-updates-public-preview-coming-soon/ba-p/29142

ps://techcommunity.microsoft.com/t5/windows-it-pro-blog/introducing-a-new-deployment-service-for-driver-and-firmware/ba-p/217694

You can also study the resources available in the Additional Information section, below, to learn more.

Additional information:

Universal Print site portal: Learn about the partnerships and ongoing evolution of Universal Print.

Microsoft Ignite session on Universal Print: For a closer look at the printing from OneDrive and Excel for web using Microsoft 365 integration, as well as demonstrations of Microsoft Endpoint Manager administrator functions to deploy and set up Universal Print printers.

Microsoft Ignite session on What's new with Universal Print in Windows 11: To take a closer look at PSA and PIN releases.

Partner integrations site: Discover printers that are Universal Print-ready.

License Universal Print: Learn more about purchasing a standalone Universal Print subscription. Universal Print is already included with commercial and educational Microsoft 365 and Windows 10 subscriptions.

We are always listening to your feedback. Let us know what you think, or what additional features you need at the Techcommunity forums.

https://aka.ms/upintegrations

https://docs.microsoft.com/en-us/universal-print/fundamentals/universal-print-license

https://techcommunity.microsoft.com/t5/universal-print/ct-p/UniversalPrint

https://techcommunity.microsoft.com/t5/video-hub/universal-print-integration-with-microsoft-365/ba-p/2909519

https://techcommunity.microsoft.com/t5/video-hub/what-s-new-with-universal-print-in-windows-11/ba-p/2909647

https://www.microsoft.com/en-us/microsoft-365/windows/universal-print

You can also study the resources available in the Additional Information section, below, to learn more.

Additional information:

Universal Print site portal: Learn about the partnerships and ongoing evolution of Universal Print.

Microsoft Ignite session on Universal Print: For a closer look at the printing from OneDrive and Excel for web using Microsoft 365 integration, as well as demonstrations of Microsoft Endpoint Manager administrator functions to deploy and set up Universal Print printers.

Microsoft Ignite session on What's new with Universal Print in Windows 11: To take a closer look at PSA and PIN releases.

Partner integrations site: Discover printers that are Universal Print-ready.

License Universal Print: Learn more about purchasing a standalone Universal Print subscription. Universal Print is already included with commercial and educational Microsoft 365 and Windows 10 subscriptions.

We are always listening to your feedback. Let us know what you think, or what additional features you need at the Techcommunity forums.

ps://aka.ms/upintegrati

ps://docs.microsoft.com/en-us/universal-print/fundamentals/universal-print-lic

ps://techcommunity.microsoft.com/t5/universal-print/ct-p/UniversalP

ps://techcommunity.microsoft.com/t5/video-hub/universal-print-integration-with-microsoft-365/ba-p/2909519

ps://techcommunity.microsoft.com/t5/video-hub/what-s-new-with-universal-print-in-windows-11/ba-p/2909647

ps://www.microsoft.com/en-us/microsoft-365/windows/universal

If you'd like to onboard your applications through the Azure portal and quickly view insights, such as test results, performance metrics, and crash/hang signals, visit https://aka.ms/testbaseportal to sign up for Test Base.

Additional resources:

Test Base FAQ

Test Base for Microsoft 365 documentation (including quick-start and how-to guides)

Test Base Blog

https://aka.ms/testbaseportal

https://docs.microsoft.com/en-us/microsoft-365/test-base/?view=o365-worldwide

https://docs.microsoft.com/en-us/microsoft-365/test-base/faq?view=o365-worldwide

https://techcommunity.microsoft.com/t5/test-base-blog/bg-p/USL-Blog

https://techcommunity.microsoft.com/t5/test-base-blog/test-base-for-microsoft-365-has-reached-general-availability/ba-p/2893854

https://www.microsoft.com/en-us/testbase

If you'd like to onboard your applications through the Azure portal and quickly view insights, such as test results, performance metrics, and crash/hang signals, visit https://aka.ms/testbaseportal to sign up for Test Base.

Additional resources:

Test Base FAQ

Test Base for Microsoft 365 documentation (including quick-start and how-to guides)

Test Base Blog

ps://aka.ms/testbaseportal

ps://docs.microsoft.com/en-us/microsoft-365/test-base/?view=o365-world

ps://docs.microsoft.com/en-us/microsoft-365/test-base/faq?view=o365-world

ps://techcommunity.microsoft.com/t5/test-base-blog/bg-p/USL-Bl

ps://techcommunity.microsoft.com/t5/test-base-blog/test-base-for-microsoft-365-has-reached-general-availability/ba-p/2893854

ps://www.microsoft.com/en-us/testba

To learn more about the latest trends in PC demand and usage, and get a glimpse at what's next for Windows, read Panos Panay's blog post, A new era of the PC.

https://blogs.windows.com/windowsexperience/2022/01/26/a-new-era-of-the-pc/

https://docs.microsoft.com/en-us/windows/whats-new/windows-11-prepare

https://www.microsoft.com/en-us/windows/windows-11?r=1

To learn more about the latest trends in PC demand and usage, and get a glimpse at what's next for Windows, read Panos Panay's blog post, A new era of the PC.

ps://blogs.windows.com/windowsexperience/2022/01/26/a-new-era-of-the-pc/

ps://docs.microsoft.com/en-us/windows/whats-new/wind

ps://www.microsoft.com/en-us/windows/windows-11?

Additional information:

KB5011233: Protections in CVE-2022-21920 may block NTLM authentication if Kerberos authentication is not successful

CVE-2022-21920: Windows Kerberos Elevation of Privilege Vulnerability

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21920

https://support.microsoft.com/help/5011233

Additional information:

KB5011233: Protections in CVE-2022-21920 may block NTLM authentication if Kerberos authentication is not successful

CVE-2022-21920: Windows Kerberos Elevation of Privilege Vulnerability

ps://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-219

ps://support.microsoft.com/help/5011233

Microsoft 365 compliance center for WW and GCC

Microsoft 365 compliance center for GCC-High

Microsoft 365 compliance center for DoD

[Learn more]

Create a legal hold notice

Overview of Microsoft 365 Advanced eDiscovery

Manage custodian communications templates in Advanced eDiscovery

Manage issuing officers in Advanced eDiscovery

https://compliance.apps.mil/

https://compliance.microsoft.com/

https://compliance.microsoft.us/

https://docs.microsoft.com/microsoft-365/compliance/create-hold-notification?view=o365-worldwide

https://docs.microsoft.com/microsoft-365/compliance/overview-ediscovery-20?view=o365-worldwide

https://docs.microsoft.com/microsoft-365/compliance/overview-ediscovery-20?view=o365-worldwide#subscriptions-and-licensing

https://go.microsoft.com/fwlink/?linkid=2187242

https://go.microsoft.com/fwlink/?linkid=2187342

https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=88813

Microsoft 365 compliance center for WW and GCC

Microsoft 365 compliance center for GCC-High

Microsoft 365 compliance center for DoD

[Learn more]

Create a legal hold notice

Overview of Microsoft 365 Advanced eDiscovery

Manage custodian communications templates in Advanced eDiscovery

Manage issuing officers in Advanced eDiscovery

ps://compliance.apps.mil/

ps://compliance.microsoft.com/

ps://compliance.microsoft.us/

ps://docs.microsoft.com/microsoft-365/compliance/create-hold-notification?view=o365-world

ps://docs.microsoft.com/microsoft-365/compliance/overview-ediscovery-20?view=o365-world

ps://docs.microsoft.com/microsoft-365/compliance/overview-ediscovery-20?view=o365-worldwide#subscriptions-and-licensi

ps://go.microsoft.com/fwlink/?linkid=218724

ps://go.microsoft.com/fwlink/?linkid=218734

ps://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=88813

Additional information:

Please refer to the below links for detailed guidance.

KB5008380 - Authentication updates (CVE-2021-42287)

CVE-2021-42287: Active Directory Domain Services Elevation of Privilege Vulnerability

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42287

https://support.microsoft.com/help/5008380

Additional information:

Please refer to the below links for detailed guidance.

KB5008380 - Authentication updates (CVE-2021-42287)

CVE-2021-42287: Active Directory Domain Services Elevation of Privilege Vulnerability

ps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42287

ps://support.microsoft.com/help/500838

Access the Advanced eDiscovery solution in the Microsoft 365 compliance center:

Microsoft 365 compliance center for WW and GCC

Microsoft 365 compliance center for GCC-High

Microsoft 365 compliance center for DoD

[Learn more]

Import custodians to an Advanced eDiscovery case

Overview of Microsoft 365 Advanced eDiscovery

https://compliance.apps.mil/

https://compliance.microsoft.com/

https://compliance.microsoft.us/

https://docs.microsoft.com/microsoft-365/compliance/bulk-add-custodians?view=o365-worldwide

https://docs.microsoft.com/microsoft-365/compliance/overview-ediscovery-20?view=o365-worldwide

https://docs.microsoft.com/microsoft-365/compliance/overview-ediscovery-20?view=o365-worldwide#subscriptions-and-licensing

https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=88814

Access the Advanced eDiscovery solution in the Microsoft 365 compliance center:

Microsoft 365 compliance center for WW and GCC

Microsoft 365 compliance center for GCC-High

Microsoft 365 compliance center for DoD

[Learn more]

Import custodians to an Advanced eDiscovery case

Overview of Microsoft 365 Advanced eDiscovery

ps://compliance.apps.mil/

ps://compliance.microsoft.com/

ps://compliance.microsoft.us/

ps://docs.microsoft.com/microsoft-365/compliance/bulk-add-custodians?view=o365-world

ps://docs.microsoft.com/microsoft-365/compliance/overview-ediscovery-20?view=o365-world

ps://docs.microsoft.com/microsoft-365/compliance/overview-ediscovery-20?view=o365-worldwide#subscriptions-and-licensi

ps://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=88814

Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat

Value Name: "RequireIntegrityActivationAuthenticationLevel"

Type: dword

Value Data: default = 0x00000000 means disabled. 0x00000001 means enabled. If this value is not defined, it will default to disabled. You must enter Value Data in hexadecimal format.

Devices must be restarted after setting this registry key, for it to take effect. Enabling the registry key above will make DCOM servers enforce an Authentication-Level of RPC_C_AUTHN_LEVEL_PKT_INTEGRITY or higher for activation.

To help identify applications that might have compatibility issues after DCOM security hardening changes are enabled, new DCOM error events were added in the System log, and can be found with Message IDs 10036, 10037 and 10038.

If issues are encountered during testing, contact the vendor for the affected client or server software for an update or workaround.

Additional Information:

It is important to ensure proper testing for this change. Please review the below documentation.

KB5004442: Manage changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414)

CVE-2021-26414: Windows DCOM Server Security Feature Bypass

Microsoft Docs: Distributed Component Object Model (DCOM) Remote Protocol

https://docs.microsoft.com/openspecs/windows_protocols/ms-dcom/4a893f3d-bd29-48cd-9f43-d9777a4415b0

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26414

https://support.microsoft.com/help/5004442

Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat

Value Name: "RequireIntegrityActivationAuthenticationLevel"

Type: dword

Value Data: default = 0x00000000 means disabled. 0x00000001 means enabled. If this value is not defined, it will default to disabled. You must enter Value Data in hexadecimal format.

Devices must be restarted after setting this registry key, for it to take effect. Enabling the registry key above will make DCOM servers enforce an Authentication-Level of RPC_C_AUTHN_LEVEL_PKT_INTEGRITY or higher for activation.

To help identify applications that might have compatibility issues after DCOM security hardening changes are enabled, new DCOM error events were added in the System log, and can be found with Message IDs 10036, 10037 and 10038.

If issues are encountered during testing, contact the vendor for the affected client or server software for an update or workaround.

Additional Information:

It is important to ensure proper testing for this change. Please review the below documentation.

KB5004442: Manage changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414)

CVE-2021-26414: Windows DCOM Server Security Feature Bypass

Microsoft Docs: Distributed Component Object Model (DCOM) Remote Protocol

ps://docs.microsoft.com/openspecs/windows_protocols/ms-dcom/4a893f3d-bd29-48cd-9f43-d9777a4415b

ps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26414

ps://support.microsoft.com/help/500444

Carefully review the documentation in the Additional information section of this entry, which provides details on the changes taking place and detailed migration instructions.

Additional information:

Removal of the U.S. Federal Common Policy CA certificate from the Microsoft trusted root | Microsoft Docs: Main article discussing the removal in detail, potential issues, steps to avoid issues, and troubleshoot and analysis guidance

Migrate to the Federal Common Policy CA G2 | FICAM Playbooks: Instructions to manually download and migrate to the "G2" root certificate

Obtain and verify a copy of the Federal Common Policy CA G2 certificate | FICAM Playbooks: Details on downloading and installing the "G2" root certificate on Windows workgroup, member, and domain controller computers

Distribute the certificate to operating systems | FICAM Playbooks: Guidance to deploy the root store to enterprise devices (see the "Microsoft Solutions" section)

Program Requirements - Microsoft Trusted Root Program | Microsoft Docs: Introduction to the Trusted Root Program, as well as general and technical requirements

https://docs.microsoft.com/security/trusted-root/program-requirements

https://docs.microsoft.com/troubleshoot/windows-server/windows-security/microsoft-trusted-root-store-removal-of-us-federal-common-policy

https://playbooks.idmanagement.gov/fpki/common/distribute-os/

https://playbooks.idmanagement.gov/fpki/common/migrate/

https://playbooks.idmanagement.gov/fpki/common/obtain-and-verify

https://www.idmanagement.gov/

Carefully review the documentation in the Additional information section of this entry, which provides details on the changes taking place and detailed migration instructions.

Additional information:

Removal of the U.S. Federal Common Policy CA certificate from the Microsoft trusted root | Microsoft Docs: Main article discussing the removal in detail, potential issues, steps to avoid issues, and troubleshoot and analysis guidance

Migrate to the Federal Common Policy CA G2 | FICAM Playbooks: Instructions to manually download and migrate to the "G2" root certificate

Obtain and verify a copy of the Federal Common Policy CA G2 certificate | FICAM Playbooks: Details on downloading and installing the "G2" root certificate on Windows workgroup, member, and domain controller computers

Distribute the certificate to operating systems | FICAM Playbooks: Guidance to deploy the root store to enterprise devices (see the "Microsoft Solutions" section)

Program Requirements - Microsoft Trusted Root Program | Microsoft Docs: Introduction to the Trusted Root Program, as well as general and technical requirements

ps://docs.microsoft.com/security/trusted-root/program-requirem

ps://docs.microsoft.com/troubleshoot/windows-server/windows-security/microsoft-trusted-root-store-removal-of-us-federal-common-policy

ps://playbooks.idmanagement.gov/fpki/common/distribute-os/

ps://playbooks.idmanagement.gov/fpki/common/migrate/

ps://playbooks.idmanagement.gov/fpki/common/obtain-and-verify

ps://www.idmanagement.gov/

Additional information:

Announcing Windows 11 Insider Preview Build 22572

Windows Search Overview

Microsoft Search in Bing Overview

Microsoft Search Admin Experience

https://blogs.windows.com/windows-insider/2022/03/09/announcing-windows-11-insider-preview-build-22572/

https://docs.microsoft.com/microsoftsearch/

https://docs.microsoft.com/microsoftsearch/overview-microsoft-search-bing

https://docs.microsoft.com/windows/client-management/mdm/policy-csp-search

https://support.microsoft.com/windows/search-for-anything-anywhere-b14cc5bf-c92a-1e73-ea18-2845891e6cc8

Additional information:

Announcing Windows 11 Insider Preview Build 22572

Windows Search Overview

Microsoft Search in Bing Overview

Microsoft Search Admin Experience

ps://blogs.windows.com/windows-insider/2022/03/09/announcing-windows-11-insider-preview-build-22572/

ps://docs.microsoft.com/microsoftsearch/

ps://docs.microsoft.com/microsoftsearch/overview-microsoft-search-bi

ps://docs.microsoft.com/windows/client-management/mdm/policy-csp-searc

ps://support.microsoft.com/windows/search-for-anything-anywhere-b14cc5bf-c92a-1e73-ea18-2845891e6cc8

Additional information:

Read our FAQ to help answer your questions and use the troubleshooting guide during setup.

Visit the Internet Explorer mode website.

Watch our Ignite video to learn more about getting started.

Learn more about hosting your IE mode site list in an authenticated cloud endpoint in the Microsoft 365 admin center.

Read our announcement blog and our blog series for more information.

https://aka.ms/configureiemode

https://aka.ms/IEmodeblog

https://aka.ms/IEModeFAQ

https://aka.ms/IEModeGuide

https://aka.ms/IEmodewebinar

https://aka.ms/IEModeWebsite

https://aka.ms/ietoedge

https://docs.microsoft.com/deployedge/edge-ie-disable-ie11

https://docs.microsoft.com/deployedge/edge-ie-mode-faq

https://docs.microsoft.com/deployedge/edge-ie-mode-site-discovery

https://docs.microsoft.com/fasttrack/win-10-microsoft-edge-assistance-offered

https://docs.microsoft.com/microsoft-365/admin/activity-reports/browser-usage-report?view=o365-worldwide

https://docs.microsoft.com/microsoft-edge/webdriver-chromium/ie-mode?tabs=c-sharp

https://www.microsoft.com/fasttrack/microsoft-365/app-assure

https://youtu.be/MZt790ZVvBk

Additional information:

Read our FAQ to help answer your questions and use the troubleshooting guide during setup.

Visit the Internet Explorer mode website.

Watch our Ignite video to learn more about getting started.

Learn more about hosting your IE mode site list in an authenticated cloud endpoint in the Microsoft 365 admin center.

Read our announcement blog and our blog series for more information.

ps://aka.ms/confi

ps://aka.ms/IEmodebl

ps://aka.ms/IEModeFAQ

ps://aka.ms/IEModeG

ps://aka.ms/IEmodeweb

ps://aka.ms/IEModeWeb

ps://aka.ms/ietoed

ps://docs.microsoft.com/deployedge/edge-ie-disable-i

ps://docs.microsoft.com/deployedge/edge-ie-mode-faq

ps://docs.microsoft.com/deployedge/edge-ie-mode-site-discovery

ps://docs.microsoft.com/fasttrack/win-10-microsoft-edge-assistance-off

ps://docs.microsoft.com/microsoft-365/admin/activity-reports/browser-usage-report?view=o365-world

ps://docs.microsoft.com/microsoft-edge/webdriver-chromium/ie-mode?tabs=c

ps://www.microsoft.com/fasttrack/microsoft-365/app-a

ps://youtu.be/MZt790ZVvBk

Learn more:

Network Discovery documentation

AIP Scanner configuration

AIP removed and deprecated services

Detailed information on our Yammer post

https://aka.ms/AIPAuditLogsYammerPost

https://docs.microsoft.com/en-us/azure/information-protection/deploy-aip-scanner-configure-install?tabs=azure-portal-only

https://docs.microsoft.com/en-us/azure/information-protection/removed-deprecated-services

Learn more:

Network Discovery documentation

AIP Scanner configuration

AIP removed and deprecated services

Detailed information on our Yammer post

ps://aka.ms/AIPAuditLogsYammerP

ps://docs.microsoft.com/en-us/azure/information-protection/deploy-aip-scanner-configure-install?tabs=azure-portal-only

ps://docs.microsoft.com/en-us/azure/information-protection/removed-deprecated-servic

Additional information:

To learn more about the Windows Update for Business deployment service, stay tuned for the follow-up posts in this blog series and see the following resources:

Announcing the Windows Update for Business deployment service

Windows Update for Business deployment service - Windows Deployment | Microsoft Docs

Deployment service for driver updates public preview coming soon

New additions to the Windows Update for Business deployment service

Safeguard holds overview

Access safeguard hold details with Updated Compliance

Microsoft 365 Enterprise Licensing Guide

https://docs.microsoft.com/windows/deployment/update/deployment-service-overview

https://docs.microsoft.com/windows/deployment/update/safeguard-holds

https://download.microsoft.com/download/3/D/4/3D42BDC2-6725-4B29-B75A-A5B04179958B/Licensing_guide_Microsoft_365_Enterprise.pdf

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/access-safeguard-hold-details-with-update-compliance/ba-p/1809652

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/announcing-the-windows-update-for-business-deployment-service/ba-p/2178419

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/deployment-service-for-driver-updates-public-preview-coming-soon/ba-p/2914212

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/gradual-rollouts-with-the-windows-update-for-business-deployment/ba-p/3263847

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/new-additions-to-the-windows-update-for-business-deployment/ba-p/2913718

Additional information:

To learn more about the Windows Update for Business deployment service, stay tuned for the follow-up posts in this blog series and see the following resources:

Announcing the Windows Update for Business deployment service

Windows Update for Business deployment service - Windows Deployment | Microsoft Docs

Deployment service for driver updates public preview coming soon

New additions to the Windows Update for Business deployment service

Safeguard holds overview

Access safeguard hold details with Updated Compliance

Microsoft 365 Enterprise Licensing Guide

ps://docs.microsoft.com/windows/deployment/update/deployment-service-overvi

ps://docs.microsoft.com/windows/deployment/update/safeguard-hold

ps://download.microsoft.com/download/3/D/4/3D42BDC2-6725-4B29-B75A-A5B04179958B/Licensing_guide_Microsoft_365_Enterprise.pdf

ps://techcommunity.microsoft.com/t5/windows-it-pro-blog/access-safeguard-hold-details-with-update-compliance/ba-p/180965

ps://techcommunity.microsoft.com/t5/windows-it-pro-blog/announcing-the-windows-update-for-business-deployment-service/ba-p/2178419

ps://techcommunity.microsoft.com/t5/windows-it-pro-blog/deployment-service-for-driver-updates-public-preview-coming-soon/ba-p/29142

ps://techcommunity.microsoft.com/t5/windows-it-pro-blog/gradual-rollouts-with-the-windows-update-for-business-deployment/ba-p/3263847

ps://techcommunity.microsoft.com/t5/windows-it-pro-blog/new-additions-to-the-windows-update-for-business-deployment/ba-p/2913718

Additional information:

For more information, please see the Windows Embedded Blog and leverage the following resources:

Download Windows Embedded Compact 2013 Updates from Official Microsoft Download Center

KB5008656: Security update for Windows Embedded Compact 2013: December 2021 (microsoft.com)

SHA2 and Windows - Microsoft Tech Community

https://devicepartner.microsoft.com/en-us/assets/detail/windows-embedded-compact-2013-december-2021-download-img

https://support.microsoft.com/en-us/topic/kb5008656-security-update-for-windows-embedded-compact-2013-december-2021-c51fb380-c0f4-428e-9cfc-defaed07ecca

https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/sha2-and-windows/ba-p/1128617

https://techcommunity.microsoft.com/t5/windows-embedded-blog/older-windows-embedded-compact-content-is-being-retired/ba-p/3270974

https://www.microsoft.com/en-us/download/details.aspx?id=42027

Additional information:

For more information, please see the Windows Embedded Blog and leverage the following resources:

Download Windows Embedded Compact 2013 Updates from Official Microsoft Download Center

KB5008656: Security update for Windows Embedded Compact 2013: December 2021 (microsoft.com)

SHA2 and Windows - Microsoft Tech Community

ps://devicepartner.microsoft.com/en-us/assets/detail/windows-embedded-compact-2013-december-2021-download-im

ps://support.microsoft.com/en-us/topic/kb5008656-security-update-for-windows-embedded-compact-2013-december-2021-c51fb380-c0f4-428e-9cfc-defaed07

ps://techcommunity.microsoft.com/t5/core-infrastructure-and-security/sha2-and-windows/ba-p/1128617

ps://techcommunity.microsoft.com/t5/windows-embedded-blog/older-windows-embedded-compact-content-is-being-retired/ba-p/3270974

ps://www.microsoft.com/en-us/download/details.aspx?id=42027

Additional information:

For more details on CSP policies supporting update management, see our documentation:

Policy CSP - Update. For a list of policies not to set, and why, see Why you shouldn’t set these 25 Windows policies.

To learn more about managing updates for Microsoft Teams Rooms devices, see Manage Windows Updates for Microsoft Teams Rooms.

https://docs.microsoft.com/en-us/microsoftteams/rooms/updates

https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/the-windows-update-policies-you-should-set-and-why/ba-p/3270914

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/why-you-shouldn-t-set-these-25-windows-policies/ba-p/3066178

Additional information:

For more details on CSP policies supporting update management, see our documentation:

Policy CSP - Update. For a list of policies not to set, and why, see Why you shouldn’t set these 25 Windows policies.

To learn more about managing updates for Microsoft Teams Rooms devices, see Manage Windows Updates for Microsoft Teams Rooms.

ps://docs.microsoft.com/en-us/microsoftteams/rooms/upda

ps://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp

ps://techcommunity.microsoft.com/t5/windows-it-pro-blog/the-windows-update-policies-you-should-set-and-why/ba-p/3270914

ps://techcommunity.microsoft.com/t5/windows-it-pro-blog/why-you-shouldn-t-set-these-25-windows-policies/ba-p/3066178

We strongly recommend you validate that the functionality of your app is unaffected when running on the newer runtime version before you deploy the updated runtime in your production environment. To check out the complete guide on this upgrade, see the blog post .NET Framework 4.5.2, 4.6, and 4.6.1 will reach End of Support on Apr 26, 2022.

More resources

NET Framework 4.5.2, 4.6, 4.6.1 end of support FAQ

.NET Framework retiring SHA-1 content

.NET Framework Downloads

.NET Framework Application Compatibility

Runtime changes between .NET Framework 4.5.2 and .NET Framework 4.6.2

.NET Framework Migration Guide

https://devblogs.microsoft.com/dotnet/dotnet-framework-45-46-461-end-of-support/

https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Faka.ms%2Fframework-452-46-461-eos-faq&data=04%7C01%7Cv-keilac%40microsoft.com%7C25c6e070157943c2ca9f08da0e7fff40%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637838240152036886%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=jZFOjPll4fh76WrGXeq53dak7liLPJronjCQNfbBXjA%3D&reserved=0

https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Faka.ms%2Fframework-sha1-retirement&data=04%7C01%7Cv-keilac%40microsoft.com%7C25c6e070157943c2ca9f08da0e7fff40%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637838240152086876%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=f3xBZ7d2kpvXfEBfwZO4ud0KN86NEyPu6ZPjV9FKzKw%3D&reserved=0

https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fdotnet%2Fframework%2Fmigration-guide%2F&data=04%7C01%7Cv-keilac%40microsoft.com%7C25c6e070157943c2ca9f08da0e7fff40%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637838240152086876%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=JRu0j1178jL2IZJuabyk7wOW2JaWz5AxkeRFs2EgnHc%3D&reserved=0

https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fdotnet%2Fframework%2Fmigration-guide%2Fapplication-compatibility&data=04%7C01%7Cv-keilac%40microsoft.com%7C25c6e070157943c2ca9f08da0e7fff40%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637838240152086876%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=IWc%2B%2FAzn0WBs7xoEeTPukFna4zVZOQd1rYc%2FKlpwUtg%3D&reserved=0

https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fdotnet%2Fframework%2Fmigration-guide%2Fruntime%2F4.5.2-4.6.2&data=04%7C01%7Cv-keilac%40microsoft.com%7C25c6e070157943c2ca9f08da0e7fff40%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637838240152086876%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=w3hsxeBZcdZIovGImwuvOgQoxjnjaDYw240KxZ3EN1M%3D&reserved=0

https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Flifecycle%2Ffaq%2Fdotnet-framework&data=04%7C01%7Cv-keilac%40microsoft.com%7C25c6e070157943c2ca9f08da0e7fff40%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637838240152036886%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=YHVlCW1kDym3gnfCPLncN2cb4POOMbJ0kqtsftrUE2A%3D&reserved=0

https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdotnet.microsoft.com%2Fdownload%2Fdotnet-framework&data=04%7C01%7Cv-keilac%40microsoft.com%7C25c6e070157943c2ca9f08da0e7fff40%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637838240152086876%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=5Na4KAJReBcMtYcKpkfXCNwvmWSVwCE1cAxeTbzMaQk%3D&reserved=0

We strongly recommend you validate that the functionality of your app is unaffected when running on the newer runtime version before you deploy the updated runtime in your production environment. To check out the complete guide on this upgrade, see the blog post .NET Framework 4.5.2, 4.6, and 4.6.1 will reach End of Support on Apr 26, 2022.

More resources

NET Framework 4.5.2, 4.6, 4.6.1 end of support FAQ

.NET Framework retiring SHA-1 content

.NET Framework Downloads

.NET Framework Application Compatibility

Runtime changes between .NET Framework 4.5.2 and .NET Framework 4.6.2

.NET Framework Migration Guide

ps://devblogs.microsoft.com/dotnet/dotnet-framework-45-46-461-end-of-support/

ps://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Faka.ms%2Fframework-452-46-461-eos-faq&data=04%7C01%7Cv-keilac%40microsoft.com%7C25c6e070157943c2ca9f08da0e7fff40%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637838240152036886%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=jZFOjPll4fh76WrGXeq53dak7liLPJronjCQNfbBXjA%3D&reserved

ps://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Faka.ms%2Fframework-sha1-retirement&data=04%7C01%7Cv-keilac%40microsoft.com%7C25c6e070157943c2ca9f08da0e7fff40%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637838240152086876%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=f3xBZ7d2kpvXfEBfwZO4ud0KN86NEyPu6ZPjV9FKzKw%3D&reserved

ps://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fdotnet%2Fframework%2Fmigration-guide%2F&data=04%7C01%7Cv-keilac%40microsoft.com%7C25c6e070157943c2ca9f08da0e7fff40%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637838240152086876%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=JRu0j1178jL2IZJuabyk7wOW2JaWz5AxkeRFs2EgnHc%3D&reserved

ps://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fdotnet%2Fframework%2Fmigration-guide%2Fapplication-compatibility&data=04%7C01%7Cv-keilac%40microsoft.com%7C25c6e070157943c2ca9f08da0e7fff40%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637838240152086876%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=IWc%2B%2FAzn0WBs7xoEeTPukFna4zVZOQd1rYc%2FKlpwUtg%3D&reserved

ps://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fdotnet%2Fframework%2Fmigration-guide%2Fruntime%2F4.5.2-4.6.2&data=04%7C01%7Cv-keilac%40microsoft.com%7C25c6e070157943c2ca9f08da0e7fff40%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637838240152086876%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=w3hsxeBZcdZIovGImwuvOgQoxjnjaDYw240KxZ3EN1M%3D&reserved

ps://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Flifecycle%2Ffaq%2Fdotnet-framework&data=04%7C01%7Cv-keilac%40microsoft.com%7C25c6e070157943c2ca9f08da0e7fff40%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637838240152036886%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=YHVlCW1kDym3gnfCPLncN2cb4POOMbJ0kqtsftrUE2A%3D&reserved

ps://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdotnet.microsoft.com%2Fdownload%2Fdotnet-framework&data=04%7C01%7Cv-keilac%40microsoft.com%7C25c6e070157943c2ca9f08da0e7fff40%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637838240152086876%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=5Na4KAJReBcMtYcKpkfXCNwvmWSVwCE1cAxeTbzMaQk%3D&reserved

Additional information:

If you want to catch up on the new and upcoming features in Windows that will help your organization (and IT team) support hybrid work across efficiently and securely, watch the April 5th Windows event, Windows Powers the Future of Hybrid Work, featuring Chairman and CEO Satya Nadella, Windows Executive VP and Chief Product Officer Panos Panay—along with Windows engineering leaders and makers.

https://aka.ms/TCL/Windows

https://aka.ms/WindowsEvent

https://techcommunity.microsoft.com/

Additional information:

If you want to catch up on the new and upcoming features in Windows that will help your organization (and IT team) support hybrid work across efficiently and securely, watch the April 5th Windows event, Windows Powers the Future of Hybrid Work, featuring Chairman and CEO Satya Nadella, Windows Executive VP and Chief Product Officer Panos Panay—along with Windows engineering leaders and makers.

ps://aka.ms/TCL/Wind

ps://aka.ms/WindowsE

ps://techcommunity.microsoft.com/

Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat

Value Name: "RequireIntegrityActivationAuthenticationLevel"

Type: dword

Value Data: default = 0x00000000 means disabled. 0x00000001 means enabled. If this value is not defined, it will default to disabled. You must enter Value Data in hexadecimal format.

Devices must be restarted after setting this registry key, for it to take effect. Enabling the registry key above will make DCOM servers enforce an Authentication-Level of RPC_C_AUTHN_LEVEL_PKT_INTEGRITY or higher for activation.

To help identify applications that might have compatibility issues after DCOM security hardening changes are enabled, new DCOM error events were added in the System log, and can be found with Message IDs 10036, 10037 and 10038.

If issues are encountered during testing, contact the vendor for the affected client or server software for an update or workaround.

Additional Information:

It is important to ensure proper testing for this change. Please review the below documentation.

KB5004442: Manage changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414)

CVE-2021-26414: Windows DCOM Server Security Feature Bypass

https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmsrc.microsoft.com%2Fupdate-guide%2Fvulnerability%2FCVE-2021-26414&data=04%7C01%7CMabel.Gomes%40microsoft.com%7C502abf7ef93c484d785108d9fb12f0dc%7C72f988bf86f141af91ab2d7cd011db47%7C0%7C0%7C637816881046259912%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=5ab3ltoii45jKILARgQxIbzYtP1hrSTrL4qVdNt%2FdJg%3D&reserved=0

https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsupport.microsoft.com%2Fhelp%2F5004442&data=04%7C01%7CMabel.Gomes%40microsoft.com%7C502abf7ef93c484d785108d9fb12f0dc%7C72f988bf86f141af91ab2d7cd011db47%7C0%7C0%7C637816881046259912%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=ZvEM51z9%2BpIs6kwmQnxei2WvCBGCEKSxzj7TuSuN7sM%3D&reserved=0

Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat

Value Name: "RequireIntegrityActivationAuthenticationLevel"

Type: dword

Value Data: default = 0x00000000 means disabled. 0x00000001 means enabled. If this value is not defined, it will default to disabled. You must enter Value Data in hexadecimal format.

Devices must be restarted after setting this registry key, for it to take effect. Enabling the registry key above will make DCOM servers enforce an Authentication-Level of RPC_C_AUTHN_LEVEL_PKT_INTEGRITY or higher for activation.

To help identify applications that might have compatibility issues after DCOM security hardening changes are enabled, new DCOM error events were added in the System log, and can be found with Message IDs 10036, 10037 and 10038.

If issues are encountered during testing, contact the vendor for the affected client or server software for an update or workaround.

Additional Information:

It is important to ensure proper testing for this change. Please review the below documentation.

KB5004442: Manage changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414)

CVE-2021-26414: Windows DCOM Server Security Feature Bypass

ps://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmsrc.microsoft.com%2Fupdate-guide%2Fvulnerability%2FCVE-2021-26414&data=04%7C01%7CMabel.Gomes%40microsoft.com%7C502abf7ef93c484d785108d9fb12f0dc%7C72f988bf86f141af91ab2d7cd011db47%7C0%7C0%7C637816881046259912%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=5ab3ltoii45jKILARgQxIbzYtP1hrSTrL4qVdNt%2FdJg%3D&reserved

ps://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsupport.microsoft.com%2Fhelp%2F5004442&data=04%7C01%7CMabel.Gomes%40microsoft.com%7C502abf7ef93c484d785108d9fb12f0dc%7C72f988bf86f141af91ab2d7cd011db47%7C0%7C0%7C637816881046259912%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=ZvEM51z9%2BpIs6kwmQnxei2WvCBGCEKSxzj7TuSuN7sM%3D&reserved

Additional information:

To learn more, preview, and prepare for these new capabilities, consider the following resources:

Use Windows Update native experience with Configuration Manager Technical Preview 2105.2

If you are not yet part of the Technical Preview, sign up to test out these features and provide feedback.

https://aka.ms/Windows/SeamlessUpdates

https://docs.microsoft.com/en-us/mem/configmgr/core/get-started/technical-preview

https://techcommunity.microsoft.com/t5/configuration-manager-blog/use-windows-update-native-experience-with-configuration-manager/ba-p/2396549#:~:text=%20To%20enable%20the%20Windows%20Update%20native%20experience%3A,allowed%20to%20be%20pending%20a%20restart...%20More%20

Additional information:

To learn more, preview, and prepare for these new capabilities, consider the following resources:

Use Windows Update native experience with Configuration Manager Technical Preview 2105.2

If you are not yet part of the Technical Preview, sign up to test out these features and provide feedback.

ps://aka.ms/Windows/SeamlessUpda

ps://docs.microsoft.com/en-us/mem/configmgr/core/get-started/technical-previ

ps://techcommunity.microsoft.com/t5/configuration-manager-blog/use-windows-update-native-experience-with-configuration-manager/ba-p/2396549#:~:text=%20To%20enable%20the%20Windows%20Update%20native%20experience%3A,allowed%20to%20be%20pending%20a%20restart...%20M

Create anti-malware policy

Quarantine policy

Quarantine policies in anti-malware policies

Use quarantine notifications to release and report quarantined

https://admin.microsoft.com/AdminPortal/Home?#/MessageCenter/:/messages/MC303513

https://docs.microsoft.com/microsoft-365/security/office-365-security/configure-anti-malware-policies#use-the-microsoft-365-defender-portal-to-create-anti-malware-policies

https://docs.microsoft.com/microsoft-365/security/office-365-security/quarantine-policies

https://docs.microsoft.com/microsoft-365/security/office-365-security/quarantine-policies#anti-malware-policies

https://docs.microsoft.com/microsoft-365/security/office-365-security/use-spam-notifications-to-release-and-report-quarantined-messages

https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=93212

Create anti-malware policy

Quarantine policy

Quarantine policies in anti-malware policies

Use quarantine notifications to release and report quarantined

ps://admin.microsoft.com/AdminPortal/Home?#/MessageCenter/:/messages/MC303513

ps://docs.microsoft.com/microsoft-365/security/office-365-security/configure-anti-malware-policies#use-the-microsoft-365-defender-portal-to-create-anti-malware-polici

ps://docs.microsoft.com/microsoft-365/security/office-365-security/quarantine-polici

ps://docs.microsoft.com/microsoft-365/security/office-365-security/quarantine-policies#anti-malware-polici

ps://docs.microsoft.com/microsoft-365/security/office-365-security/use-spam-notifications-to-release-and-report-quarantined-messa

ps://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=932

Additional information:

Please review the following resources:

Stay up to date with widgets

How to update the Windows Web Experience Pack in the Microsoft Store

https://support.microsoft.com/en-us/windows/how-to-update-the-windows-web-experience-pack-in-the-microsoft-store-a16c9bf1-f042-4dc9-a523-740cca1e1e60

https://support.microsoft.com/en-us/windows/stay-up-to-date-with-widgets-7ba79aaa-dac6-4687-b460-ad16a06be6e4

Additional information:

Please review the following resources:

Stay up to date with widgets

How to update the Windows Web Experience Pack in the Microsoft Store

ps://support.microsoft.com/en-us/windows/how-to-update-the-windows-web-experience-pack-in-the-microsoft-store-a16c9bf1-f042-4dc9-a523-740cca1e1e6

ps://support.microsoft.com/en-us/windows/stay-up-to-date-with-widgets-7ba79aaa-dac6-4687-b460-ad16a06be6e4

For additional details please refer Change in naming convention of user’s Name parameter.

https://techcommunity.microsoft.com/t5/exchange-team-blog/change-in-naming-convention-of-user-s-name-parameter/ba-p/3284733/

For additional details please refer Change in naming convention of user’s Name parameter.

ps://techcommunity.microsoft.com/t5/exchange-team-blog/change-in-naming-convention-of-user-s-name-parameter/ba-p/3284733/

In addition, you can view Windows-related notifications in the message center and customize your notification preferences just as you would for any other product or service in the Microsoft 365 admin center. If you have applicable licensing subscriptions and do not automatically see Windows content, select Message center and then Preferences. Once you're there, select Microsoft Windows in the Custom View tab.

You can also opt-in to receive weekly digests and immediate alerts for major updates via email by selecting the Email tab in Preferences. The weekly digest email is sent on Mondays and includes links to all messages published over the past week regarding the products and services you choose. The major update email alerts bring you relevant announcements, such as the release of an out-of-band update or availability of new Windows versions. These alerts are sent on the same day the announcement is published. For a quick setup tutorial, see Email preferences on the Microsoft 365 admin center.

Note: New admins, specifically those with the roles of Global Admin or Message Center Privacy Reader, will be subscribed to a four-week trial period for the Message center weekly digest and can choose to stay subscribed once the trial has concluded by using the Message center preferences menu.

Additional information:

For details on how to use the service communications API in Microsoft Graph, see Overview for accessing service health and communications through Microsoft Graph.

For more information on access tokens, app registration, and delegated and application permissions, see Authentication and authorization basics

https://docs.microsoft.com/graph/auth/auth-concepts

https://docs.microsoft.com/graph/permissions-reference#service-communications-permissions

https://docs.microsoft.com/graph/service-communications-concept-overview

https://youtu.be/COQ9VWq3-J0

In addition, you can view Windows-related notifications in the message center and customize your notification preferences just as you would for any other product or service in the Microsoft 365 admin center. If you have applicable licensing subscriptions and do not automatically see Windows content, select Message center and then Preferences. Once you're there, select Microsoft Windows in the Custom View tab.

You can also opt-in to receive weekly digests and immediate alerts for major updates via email by selecting the Email tab in Preferences. The weekly digest email is sent on Mondays and includes links to all messages published over the past week regarding the products and services you choose. The major update email alerts bring you relevant announcements, such as the release of an out-of-band update or availability of new Windows versions. These alerts are sent on the same day the announcement is published. For a quick setup tutorial, see Email preferences on the Microsoft 365 admin center.

Note: New admins, specifically those with the roles of Global Admin or Message Center Privacy Reader, will be subscribed to a four-week trial period for the Message center weekly digest and can choose to stay subscribed once the trial has concluded by using the Message center preferences menu.

Additional information:

For details on how to use the service communications API in Microsoft Graph, see Overview for accessing service health and communications through Microsoft Graph.

For more information on access tokens, app registration, and delegated and application permissions, see Authentication and authorization basics

ps://docs.microsoft.com/graph/auth/auth-concep

ps://docs.microsoft.com/graph/permissions-reference#service-communications-permissi

ps://docs.microsoft.com/graph/service-communications-concept-overvi

ps://youtu.be/COQ9VWq3-J

Additional information:

Learn more about Update Compliance, the Windows diagnostic data processor configuration, and Azure AD from the following resources:

Configure Windows diagnostic data in your organization

What is an Azure AD joined device?

Plan your Azure Active Directory join deployment

Plan your hybrid Azure Active Directory join deployment

Get started with Update Compliance

https://docs.microsoft.com/en-us/azure/active-directory/devices/azureadjoin-plan

https://docs.microsoft.com/en-us/azure/active-directory/devices/concept-azure-ad-join

https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-plan

https://docs.microsoft.com/en-us/windows/deployment/update/update-compliance-get-started#get-your-commercialid

https://docs.microsoft.com/en-us/windows/privacy/configure-windows-diagnostic-data-in-your-organization

https://docs.microsoft.com/windows/privacy/configure-windows-diagnostic-data-in-your-organization#enable-windows-diagnostic-data-processor-configuration

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/azure-ad-required-for-update-compliance-after-october-15-2022/ba-p/3301621

Additional information:

Learn more about Update Compliance, the Windows diagnostic data processor configuration, and Azure AD from the following resources:

Configure Windows diagnostic data in your organization

What is an Azure AD joined device?

Plan your Azure Active Directory join deployment

Plan your hybrid Azure Active Directory join deployment

Get started with Update Compliance

ps://docs.microsoft.com/en-us/azure/active-directory/devices/azureadjoin-pl

ps://docs.microsoft.com/en-us/azure/active-directory/devices/concept-azure-ad-j

ps://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-pl

ps://docs.microsoft.com/en-us/windows/deployment/update/update-compliance-get-started#get-your-commercial

ps://docs.microsoft.com/en-us/windows/privacy/configure-windows-diagnostic-data-in-your-organiz

ps://docs.microsoft.com/windows/privacy/configure-windows-diagnostic-data-in-your-organization#enable-windows-diagnostic-data-processor-confi

ps://techcommunity.microsoft.com/t5/windows-it-pro-blog/azure-ad-required-for-update-compliance-after-october-15-2022/ba-p/330162

Devices must be restarted after setting this registry key, for it to take effect. Enabling the registry key above will make DCOM servers enforce an Authentication-Level of RPC_C_AUTHN_LEVEL_PKT_INTEGRITY or higher for activation.

To help identify applications that might have compatibility issues after DCOM security hardening changes are enabled, new DCOM error events were added in the System log, and can be found with Message IDs 10036, 10037 and 10038.

If issues are encountered during testing, contact the vendor for the affected client or server software for an update or workaround.

Additional Information:

It is important to ensure proper testing for this change. Please review the below documentation.

\[MS-DCOM\]: Distributed Component Object Model (DCOM) Remote Protocol | Microsoft Docs

KB5004442: Manage changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414)

CVE-2021-26414: Windows DCOM Server Security Feature Bypass

https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-dcom/4a893f3d-bd29-48cd-9f43-d9777a4415b0

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26414

https://support.microsoft.com/en-us/topic/kb5004442-manage-changes-for-windows-dcom-server-security-feature-bypass-cve-2021-26414-f1400b52-c141-43d2-941e-37ed901c769c?preview=true

Devices must be restarted after setting this registry key, for it to take effect. Enabling the registry key above will make DCOM servers enforce an Authentication-Level of RPC_C_AUTHN_LEVEL_PKT_INTEGRITY or higher for activation.

To help identify applications that might have compatibility issues after DCOM security hardening changes are enabled, new DCOM error events were added in the System log, and can be found with Message IDs 10036, 10037 and 10038.

If issues are encountered during testing, contact the vendor for the affected client or server software for an update or workaround.

Additional Information:

It is important to ensure proper testing for this change. Please review the below documentation.

\[MS-DCOM\]: Distributed Component Object Model (DCOM) Remote Protocol | Microsoft Docs

KB5004442: Manage changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414)

CVE-2021-26414: Windows DCOM Server Security Feature Bypass

ps://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-dcom/4a893f3d-bd29-48cd-9f43-d9777a4415b

ps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26414

ps://support.microsoft.com/en-us/topic/kb5004442-manage-changes-for-windows-dcom-server-security-feature-bypass-cve-2021-26414-f1400b52-c141-43d2-941e-37ed901c769c?preview=t

Carefully review the documentation in the Additional information section below, which provides details on the changes taking place along with detailed migration instructions.

Additional information:

Removal of the U.S. Federal Common Policy CA certificate from the Microsoft trusted root | Microsoft Docs: Main article discussing the removal in detail, potential issues, steps to avoid issues, and troubleshoot and analysis guidance

Migrate to the Federal Common Policy CA G2 | FICAM Playbooks: Instructions to manually download and migrate to the "G2" root certificate

Obtain and verify a copy of the Federal Common Policy CA G2 certificate | FICAM Playbooks: Details on downloading and installing the "G2" root certificate on Windows workgroup, member, and domain controller computers

Distribute the certificate to operating systems | FICAM Playbooks: Guidance to deploy the root store to enterprise devices (see the "Microsoft Solutions" section)

Program Requirements - Microsoft Trusted Root Program | Microsoft Docs: Introduction to the Trusted Root Program, as well as general and technical requirements

https://docs.microsoft.com/security/trusted-root/program-requirements

https://docs.microsoft.com/troubleshoot/windows-server/windows-security/microsoft-trusted-root-store-removal-of-us-federal-common-policy

https://playbooks.idmanagement.gov/fpki/common/distribute-os/

https://playbooks.idmanagement.gov/fpki/common/migrate/

https://playbooks.idmanagement.gov/fpki/common/obtain-and-verify

https://www.idmanagement.gov/

Carefully review the documentation in the Additional information section below, which provides details on the changes taking place along with detailed migration instructions.

Additional information:

Removal of the U.S. Federal Common Policy CA certificate from the Microsoft trusted root | Microsoft Docs: Main article discussing the removal in detail, potential issues, steps to avoid issues, and troubleshoot and analysis guidance

Migrate to the Federal Common Policy CA G2 | FICAM Playbooks: Instructions to manually download and migrate to the "G2" root certificate

Obtain and verify a copy of the Federal Common Policy CA G2 certificate | FICAM Playbooks: Details on downloading and installing the "G2" root certificate on Windows workgroup, member, and domain controller computers

Distribute the certificate to operating systems | FICAM Playbooks: Guidance to deploy the root store to enterprise devices (see the "Microsoft Solutions" section)

Program Requirements - Microsoft Trusted Root Program | Microsoft Docs: Introduction to the Trusted Root Program, as well as general and technical requirements

ps://docs.microsoft.com/security/trusted-root/program-requirem

ps://docs.microsoft.com/troubleshoot/windows-server/windows-security/microsoft-trusted-root-store-removal-of-us-federal-common-policy

ps://playbooks.idmanagement.gov/fpki/common/distribute-os/

ps://playbooks.idmanagement.gov/fpki/common/migrate/

ps://playbooks.idmanagement.gov/fpki/common/obtain-and-verify

ps://www.idmanagement.gov/

Additional Information:

Read our FAQ to help answer your questions and use the troubleshooting guide during setup.

Visit the Internet Explorer mode website.

Watch videos from our IE retirement YouTube playlist to learn more.

Learn more about hosting your IE mode site list in an authenticated cloud endpoint in the M365 admin center.

Read our announcement blog and browse our blog series for more information.

https://aka.ms/configureiemode

https://aka.ms/IEmodeblog

https://aka.ms/IEModeFAQ

https://aka.ms/IEModeGuide

https://aka.ms/IEmodewebinar

https://aka.ms/IEModeWebsite

https://aka.ms/ietoedge

https://docs.microsoft.com/deployedge/deploy-edge-plan-deployment

https://docs.microsoft.com/deployedge/edge-ie-disable-ie11

https://docs.microsoft.com/deployedge/edge-ie-mode-faq

https://docs.microsoft.com/deployedge/edge-ie-mode-site-discovery

https://docs.microsoft.com/en-us/microsoft-365/admin/activity-reports/browser-usage-report?view=o365-worldwide

https://docs.microsoft.com/fasttrack/win-10-microsoft-edge-assistance-offered

https://docs.microsoft.com/microsoft-edge/webdriver-chromium/ie-mode?tabs=c-sharp

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/don-t-wait-for-june-15th-set-your-own-ie-retirement-date/ba-p/3298143

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/host-ie-mode-site-lists-in-the-cloud/ba-p/3035479#M3571

https://www.microsoft.com/fasttrack/microsoft-365/app-assure

https://youtube.com/playlist?list=PL4z1-7pjJU6wgq5AIvd4_jJssxtbyJFXn

Additional Information:

Read our FAQ to help answer your questions and use the troubleshooting guide during setup.

Visit the Internet Explorer mode website.

Watch videos from our IE retirement YouTube playlist to learn more.

Learn more about hosting your IE mode site list in an authenticated cloud endpoint in the M365 admin center.

Read our announcement blog and browse our blog series for more information.

ps://aka.ms/confi

ps://aka.ms/IEmodebl

ps://aka.ms/IEModeFAQ

ps://aka.ms/IEModeG

ps://aka.ms/IEmodeweb

ps://aka.ms/IEModeWeb

ps://aka.ms/ietoed

ps://docs.microsoft.com/deployedge/deploy-edge-plan-deploy

ps://docs.microsoft.com/deployedge/edge-ie-disable-i

ps://docs.microsoft.com/deployedge/edge-ie-mode-faq

ps://docs.microsoft.com/deployedge/edge-ie-mode-site-discovery

ps://docs.microsoft.com/en-us/microsoft-365/admin/activity-reports/browser-usage-report?view=o365-world

ps://docs.microsoft.com/fasttrack/win-10-microsoft-edge-assistance-off

ps://docs.microsoft.com/microsoft-edge/webdriver-chromium/ie-mode?tabs=c

ps://techcommunity.microsoft.com/t5/windows-it-pro-blog/don-t-wait-for-june-15th-set-your-own-ie-retirement-date/ba-p/3298143

ps://techcommunity.microsoft.com/t5/windows-it-pro-blog/host-ie-mode-site-lists-in-the-cloud/ba-p/3035479#M357

ps://www.microsoft.com/fasttrack/microsoft-365/app-a

ps://youtube.com/playlist?list=PL4z1-7pjJU6wgq5AIvd4_jJssxtbyJFX

Anti-malware policy

Anti-malware policy protection FAQ

Current list of file types in pre-populated list

Current list of default file type selection

The list of file types:

7z, 7zip,

a, accdb, accde,ace, action, ade, adp, apk, app, appx, appxbundle, arj, asf, asp, aspx, ani, avi,

bat, bin, bundle, bz, bz2, bzip2,

cab, caction, cer, chm, cmd, com, command, cpl, crt, csh, css,

deb, der, dex, dgz, dll, dmg, doc, docm, docx, dot, dotm, dtox, dylib,

elf, exe,

font,

gz, gzip,

hlp, hta, htm, html,

img, imp, inf, ins, ipa, iso, isp, its,

jar, jnlp, js, jse,

kext, ksh,

lha, lib, library, lnk, lqy, lzh,

macho, mad, maf, mag, mam, maq, mar, mas, mat, mav, maw, mda, mdb, mde, mdt, mdw, mdz, mht,

mhtml, msc, mscompress, msh, msh1, msh1xml, msh2, msh2xml, mshxml, msi, msix, msixbundle, msp, mst,

o, obj, odp, ods, odt, one, onenote, ops,

package, pages, pbix, pdb, pdf, php, pif, pkg, plugin, ppa, ppam, pps, ppsm, ppsx, ppt, pptm, pptx, prf,

prg, ps1, ps1xml, ps2, ps2xml, psc1, psc2, pst, pub, py,

rar, reg, rev, rpm, rtf,

scf, scpt, scr, sct, service, sh, shx, shb, shtm, so, sys,

tar, tarz, terminal, tgz, tool,

uif, url,

vb, vbe, vbs, vhd, vsd, vsdm, vsdx, vsmacros, vss, vssx, vst, vstm, vstx, vsw, vxd,

workflow, ws, wsc, wsf, wsh,

xhtml, xla, xlam, xll, xls, xlsb, xlsm, xlsx, xlt, xltm, xltx, xz,

z, zi, zip, zipx,

The default selection from the above file type list is:

ace, apk, app, appx, ani, arj,

bat,

cab, cmd,com,

deb, dex, dll, docm,

elf, exe,

hta,

img, iso,

jar, jnlp,

kext,

lha, lib, library, lnk, lzh

macho, msc, msi, msix, msp, mst

pif, ppa, ppam,

reg, rev,

scf, scr, sct, sys,

uif,

vb, vbe, vbs, vxd

wsc, wsf, wsh

xll, xz

z

https://docs.microsoft.com/microsoft-365/security/office-365-security/anti-malware-protection#anti-malware-policies

https://docs.microsoft.com/microsoft-365/security/office-365-security/anti-malware-protection-faq-eop?view=o365-worldwide

https://www.microsoft.com/microsoft-365/roadmap?rtc=1%26filters=&searchterms=85611

Anti-malware policy

Anti-malware policy protection FAQ

Current list of file types in pre-populated list

Current list of default file type selection

The list of file types:

7z, 7zip,

a, accdb, accde,ace, action, ade, adp, apk, app, appx, appxbundle, arj, asf, asp, aspx, ani, avi,

bat, bin, bundle, bz, bz2, bzip2,

cab, caction, cer, chm, cmd, com, command, cpl, crt, csh, css,

deb, der, dex, dgz, dll, dmg, doc, docm, docx, dot, dotm, dtox, dylib,

elf, exe,

font,

gz, gzip,

hlp, hta, htm, html,

img, imp, inf, ins, ipa, iso, isp, its,

jar, jnlp, js, jse,

kext, ksh,

lha, lib, library, lnk, lqy, lzh,

macho, mad, maf, mag, mam, maq, mar, mas, mat, mav, maw, mda, mdb, mde, mdt, mdw, mdz, mht,

mhtml, msc, mscompress, msh, msh1, msh1xml, msh2, msh2xml, mshxml, msi, msix, msixbundle, msp, mst,

o, obj, odp, ods, odt, one, onenote, ops,

package, pages, pbix, pdb, pdf, php, pif, pkg, plugin, ppa, ppam, pps, ppsm, ppsx, ppt, pptm, pptx, prf,

prg, ps1, ps1xml, ps2, ps2xml, psc1, psc2, pst, pub, py,

rar, reg, rev, rpm, rtf,

scf, scpt, scr, sct, service, sh, shx, shb, shtm, so, sys,

tar, tarz, terminal, tgz, tool,

uif, url,

vb, vbe, vbs, vhd, vsd, vsdm, vsdx, vsmacros, vss, vssx, vst, vstm, vstx, vsw, vxd,

workflow, ws, wsc, wsf, wsh,

xhtml, xla, xlam, xll, xls, xlsb, xlsm, xlsx, xlt, xltm, xltx, xz,

z, zi, zip, zipx,

The default selection from the above file type list is:

ace, apk, app, appx, ani, arj,

bat,

cab, cmd,com,

deb, dex, dll, docm,

elf, exe,

hta,

img, iso,

jar, jnlp,

kext,

lha, lib, library, lnk, lzh

macho, msc, msi, msix, msp, mst

pif, ppa, ppam,

reg, rev,

scf, scr, sct, sys,

uif,

vb, vbe, vbs, vxd

wsc, wsf, wsh

xll, xz

z

ps://docs.microsoft.com/microsoft-365/security/office-365-security/anti-malware-protection#anti-malware-polici

ps://docs.microsoft.com/microsoft-365/security/office-365-security/anti-malware-protection-faq-eop?view=o365-world

ps://www.microsoft.com/microsoft-365/roadmap?rtc=1%26filters=&searchterms=856

Additional information:

Updated Scan Cab: Download the new Scan Cab here

Announcing a smaller WSUS Scan Cab - Microsoft Tech Community: Learn more about WSUS and the Scan Cab process

Using WUA to Scan for Updates Offline - Win32 apps | Microsoft Docs: Windows Update Agent (WUA) can be used to scan computers for security updates without connecting to Windows Update

WSUS and the Catalog Site | Microsoft Docs: The Catalog Site used by WSUS to import updates and drivers

Description of the security update for Microsoft Exchange Server 2016 and 2019: May 10, 2022: Details on the vulnerability addressed in the new Scan Cab

https://docs.microsoft.com/windows/win32/wua_sdk/using-wua-to-scan-for-updates-offline

https://docs.microsoft.com/windows-server/administration/windows-server-update-services/manage/wsus-and-the-catalog-site

https://download.windowsupdate.com/microsoftupdate/v6/wsusscan/wsusscn2.cab

https://support.microsoft.com/topic/description-of-the-security-update-for-microsoft-exchange-server-2016-and-2019-may-10-2022-kb5014261-cd5ecb59-a0eb-47ef-ae35-f62b13c8b817

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/announcing-a-smaller-wsus-scan-cab/ba-p/2928256?msclkid=256145ccd0c011ec9266b53af8d0aca1

Additional information:

Updated Scan Cab: Download the new Scan Cab here

Announcing a smaller WSUS Scan Cab - Microsoft Tech Community: Learn more about WSUS and the Scan Cab process

Using WUA to Scan for Updates Offline - Win32 apps | Microsoft Docs: Windows Update Agent (WUA) can be used to scan computers for security updates without connecting to Windows Update

WSUS and the Catalog Site | Microsoft Docs: The Catalog Site used by WSUS to import updates and drivers

Description of the security update for Microsoft Exchange Server 2016 and 2019: May 10, 2022: Details on the vulnerability addressed in the new Scan Cab

ps://docs.microsoft.com/windows/win32/wua_sdk/using-wua-to-scan-for-updates-offl

ps://docs.microsoft.com/windows-server/administration/windows-server-update-services/manage/wsus-and-the-catal

ps://download.windowsupdate.com/microsoftupdate/v6/wsusscan/wsusscn2.cab

ps://support.microsoft.com/topic/description-of-the-security-update-for-microsoft-exchange-server-2016-and-2019-may-10-2022-kb5014261-cd5ecb59-a0eb-47ef-ae35-f62b13c8b817

ps://techcommunity.microsoft.com/t5/windows-it-pro-blog/announcing-a-smaller-wsus-scan-cab/ba-p/2928256?msclkid=256145ccd0c011ec9266b53af8d0aca

Additional information:

This survey asks about your experience with the following:

Windows 11 release notes

Windows 10 release notes

Security Update Guide: https://msrc.microsoft.com/update-guide

https://aka.ms/Windows/RelNotesSurvey

https://msrc.microsoft.com/update-guide

https://support.microsoft.com/topic/windows-10-update-history-857b8ccb-71e4-49e5-b3f6-7073197d98fb

https://support.microsoft.com/topic/windows-11-update-history-a19cd327-b57f-44b9-84e0-26ced7109ba9

Additional information:

This survey asks about your experience with the following:

Windows 11 release notes

Windows 10 release notes

Security Update Guide: https://msrc.microsoft.com/update-guide

ps://aka.ms/Windows/RelNotesSurvey

ps://msrc.microsoft.com/upda

ps://support.microsoft.com/topic/windows-10-update-history-857b8ccb-71e4-49e5-b3f6-7073197d98fb

ps://support.microsoft.com/topic/windows-11-update-history-a19cd327-b57f-44b9-84e0-26ced7109ba9

Microsoft Purview compliance portal for GCC-High cloud environments

Microsoft Purview compliance portal for DoD cloud environments

Learn more:

Microsoft Defender for Endpoint

https://compliance.apps.mil/

https://compliance.microsoft.us/

https://docs.microsoft.com/microsoft-365/compliance/insider-risk-management-settings?view=o365-worldwide#microsoft-defender-for-endpoint-preview

https://docs.microsoft.com/microsoft-365/security/defender-endpoint/advanced-features?view=o365-worldwide#share-endpoint-alerts-with-microsoft-compliance-center

https://purview.microsoft.com/compliance

https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=83965

Microsoft Purview compliance portal for GCC-High cloud environments

Microsoft Purview compliance portal for DoD cloud environments

Learn more:

Microsoft Defender for Endpoint

ps://compliance.apps.mil/

ps://compliance.microsoft.us/

ps://docs.microsoft.com/microsoft-365/compliance/insider-risk-management-settings?view=o365-worldwide#microsoft-defender-for-endpoint-previ

ps://docs.microsoft.com/microsoft-365/security/defender-endpoint/advanced-features?view=o365-worldwide#share-endpoint-alerts-with-microsoft-complianc

ps://purview.microsoft.com/compl

ps://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=83965

Microsoft Purview compliance portal for GCC-High cloud environments

Microsoft Purview compliance portal for DoD cloud environments

Learn more:

General security policy violations

Security policy violations by priority users

Security policy violations by departing users

https://compliance.apps.mil/

https://compliance.microsoft.us/

https://docs.microsoft.com/microsoft-365/compliance/insider-risk-management-policies?view=o365-worldwide#general-security-policy-violations-preview

https://docs.microsoft.com/microsoft-365/compliance/insider-risk-management-policies?view=o365-worldwide#security-policy-violations-by-departing-users-preview

https://docs.microsoft.com/microsoft-365/compliance/insider-risk-management-policies?view=o365-worldwide#security-policy-violations-by-priority-users-preview

https://docs.microsoft.com/microsoft-365/security/defender-endpoint/advanced-features?view=o365-worldwide#share-endpoint-alerts-with-microsoft-compliance-center

https://purview.microsoft.com/compliance

https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=83961

https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=83962

https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=83963

Microsoft Purview compliance portal for GCC-High cloud environments

Microsoft Purview compliance portal for DoD cloud environments

Learn more:

General security policy violations

Security policy violations by priority users

Security policy violations by departing users

ps://compliance.apps.mil/

ps://compliance.microsoft.us/

ps://docs.microsoft.com/microsoft-365/compliance/insider-risk-management-policies?view=o365-worldwide#general-security-policy-violations-previ

ps://docs.microsoft.com/microsoft-365/compliance/insider-risk-management-policies?view=o365-worldwide#security-policy-violations-by-departing-users-previ

ps://docs.microsoft.com/microsoft-365/compliance/insider-risk-management-policies?view=o365-worldwide#security-policy-violations-by-priority-users-previ

ps://docs.microsoft.com/microsoft-365/security/defender-endpoint/advanced-features?view=o365-worldwide#share-endpoint-alerts-with-microsoft-complianc

ps://purview.microsoft.com/compl

ps://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=8396

ps://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=8396

ps://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=83963

Carefully review the documentation in the Additional information section below, which provides details on the changes taking place along with detailed migration instructions.

Additional information:

Removal of the U.S. Federal Common Policy CA certificate from the Microsoft trusted root | Microsoft Docs: Main article discussing the removal in detail, potential issues, steps to avoid issues, and troubleshoot and analysis guidance

Migrate to the Federal Common Policy CA G2 | FICAM Playbooks: Instructions to manually download and migrate to the "G2" root certificate

Obtain and verify a copy of the Federal Common Policy CA G2 certificate | FICAM Playbooks: Details on downloading and installing the "G2" root certificate on Windows workgroup, member, and domain controller computers

Distribute the certificate to operating systems | FICAM Playbooks: Guidance to deploy the root store to enterprise devices (see the "Microsoft Solutions" section)

Program Requirements - Microsoft Trusted Root Program | Microsoft Docs: Introduction to the Trusted Root Program, as well as general and technical requirements

https://docs.microsoft.com/security/trusted-root/program-requirements

https://docs.microsoft.com/troubleshoot/windows-server/windows-security/microsoft-trusted-root-store-removal-of-us-federal-common-policy

https://playbooks.idmanagement.gov/fpki/common/distribute-os/

https://playbooks.idmanagement.gov/fpki/common/migrate/

https://playbooks.idmanagement.gov/fpki/common/obtain-and-verify

https://www.idmanagement.gov/

Carefully review the documentation in the Additional information section below, which provides details on the changes taking place along with detailed migration instructions.

Additional information:

Removal of the U.S. Federal Common Policy CA certificate from the Microsoft trusted root | Microsoft Docs: Main article discussing the removal in detail, potential issues, steps to avoid issues, and troubleshoot and analysis guidance

Migrate to the Federal Common Policy CA G2 | FICAM Playbooks: Instructions to manually download and migrate to the "G2" root certificate

Obtain and verify a copy of the Federal Common Policy CA G2 certificate | FICAM Playbooks: Details on downloading and installing the "G2" root certificate on Windows workgroup, member, and domain controller computers

Distribute the certificate to operating systems | FICAM Playbooks: Guidance to deploy the root store to enterprise devices (see the "Microsoft Solutions" section)

Program Requirements - Microsoft Trusted Root Program | Microsoft Docs: Introduction to the Trusted Root Program, as well as general and technical requirements

ps://docs.microsoft.com/security/trusted-root/program-requirem

ps://docs.microsoft.com/troubleshoot/windows-server/windows-security/microsoft-trusted-root-store-removal-of-us-federal-common-policy

ps://playbooks.idmanagement.gov/fpki/common/distribute-os/

ps://playbooks.idmanagement.gov/fpki/common/migrate/

ps://playbooks.idmanagement.gov/fpki/common/obtain-and-verify

ps://www.idmanagement.gov/

Additional information:

For additional information, please see the Windows IT Pro blog post Ensuring a successful Windows quality update experience and learn more about the opportunities we recommend for early testing:

Security Update Validation Program: the early bird tests the worm

Register for the Windows 10 Insider Program for Business

Test Base for Microsoft 365 has reached general availability

App Assure with Microsoft FastTrack

https://docs.microsoft.com/en-us/windows-insider/business/register

https://techcommunity.microsoft.com/t5/test-base-blog/test-base-for-microsoft-365-has-reached-general-availability/ba-p/2893854#:~:text=Test%20Base%20for%20Microsoft%20365%20has%20reached%20general,is%20moving%20from%20public%20preview%20to%20general%20availability.

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/ensuring-a-successful-windows-quality-update-experience/ba-p/3451774

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/security-update-validation-program-the-early-bird-tests-the-worm/ba-p/2569392

https://www.microsoft.com/en-us/fasttrack/microsoft-365/app-assure

Additional information:

For additional information, please see the Windows IT Pro blog post Ensuring a successful Windows quality update experience and learn more about the opportunities we recommend for early testing:

Security Update Validation Program: the early bird tests the worm

Register for the Windows 10 Insider Program for Business

Test Base for Microsoft 365 has reached general availability

App Assure with Microsoft FastTrack

ps://docs.microsoft.com/en-us/windows-insider/business/regi

ps://techcommunity.microsoft.com/t5/test-base-blog/test-base-for-microsoft-365-has-reached-general-availability/ba-p/2893854#:~:text=Test%20Base%20for%20Microsoft%20365%20has%20reached%20general,is%20moving%20from%20public%20preview%20to%20general%20availability

ps://techcommunity.microsoft.com/t5/windows-it-pro-blog/ensuring-a-successful-windows-quality-update-experience/ba-p/3451774

ps://techcommunity.microsoft.com/t5/windows-it-pro-blog/security-update-validation-program-the-early-bird-tests-the-worm/ba-p/256939

ps://www.microsoft.com/en-us/fasttrack/microsoft-365/app-a

Microsoft Purview compliance portal for DoD cloud environments

Learn more:

Learn about Communication Compliance

Learn more about optical character recognition

https://compliance.apps.mil/

https://compliance.microsoft.us/

https://docs.microsoft.com/microsoft-365/compliance/communication-compliance?view=o365-worldwide

https://docs.microsoft.com/microsoft-365/compliance/communication-compliance-policies?view=o365-worldwide#optical-character-recognition-ocr

https://purview.microsoft.com/compliance

https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=88920

https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=93194

Microsoft Purview compliance portal for DoD cloud environments

Learn more:

Learn about Communication Compliance

Learn more about optical character recognition

ps://compliance.apps.mil/

ps://compliance.microsoft.us/

ps://docs.microsoft.com/microsoft-365/compliance/communication-compliance?view=o365-world

ps://docs.microsoft.com/microsoft-365/compliance/communication-compliance-policies?view=o365-worldwide#optical-character-recogniti

ps://purview.microsoft.com/compl

ps://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=889

ps://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=93194

Learn more:

Custom configurations - Azure Information Protection unified labeling client | Microsoft Docs

https://compliance.microsoft.com/

https://docs.microsoft.com/azure/information-protection/rms-client/clientv2-admin-guide-customizations?msclkid=f0fb4cb0c1bf11ec934f859dd1690d6b%22%20%5Cl%20%22specify-a-color-for-the-label

https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=88517%2C

https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=93217%2C

Learn more:

Custom configurations - Azure Information Protection unified labeling client | Microsoft Docs

ps://compliance.microsoft.com/

ps://docs.microsoft.com/azure/information-protection/rms-client/clientv2-admin-guide-customizations?msclkid=f0fb4cb0c1bf11ec934f859dd1690d6b%22%20%5Cl%20%22specify-a-color-for-the-label

ps://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=88517

ps://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=93217

Additional information:

For free support for commercial organizations running these preview builds, visit the Services Hub.

For future updates on preview releases and features, follow the Windows Insider Blog.

For free support offerings, see the new blog, Preview of Windows 11, version 22H2 now available.

https://support.microsoft.com/en-us/windows/update-windows-3c5ae7fc-9fb6-9af1-1984-b5e0412c556a#WindowsVersion=Windows_11

https://support.serviceshub.microsoft.com/supportforbusiness/onboarding?origin=/supportforbusiness/create

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/preview-of-windows-11-version-22h2-now-available/ba-p/3478084

Additional information:

For free support for commercial organizations running these preview builds, visit the Services Hub.

For future updates on preview releases and features, follow the Windows Insider Blog.

For free support offerings, see the new blog, Preview of Windows 11, version 22H2 now available.

ps://support.microsoft.com/en-us/windows/update-windows-3c5ae7fc-9fb6-9af1-1984-b5e0412c556a#WindowsVersion=Windows_

ps://support.serviceshub.microsoft.com/supportforbusiness/onboarding?origin=/supportforbusiness/

ps://techcommunity.microsoft.com/t5/windows-it-pro-blog/preview-of-windows-11-version-22h2-now-available/ba-p/3478084

Deploy Personal Insights

Inline Suggestions in Outlook

https://docs.microsoft.com/viva/insights/personal/overview/plans-environments

https://docs.microsoft.com/viva/insights/personal/Setup/configure

https://docs.microsoft.com/viva/insights/personal/setup/deployment-guide#roll-out-viva-insights

https://docs.microsoft.com/viva/insights/personal/use/mya-notifications#opt-out-of-inline-suggestions

https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=93350

Deploy Personal Insights

Inline Suggestions in Outlook

ps://docs.microsoft.com/viva/insights/personal/overview/plans-environm

ps://docs.microsoft.com/viva/insights/personal/Setup/confi

ps://docs.microsoft.com/viva/insights/personal/setup/deployment-guide#roll-out-viva-insi

ps://docs.microsoft.com/viva/insights/personal/use/mya-notifications#opt-out-of-inline-suggesti

ps://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=9335

Users: What is a shared channel in Teams?

https://docs.microsoft.com/en-us/azure/active-directory/external-identities/b2b-direct-connect-overview

https://docs.microsoft.com/microsoftteams/shared-channels

https://support.microsoft.com/office/what-is-a-shared-channel-in-teams-e70a8c22-fee4-4d6e-986f-9e0781d7d11d

https://www.microsoft.com/microsoft-365/roadmap?ms.url=m365comroadmap&rtc=1&filters=&searchterms=94820

Users: What is a shared channel in Teams?

ps://docs.microsoft.com/en-us/azure/active-directory/external-identities/b2b-direct-connect-overvi

ps://docs.microsoft.com/microsoftteams/shared-channel

ps://support.microsoft.com/office/what-is-a-shared-channel-in-teams-e70a8c22-fee4-4d6e-986f-9e0781d7d

ps://www.microsoft.com/microsoft-365/roadmap?ms.url=m365comroadmap&rtc=1&filters=&searchterms=948

Additional information:

For additional information, please see:

Preview app and driver compatibility insights in Endpoint Manager (Windows IT Pro Blog)

Use Windows compatibility reports for Windows 10 and Windows 11 updates in Intune (Microsoft Docs)

https://docs.microsoft.com/en-us/mem/intune/protect/windows-update-compatibility-reports

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/preview-app-and-driver-compatibility-insights-in-endpoint/ba-p/3482136

Additional information:

For additional information, please see:

Preview app and driver compatibility insights in Endpoint Manager (Windows IT Pro Blog)

Use Windows compatibility reports for Windows 10 and Windows 11 updates in Intune (Microsoft Docs)

ps://docs.microsoft.com/en-us/mem/intune/protect/windows-update-compatibility-repor

ps://techcommunity.microsoft.com/t5/windows-it-pro-blog/preview-app-and-driver-compatibility-insights-in-endpoint/ba-p/3482136

Update Compliance

Windows Update for Business deployment service

Microsoft Managed Desktop

Endpoint analytics (in Microsoft Endpoint Manager)

(Additional licensing requirements may apply to use these services.)

If you don’t sign up for any of these enterprise services, Microsoft will act as the controller for the diagnostic data.

Note: In all cases, enrollment in the Windows diagnostic data processor configuration requires a device to be joined to an Azure AD tenant. If a device is not properly enrolled, Microsoft will be the controller of diagnostic data processed in connection with Windows in accordance with the Microsoft Privacy Statement (aka.ms/privacy), and the Data Protection Addendum (aka.ms/DPA) terms will not apply.

Additional information:

For details on these changes and how to enable the Windows diagnostic data processor configuration option, see Significant changes coming to the Windows diagnostic data processor configuration documentation topic.

https://blogs.microsoft.com/eupolicy/2021/05/06/eu-data-boundary/

https://docs.microsoft.com/en-us/windows/privacy/changes-to-windows-diagnostic-data-collection#significant-changes-coming-to-the-windows-diagnostic-data-processor-configuration

https://docs.microsoft.com/en-us/windows/privacy/configure-windows-diagnostic-data-in-your-organization

https://docs.microsoft.com/en-us/windows-insider/flighting#dev-channel

https://docs.microsoft.com/windows-insider/flighting#dev-channel

https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Faka.ms%2FDPA&data=05%7C01%7CAlbert.Cabello%40microsoft.com%7C86bc5a1a771b4a74fc8508da4b0067e2%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637904762393315046%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=viUXAaNDrNdTUmtzLYTPMwZdrohro%2BIkaDhRB31Yhlk%3D&reserved=0%22%20\t%20%22_blank

https://privacy.microsoft.com/en-us/privacystatement

https://privacy.microsoft.com/privacystatement

https://review.docs.microsoft.com/en-us/managed-desktop/intro/

https://review.docs.microsoft.com/en-us/mem/analytics/overview

https://review.docs.microsoft.com/en-us/windows/deployment/update/deployment-service-overview

https://review.docs.microsoft.com/en-us/windows/deployment/update/update-compliance-monitor

https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA

https://www.microsoft.com/licensing/terms/product/Glossary/all

Update Compliance

Windows Update for Business deployment service

Microsoft Managed Desktop

Endpoint analytics (in Microsoft Endpoint Manager)

(Additional licensing requirements may apply to use these services.)

If you don’t sign up for any of these enterprise services, Microsoft will act as the controller for the diagnostic data.

Note: In all cases, enrollment in the Windows diagnostic data processor configuration requires a device to be joined to an Azure AD tenant. If a device is not properly enrolled, Microsoft will be the controller of diagnostic data processed in connection with Windows in accordance with the Microsoft Privacy Statement (aka.ms/privacy), and the Data Protection Addendum (aka.ms/DPA) terms will not apply.

Additional information:

For details on these changes and how to enable the Windows diagnostic data processor configuration option, see Significant changes coming to the Windows diagnostic data processor configuration documentation topic.

ps://blogs.microsoft.com/eupolicy/2021/05/06/eu-data-boundary/

ps://docs.microsoft.com/en-us/windows/privacy/changes-to-windows-diagnostic-data-collection#significant-changes-coming-to-the-windows-diagnostic-data-processor-confi

ps://docs.microsoft.com/en-us/windows/privacy/configure-windows-diagnostic-data-in-your-organiz

ps://docs.microsoft.com/en-us/windows-insider/flighting#dev-channel

ps://docs.microsoft.com/windows-insider/flighting#dev-channel

ps://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Faka.ms%2FDPA&data=05%7C01%7CAlbert.Cabello%40microsoft.com%7C86bc5a1a771b4a74fc8508da4b0067e2%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637904762393315046%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=viUXAaNDrNdTUmtzLYTPMwZdrohro%2BIkaDhRB31Yhlk%3D&reserved=0%22%20\t%20%22_blank

ps://privacy.microsoft.com/en-us/privacy

ps://privacy.microsoft.com/privacy

ps://review.docs.microsoft.com/en-us/managed-desktop/intro/

ps://review.docs.microsoft.com/en-us/mem/analytics/overvi

ps://review.docs.microsoft.com/en-us/windows/deployment/update/deployment-service-overvi

ps://review.docs.microsoft.com/en-us/windows/deployment/update/update-complianc

ps://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA

ps://www.microsoft.com/licensing/terms/product/Glossary/all

Devices must be restarted after setting this registry key, for it to take effect.

Note: Enabling the registry key above will make DCOM servers enforce an Authentication-Level of RPC_C_AUTHN_LEVEL_PKT_INTEGRITY or higher for activation.

To help identify the applications that might have compatibility issues after we enable DCOM security hardening changes, we added new DCOM error events in the System log:

Event 10036 is logged on the DCOM server and contains the IP address of the DCOM client.

Events 10037 and 10038 are logged on the DCOM client, not the DCOM Server machine.

The system will log these events if it detects that a DCOM client application is trying to activate a DCOM server using an authentication level that is less than RPC_C_AUTHN_LEVEL_PKT_INTEGRITY. The client device can be traced from the server-side event log and the client-side event logs can be used to find the application.

If issues are encountered during testing, contact the vendor for the affected client or server software for an update or workaround, and see the DCOM errors supported by all Windows platforms.

Additional Information:

It is important to ensure proper testing for this change. Please review the below documentation.

\[MS-DCOM\]: Distributed Component Object Model (DCOM) Remote Protocol | Microsoft Docs

KB5004442: Manage changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414)

CVE-2021-26414: Windows DCOM Server Security Feature Bypass

https://docs.microsoft.com/en-us/windows/win32/rpc/authentication-level-constants

https://docs.microsoft.com/openspecs/windows_protocols/ms-dcom/4a893f3d-bd29-48cd-9f43-d9777a4415b0

https://docs.microsoft.com/windows/win32/rpc/authentication-level-constants

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26414

https://support.microsoft.com/en-us/topic/kb5004442-manage-changes-for-windows-dcom-server-security-feature-bypass-cve-2021-26414-f1400b52-c141-43d2-941e-37ed901c769c

https://support.microsoft.com/topic/kb5004442-manage-changes-for-windows-dcom-server-security-feature-bypass-cve-2021-26414-f1400b52-c141-43d2-941e-37ed901c769c

Devices must be restarted after setting this registry key, for it to take effect.

Note: Enabling the registry key above will make DCOM servers enforce an Authentication-Level of RPC_C_AUTHN_LEVEL_PKT_INTEGRITY or higher for activation.

To help identify the applications that might have compatibility issues after we enable DCOM security hardening changes, we added new DCOM error events in the System log:

Event 10036 is logged on the DCOM server and contains the IP address of the DCOM client.

Events 10037 and 10038 are logged on the DCOM client, not the DCOM Server machine.

The system will log these events if it detects that a DCOM client application is trying to activate a DCOM server using an authentication level that is less than RPC_C_AUTHN_LEVEL_PKT_INTEGRITY. The client device can be traced from the server-side event log and the client-side event logs can be used to find the application.

If issues are encountered during testing, contact the vendor for the affected client or server software for an update or workaround, and see the DCOM errors supported by all Windows platforms.

Additional Information:

It is important to ensure proper testing for this change. Please review the below documentation.

\[MS-DCOM\]: Distributed Component Object Model (DCOM) Remote Protocol | Microsoft Docs

KB5004442: Manage changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414)

CVE-2021-26414: Windows DCOM Server Security Feature Bypass

ps://docs.microsoft.com/en-us/windows/win32/rpc/authentication-level-consta

ps://docs.microsoft.com/openspecs/windows_protocols/ms-dcom/4a893f3d-bd29-48cd-9f43-d9777a4415b

ps://docs.microsoft.com/windows/win32/rpc/authentication-level-consta

ps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26414

ps://support.microsoft.com/en-us/topic/kb5004442-manage-changes-for-windows-dcom-server-security-feature-bypass-cve-2021-26414-f1400b52-c141-43d2-941e-37ed901c769

ps://support.microsoft.com/topic/kb5004442-manage-changes-for-windows-dcom-server-security-feature-bypass-cve-2021-26414-f1400b52-c141-43d2-941e-37ed901c769

To take action, we recommend setting up Microsoft Edge in your organization. If your organization needs legacy browser support, you should set up IE mode in Microsoft Edge as soon as possible because this is a multi-step process.

Use the Configure IE mode guided set up experience to set up IE mode in Microsoft Edge for your environment.

Create an initial enterprise site list with sites you know are IE-dependent.

Run Site Discovery in parallel to identify any unknown IE dependencies and add them to your enterprise list as you identify them.

Get helpful setup tips by watching our IE mode set-up webinar and reading our troubleshooting guide.

Use IE Driver to automate end-to-end IE mode testing.

Follow the steps here to manage your organization’s transition from IE11 to Microsoft Edge with IE mode.

Additional information:

For cost-free help with web app and site compatibility, especially if you have legacy site concerns after configuring IE mode, learn more about the App Assure program.

Read our June 15th retirement blog here.

Read our FAQ to help answer your questions and use the troubleshooting guide during setup.

Visit the Internet Explorer mode website.

Watch videos from our IE retirement YouTube playlist to learn more.

Learn more about hosting your IE mode site list in an authenticated cloud endpoint in the M365 admin center.

Read our announcement blog and browse our blog series for more information.

We always value feedback and questions from our customers. Feel free to submit either feedback or questions via Message Center.

https://aka.ms/configureiemode

https://aka.ms/IEmodeblog

https://aka.ms/IEModeFAQ

https://aka.ms/IEmodewebinar

https://aka.ms/IEModeWebsite

https://aka.ms/ietoedge

https://blogs.windows.com/windowsexperience/?p=177285

https://docs.microsoft.com/deployedge/edge-ie-disable-ie11

https://docs.microsoft.com/deployedge/edge-ie-mode-faq

https://docs.microsoft.com/en-us/deployedge/deploy-edge-plan-deployment

https://docs.microsoft.com/microsoft-edge/webdriver-chromium/ie-mode?tabs=c-sharp

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/don-t-wait-for-june-15th-set-your-own-ie-retirement-date/ba-p/3298143

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/host-ie-mode-site-lists-in-the-cloud/ba-p/3035479#M3571

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/internet-explorer-11-desktop-app-retirement-faq/ba-p/2366549

https://www.microsoft.com/fasttrack/microsoft-365/app-assure

https://youtube.com/playlist?list=PL4z1-7pjJU6wgq5AIvd4_jJssxtbyJFXn

To take action, we recommend setting up Microsoft Edge in your organization. If your organization needs legacy browser support, you should set up IE mode in Microsoft Edge as soon as possible because this is a multi-step process.

Use the Configure IE mode guided set up experience to set up IE mode in Microsoft Edge for your environment.

Create an initial enterprise site list with sites you know are IE-dependent.

Run Site Discovery in parallel to identify any unknown IE dependencies and add them to your enterprise list as you identify them.

Get helpful setup tips by watching our IE mode set-up webinar and reading our troubleshooting guide.

Use IE Driver to automate end-to-end IE mode testing.

Follow the steps here to manage your organization’s transition from IE11 to Microsoft Edge with IE mode.

Additional information:

For cost-free help with web app and site compatibility, especially if you have legacy site concerns after configuring IE mode, learn more about the App Assure program.

Read our June 15th retirement blog here.

Read our FAQ to help answer your questions and use the troubleshooting guide during setup.

Visit the Internet Explorer mode website.

Watch videos from our IE retirement YouTube playlist to learn more.

Learn more about hosting your IE mode site list in an authenticated cloud endpoint in the M365 admin center.

Read our announcement blog and browse our blog series for more information.

We always value feedback and questions from our customers. Feel free to submit either feedback or questions via Message Center.

ps://aka.ms/confi

ps://aka.ms/IEmodebl

ps://aka.ms/IEModeFAQ

ps://aka.ms/IEmodeweb

ps://aka.ms/IEModeWeb

ps://aka.ms/ietoed

ps://blogs.windows.com/windowsexperience/?p=177285

ps://docs.microsoft.com/deployedge/edge-ie-disable-i

ps://docs.microsoft.com/deployedge/edge-ie-mode-faq

ps://docs.microsoft.com/en-us/deployedge/deploy-edge-plan-deploy

ps://docs.microsoft.com/microsoft-edge/webdriver-chromium/ie-mode?tabs=c

ps://techcommunity.microsoft.com/t5/windows-it-pro-blog/don-t-wait-for-june-15th-set-your-own-ie-retirement-date/ba-p/3298143

ps://techcommunity.microsoft.com/t5/windows-it-pro-blog/host-ie-mode-site-lists-in-the-cloud/ba-p/3035479#M357

ps://techcommunity.microsoft.com/t5/windows-it-pro-blog/internet-explorer-11-desktop-app-retirement-faq/ba-p/2366549

ps://www.microsoft.com/fasttrack/microsoft-365/app-a

ps://youtube.com/playlist?list=PL4z1-7pjJU6wgq5AIvd4_jJssxtbyJFX

Learn more: Microsoft Purview eDiscovery solutions

https://docs.microsoft.com/microsoft-365/compliance/ediscovery?view=o365-worldwide

https://purview.microsoft.com/compliance

https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=85583

Learn more: Microsoft Purview eDiscovery solutions

ps://docs.microsoft.com/microsoft-365/compliance/ediscovery?view=o365-world

ps://purview.microsoft.com/compl

ps://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=85583

Additional information:

Updated Scan Cab: Download the new Scan Cab here

Out-of-band security update to address an issue with Azure Active Directory services on Arm-based devices: Details on the issue addressed in the new Scan Cab

Setting up Update Synchronizations: Guidance on synchronization needed for deployment of Scan Cab via WSUS

Synchronize software updates / Manually start software updates synchronization: Detect a Scan Cab change using Configuration Manager

Announcing a smaller WSUS Scan Cab: Learn more about WSUS and the Scan Cab process

Using WUA to Scan for Updates Offline: Windows Update Agent (WUA) can be used to scan computers for security updates without connecting to Windows Update

WSUS and the Catalog Site: The Catalog Site used by WSUS to import updates and drivers

https://docs.microsoft.com/mem/configmgr/sum/get-started/synchronize-software-updates#manually-start-software-updates-synchronization

https://docs.microsoft.com/windows/release-health/windows-message-center#2851

https://docs.microsoft.com/windows/win32/wua_sdk/using-wua-to-scan-for-updates-offline

https://docs.microsoft.com/windows-server/administration/windows-server-update-services/manage/setting-up-update-synchronizations

https://docs.microsoft.com/windows-server/administration/windows-server-update-services/manage/wsus-and-the-catalog-site

https://download.windowsupdate.com/microsoftupdate/v6/wsusscan/wsusscn2.cab

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/announcing-a-smaller-wsus-scan-cab/ba-p/2928256

Additional information:

Updated Scan Cab: Download the new Scan Cab here

Out-of-band security update to address an issue with Azure Active Directory services on Arm-based devices: Details on the issue addressed in the new Scan Cab

Setting up Update Synchronizations: Guidance on synchronization needed for deployment of Scan Cab via WSUS

Synchronize software updates / Manually start software updates synchronization: Detect a Scan Cab change using Configuration Manager

Announcing a smaller WSUS Scan Cab: Learn more about WSUS and the Scan Cab process

Using WUA to Scan for Updates Offline: Windows Update Agent (WUA) can be used to scan computers for security updates without connecting to Windows Update

WSUS and the Catalog Site: The Catalog Site used by WSUS to import updates and drivers

ps://docs.microsoft.com/mem/configmgr/sum/get-started/synchronize-software-updates#manually-start-software-updates-synchroniz

ps://docs.microsoft.com/windows/release-health/windows-message-center#285

ps://docs.microsoft.com/windows/win32/wua_sdk/using-wua-to-scan-for-updates-offl

ps://docs.microsoft.com/windows-server/administration/windows-server-update-services/manage/setting-up-update-synchronizati

ps://docs.microsoft.com/windows-server/administration/windows-server-update-services/manage/wsus-and-the-catal

ps://download.windowsupdate.com/microsoftupdate/v6/wsusscan/wsusscn2.cab

ps://techcommunity.microsoft.com/t5/windows-it-pro-blog/announcing-a-smaller-wsus-scan-cab/ba-p/2928256