DOCSLIB.ORG

Windows 10 Version 1903 Und 1909 – Neuerungen Und Neue Security Features

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Windows 10 Version 1903 Und 1909 – Neuerungen Und Neue Security Features Windows 10 Version 1903 und 1909 – Neuerungen und neue Security Features Manfred Helber Twitter: @ManfredHelber www.manfredhelber.de Internal Use - Confidential A single cumulative update each month with no new features WINDOWS AS Quality • Security fixes, reliability fixes, bug fixes, etc. Updates • Supersedes the previous month’s update A SERVICE A new way to build, deploy and service Twice per year with new capabilities Windows • New features and innovation APIs and security capabilities Feature • Very reliable, with built-in rollback capabilities Updates • Simple deployment using in-place upgrade, driven by existing tools • Try them out with Insider Preview Internal Use - Confidential Windows 10 Version history End of service for Home, Pro, End of service for Enterprise Windows 10 version history Date of availability and Pro for Workstations and Education editions editions Windows 10, version 1903 May 21, 2019 December 8, 2020 December 8, 2020 Windows 10, version 1809 November 13, 2018 May 12, 2020 May 11, 2021 Windows 10, version 1803 April 30, 2018 November 12, 2019 November 10, 2020 Windows 10, version 1709 October 17, 2017 April 9, 2019 April 14, 2020 Windows 10, version 1703 April 5, 2017* October 9, 2018 October 8, 2019 Windows 10, version 1607 August 2, 2016 April 10, 2018 April 9, 2019 Windows 10, version 1511 November 10, 2015 October 10, 2017 October 10, 2017 Windows 10, released July July 29, 2015 May 9, 2017 May 9, 2017 2015 (version 1507) * Windows 10, version 1703 for Enterprise, Education, and IOT Enterprise editions were released on April 11, 2017. Note: Not all features in an update will work on all devices. A device may not be able to receive updates if the device hardware is incompatible, lacks current drivers, or is otherwise outside the original equipment manufacturer’s (OEM) support period. Internal Use - Confidential Windows 10 Version 1903 Intelligent Simplified Flexible Enhanced security updates management productivity Internal Use - Confidential Intelligent security Internal Use - Confidential Intelligent security with Windows 10 Threat Identity Security protection protection management Internal Use - Confidential Core Windows 10 Security Enhancements What’s new in Windows 10 May 2019 Update Windows Sandbox Isolated desktop environment where you can run untrusted software without the fear of lasting impact to your device Windows Defender Application Guard Standalone users can install and configure their Windows Defender Application Guard settings without needing to change Registry key settings Enterprise users are able to check their settings to see what their administrators have configured for their machines to better understand the behavior Windows Defender Application Control New features that light up key scenarios and provide feature parity with AppLocker Microphone privacy settings A mic icon appears in the notification area letting you see which apps are using your microphone Internal Use - Confidential Security management What’s new in Windows 10 May 2019 Update Windows Security app improvements Protection history Detailed and easier to understand information about threats and available actions Controlled Folder Access blocks added to Protection history Actions from Windows Defender Offline Scanning tool Any pending recommendations Tamper Protection Prevent malicious apps from changing important Windows Defender Antivirus settings Windows Defender Firewall Windows Subsystem for Linux (WSL) Add rules for WSL process, just like for Windows processes netsh.exe advfirewall firewall add rule name=wsl_python dir=in action=allow program="C:\users\<username>\appdata\local\packages\canonicalgrouplimited.ubu ntuonwindows_79rhkp1fndgsc\localstate\rootfs\usr\bin\python3.7" enable=yes Internal Use - Confidential Identity protection What’s new in Windows 10 May 2019 Update Streamlined Windows Hello PIN reset experience1,2 Microsoft account users have a revamped Windows Hello PIN reset experience with the same look and feel as signing in on the web Sign-in with Password-less Microsoft accounts Sign in to Windows 10 with a phone number account. Then use Windows Hello for an even easier sign-in experience! 1 Remote Desktop with Biometrics Azure Active Directory and Active Directory users using Windows Hello for Business can use biometrics to authenticate to a remote desktop session 1To use Windows Hello with biometrics specialized hardware, including fingerprint reader, illuminated IR sensor, or other biometric sensors is required. Hardware-based protection of the Windows Hello credential/keys requires TPM 1.2 or greater; if no TPM exists or is configured, credentials/keys protection will be software-based. Internal Use2 Not- Confidential available for all SKU’s Intelligent security with Windows 10 Threat Identity Security protection protection management Microsoft Defender Advanced Windows Hello PIN reset Windows Defender Firewall Threat Protection for WSL Password-less sign-in Windows Defender Antivirus Windows Security app improvements Remote Desktop with Biometrics improvements Windows Sandbox Protection history enhancements Mic privacy settings Tamper Protection Windows Defender Application Guard Enhancements Internal Use - Confidential Simplified updates Internal Use - Confidential Simplified updates Streamline deployment and Application compatibility updates with modern tools IT can trust Internal Use - Confidential Streamline deployment and updates What’s new in Windows 10 May 2019 Update Reserved Disk Space New and wipe-and-load installations of version 1903 will automatically reserve disk space to be used by Feature and Quality Updates, ensuring the updates do not fail for disk space reasons Automatic Restart Sign-on (ARSO) For Azure AD joined systems, Windows will automatically logon as the user and lock the device in order to complete the update, ensuring that when the user returns and unlocks the device, the update will be completed. Servicing Updates Pause updates, Background processing, intelligent Active Hours, and deferral notifications have all been enhanced Use instead of media-based to reduce the Feature Update size with Express Updates Internal Use - Confidential Streamline deployment and updates What’s new in Windows 10 May 2019 Update Delivery Optimization (DO) Improve Peer Efficiency for Enterprises/EDUs with complex networks (via a set of new Policies) New! supports Office 365 ProPlus updates, Intune content, and ConfigMgr is coming soon! Feature Rollback Improvements Supports Quality Updates and Feature Updates Initiate a rollback remotely using MDM, or trigger via ConfigMgr or other management tool Internal Use - Confidential Simplified updates Delivery Optimization (DO) Desktop App Assure Express updates Windows Insider Program for Business StreamlineServicing-based deployment feature updates and ApplicationReadyforMicrosoft365.com compatibility updates with modern tools IT can trust Feature Rollback improvements Delivery optimization Internal Use - Confidential Flexible management Internal Use - Confidential Flexible management Deliver enterprise-ready Simplify device devices easily management Internal Use - Confidential Deliver enterprise-ready devices What’s new in Windows 10 May 2019 Update Windows Autopilot 1 Enrollment Status Page (ESP) enhancements Silencing Cortana in OOBE Windows Autopilot white glove deployment Windows Autopilot is self-updating during OOBE 1 Requires Azure Active Directory Premium P1 and Intune or another MDM solution Internal Use - Confidential Simplify device management What’s new in Windows 10 May 2019 Update Mobile Device Management Policies New Group Policies and MDM policies for managing Microsoft Edge BitLocker can silently be enabled for standard AAD Joined users Updated Microsoft 365 Admin Center (preview April 2019) Intune Security Baselines (preview) Includes many settings supported by Intune that you can use to help secure and protect your users and devices. Automatically sets these settings to values recommended by security teams 1 MDM requires an MDM product such as Microsoft Intune or other 3rd-party solutions (sold separately). 2 Available in select markets. Functionality and apps may vary by market and device. Internal Use - Confidential Flexible management Windows Autopilot Mobile Device Management Windows Subscription Activation Mobile Application Management Deliver enterprise-ready WindowsSimplify Shared device Devices devices easily management Microsoft Store for Business Internal Use - Confidential Enhanced productivity Internal Use - Confidential Enhanced productivity Work Cultivate Empower smarter collaboration workstyles Internal Use - Confidential Work smarter What’s new in Windows 10 May 2019 Update Windows Shell Search for Linux files contained in a WSL distro Top apps and recent files displayed when you click in the Search bar Separating Search and Cortana1 Timeline Chrome extension adds Google Chrome activity to Timeline 1Cortana available in select markets; experience may vary by region and device. Cortana app required for Android and iOS devices (Requires Android version 4.1.2 or higher, or iPhone 4 with iOS 8.0 or higher). Internal Use - Confidential Empower workstyles What’s new in Windows 10 Update 1903 Accessibility Narrator Improvements including more voices and reading controls Ease of Access improvements including 11 new mouse pointer sizes Narrator QuickStart, a short tutorial for new users Kaomoji and Emoji Updates Tap WIN +(period) to access new kaomojis and emojis, finding the right one is a keyword
Load more

Recommended publications
  • Before the FEDERAL COMMUNICATIONS COMMISSION Washington, D.C
    Before the FEDERAL COMMUNICATIONS COMMISSION Washington, D.C. 20554 In the Matter of ) ) PN Comments – Accessibility of ) CG Docket No. 10-213 Communications Technologies ) To: Consumer & Governmental Affairs Bureau COMMENTS OF MICROSOFT CORPORATION Accessibility is a business imperative for Microsoft, as both a matter of compliance and an area ripe for innovation. We are investing in design principles and natural user interfaces that help individuals of all abilities,1 and innovating in touch, gesture, and speech recognition that can be used to improve communications services available to people with disabilities. Some of our innovations were not designed exclusively for accessibility, such as the work we’ve done on the Windows touch interface, or Bing’s voice-activated search for our Windows Phone digital personal assistant Cortana. Other innovation is focused on helping people with disabilities, such as Microsoft’s partnership with the UK non-profit “Guide Dogs for the Blind” to enable better independent mobility, which we discuss below. In implementing the Twenty-First Century Communications and Video Accessibility Act of 2010 (“CVAA”), the Commission has left space for such innovation to occur by avoiding overly prescriptive regulations and setting reasonable compliance deadlines that provide industry time to research break-through solutions. For a company like Microsoft, that is already investing 1 Microsoft, Digital Inclusion and Natural User Interface Technology: A Policy Framework, http://download.microsoft.com/download/C/1/A/C1AA2411-C3AE-4D21-8C46- F33CE49BBFCF/Digital-Inclusion-Natural-User-Interface-Technology.pdf. in accessibility solutions and offers a multitude of devices, software and services to a wide range of customers around the world, that space is key for us to best use our technological know-how to deliver accessibility advancements that benefit people with disabilities.
    [Show full text]
  • 1 Table of Contents List of Figures
    Table of Contents List of Figures ..................................................................................................................... 4 List of Tables ...................................................................................................................... 5 Chapter 1: Introduction....................................................................................................... 6 1.1 Introduction....................................................................................................................6 1.2 Problem Statement .......................................................................................................12 1.3 Thesis Objective...........................................................................................................12 1.4 Thesis Organization.....................................................................................................14 Chapter 2: Intrusion Detection.......................................................................................... 15 2.1 Introduction..................................................................................................................15 2.2 What is an IDS .............................................................................................................15 2.2.1 The Basic Concepts of Intrusion Detection......................................................16 2.2.2 A Generic Intrusion-Detection System.............................................................17 2.2.3 Characteristics of
    [Show full text]
  • Steps to Disable Or Uninstall Skype for Business Method 1: Disable Skype for Business Via Skype Settings
    Steps to Disable or Uninstall Skype for Business Method 1: Disable Skype for Business via Skype Settings To disable this feature to prevent it from starting up, please following the instruction below. Step 1: Open the Settings of Skype for Business, navigate to the Tools tab and choose the Options option. Step 2: Select the Personal option from the left side, and uncheck Automatically start the app when I log on to Windows 10 and Start the app in the foreground, and then click the OK button to confirm the changes. Step 3: Click the Settings button again on the Skype for Business interface and choose File then Exit. After the three steps, you have successfully disabled Skype for Business from your PC and you will no longer see it although it is still on your computer. Method 2: Uninstall Skype for Business via Control Panel This method requires you to clear all your profile cache for the Skype for Business account and then uninstall it from Windows 10 via Control Panel. Here is the detailed tutorial on uninstalling Skype for Business. Step 1: Open your Skype for business and then sign out of this application. Step 2: In the Sign in interface, please click the Delete my sign-in info option. Note: This step will clear all your profile cache for the Skype for Business account and will disable the auto sign-in when the application opens. Step 3: Close Skype for Business. Step 4: You should uninstall Skype for Business like any other software on your computer. Click on the Windows button in the bottom left of your screen and type Control Panel.
    [Show full text]
  • Blackbaud CRM Security Guide
    Security Guide 11/10/2014 Blackbaud Direct Marketing 4.0 Security UK ©2014 Blackbaud, Inc. This publication, or any part thereof, may not be reproduced or transmitted in any form or by any means, electronic, or mechanical, including photocopying, recording, storage in an information retrieval system, or oth- erwise, without the prior written permission of Blackbaud, Inc. The information in this manual has been carefully checked and is believed to be accurate. Blackbaud, Inc., assumes no responsibility for any inaccuracies, errors, or omissions in this manual. In no event will Blackbaud, Inc., be liable for direct, indirect, special, incidental, or consequential damages resulting from any defect or omission in this manual, even if advised of the possibility of damages. In the interest of continuing product development, Blackbaud, Inc., reserves the right to make improvements in this manual and the products it describes at any time, without notice or obligation. All Blackbaud product names appearing herein are trademarks or registered trademarks of Blackbaud, Inc. All other products and company names mentioned herein are trademarks of their respective holder. Security-2014 Contents CONTENTS I SECURITY 1 Fundamentals of Security 1 APPLICATION USERS 3 Search for Users 3 Application User Records 4 Add an Application User 4 Edit Users 5 Delete Users 6 Grant/Revoke Users Administrator Rights 6 Run the Program as a Selected User 6 Organisational Unit Record 7 Application Users Page 8 Manage System Roles of an Application User 8 Add System Roles
    [Show full text]
  • Opening Skype on Windows 10
    Skype Opening Skype on Windows 10 ................... 1 Making a Video Call ..................................... 3 Checking Your Audio & Video .................... 2 Accepting a Video Call .................................4 Using Skype ................................................. 3 Installing Skype ........................................... 5 Finding Someone ........................................ 3 Opening Skype on Windows 10 1. On a Windows 10 computer, in the lower left corner click the Windows icon. 2. Type in “Skype” and as soon as you see “Skype” click on that selection, and enter your Skype username and password if prompted. If you do not already have a Skype account, you can easily create one—they are free. You can even create a Microsoft account just for Skype at https://outlook.live.com/owa Checking Your Audio & Video 1. Open Skype. 2. In the left pane, in the top right corner, click on the ellipse (…). 3. Your Settings open. 4. In the left pane, select Audio & Video. 5. In the Camera section your live picture should appear. If it does not, see if there is an option above your picture, and try selecting a different web camera. 6. Scroll down until you see the Audio section. Test your microphone and speakers and adjust the volume as needed. 7. Close the dialog box by clicking the X in the top left corner. Using Skype Once you open Skype, you will select someone to call from the left pane. You have some important options there: Search, Chats, Contacts The first couple times you use Skype you may need to search for your friends and family. You can search by name or email address associated with their Skype account.
    [Show full text]
  • Drivers for Windows NVIDIA Display Properties Desktop User’S Guide
    nViewGuide_.book Page 1 Wednesday, May 14, 2003 11:29 PM Drivers for Windows NVIDIA Display Properties Desktop User’s Guide Driver Version: Release 40 4th Edition NVIDIA Corporation May 2003 nViewGuide_.book Page 2 Wednesday, May 14, 2003 11:29 PM NVIDIA Display Properties User’s Guide Published by NVIDIA Corporation 2701 San Tomas Expressway Santa Clara, CA 95050 Copyright © 2003 NVIDIA Corporation. All rights reserved. This software may not, in whole or in part, be copied through any means, mechanical, electromechanical, or otherwise, without the express permission of NVIDIA Corporation. Information furnished is believed to be accurate and reliable. However, NVIDIA assumes no responsibility for the consequences of use of such information nor for any infringement of patents or other rights of third parties, which may result from its use. No License is granted by implication or otherwise under any patent or patent rights of NVIDIA Corporation. Specifications mentioned in the software are subject to change without notice. NVIDIA Corporation products are not authorized for use as critical components in life support devices or systems without express written approval of NVIDIA Corporation. NVIDIA, the NVIDIA logo, Accuview Antialiasing, Detonator, Digital Vibrance Control, GeForce, nForce, nView, NVKeystone, PowerMizer, Quadro, RIVA, TNT, TNT2, TwinView, and Vanta are registered trademarks or trademarks of NVIDIA Corporation in the United States and/or other countries. Intel and Pentium are registered trademarks of Intel. DirectX, Microsoft, Microsoft Internet Explorer logo, Outlook, PowerPoint, Windows, Windows logo, Windows NT, and/or other Microsoft products referenced in this guide are either registered trademarks or trademarks of Microsoft Corporation in the U.S.
    [Show full text]
  • How to Set up Cortana (Or Remove Her) in Windows 10
    How to set up Cortana (or remove her) in Windows 10 Cortana, the personal digital assistant feature in Windows 10, will help you complete tasks, make it to your appointments on time, send messages and emails on your behalf, research the web and even launch applications. Orignally released with the Windows Phone (and named after the AI character from Microsoft's Halo franchise, looks to be a key element in the Windows 10 operating system. To begin the set up process, click or tap the microphone icon in the search bar and say "Hey Cortana" (if listening is enabled), followed by your question or search term. When properly set up Cortana is a powerful digital assistant. Start by clicking into the Cortana search box, and waiting for the results pane to appear. In the top- left corner of this, click the “hamburger” menu and then open Notebook. This tool allows you to determine what information Cortana can gather about you, and the more data she has, the more she can do. Cortana will have already asked you to input your name, but you can change this and more by opening About Me. Here, set the name you want her to use. Under Settings you can enable tracking info by switching on Find flights and more, which analyses your emails for such details. The Settings screen also enables you to toggle whether Cortana responds to “Hey, Cortana” which is very similar to Android’s “OK, Google“–the system will constantly be on the look-out for you saying this phrase, and will open Cortana when it is detected.
    [Show full text]
  • Guide to Hardening Windows 10 Technical Guide
    NOVEMBER 2020 Guide to Hardening Windows 10 For Administrators, Developers and Office Workers TABLE OF CONTENTS Introduction .......................................................................................................................... 4 Prerequisites ............................................................................................................................ 4 User roles ................................................................................................................................. 4 EFI (BIOS) Configuration ...................................................................................................... 5 To be enabled: ......................................................................................................................... 5 To be disabled: ......................................................................................................................... 5 Windows Defender Firewall .................................................................................................. 6 Enable logging of dropped packets ............................................................................................. 6 Disable enforcement of local rules and disable notifications .......................................................... 7 Block outbound connections by default ....................................................................................... 8 Secure potentially vulnerable protocols ......................................................................................
    [Show full text]
  • Implementing Remote Credential Guard and Remote Admin Mode on Domain-Joined Windows 10 Clients
    INF258x: Implementing Remote Credential Guard and Remote Admin mode on Domain-joined Windows 10 Clients Estimated Time: 30 minutes You have a domain-joined Windows 10 client computer. You plan to take advantage of the Remote Desktop Credential Guard and Restrict Admin mode to protect credentials during Remote Desktop sessions between Windows 10 client and Windows Server 2016 computers. Objectives After completing this lab, students will be able to: • Implement Remote Credential Guard. • Implement the Restricted Admin mode. • Verify functionality of Remote Credential Guard and the Restricted Admin mode. Lab environment The lab consists of the following computers: • LON-DC1 – a Windows Server 2016 domain controller in the adatum.com single-domain forest. • LON-SVR1 – a Windows Server 2016 domain member server • LON-CL1 – a Windows 10 Pro or Enterprise version 1607 (or newer) domain member computer with Remote Server Administration Tools for Windows 10 All computers have Windows PowerShell Remoting enabled and have Internet connectivity Remote Desktop connections protected with Credential Guard have the following characteristics: • Require Windows 10 version 1607 (or newer) or Windows Server 2016 • Enforce of Kerberos authentication (NTLM is not allowed). • Require that both computers (a Remote Desktop client and a Remote Desktop host) are members of the same Active Directory domain or trusted Active Directory domains (Kerberos is enforced) • Support connecting with non-Administrative credentials (as a member of the Remote Desktop Users group)
    [Show full text]
  • Metasys Server Installation and Upgrade Instructions Code No
    Metasys Server Installation and Upgrade Instructions Code No. LIT-12012162 Software Release 10.0 Issued April 15, 2019 Welcome.....................................................................................................................................3 Getting Started...........................................................................................................................3 Summary of Changes.........................................................................................................................4 Prerequisite Software Checklist for Installation and Upgrade.......................................................4 Recommended OS and SQL Server Combinations.........................................................................7 Upgrade Pre-Work Checklist..............................................................................................................8 Metasys Server Installation.....................................................................................................10 Installing Unified Metasys Server on Desktop Computer.............................................................10 Installing Unified Metasys Server on Server Computer................................................................12 Installing Unified Metasys Server and SCT on Desktop Computer.............................................14 Installing Unified Metasys Server and SCT on Server Computer................................................17 Installing a Split Metasys Server and SCT.....................................................................................20
    [Show full text]
  • Lesson 14: Creating and Managing Active Directory Users and Computers
    Lesson 14: Creating and Managing Active Directory Users and Computers MOAC 70-410: Installing and Configuring Windows Server 2012 Overview • Exam Objective 5.2: Create and Manage Active Directory Users and Computers • Creating User Objects • Creating Computer Objects • Managing Active Directory Objects © 2013 John Wiley & Sons, Inc. 2 Creating User Objects Lesson 14: Creating and Managing Active Directory Users and Computers © 2013 John Wiley & Sons, Inc. 3 Creating User Objects • The user account is the primary method for authentication on a network. • Usernames and passwords are validated at log on by comparing entered information to the information stored in the AD DS database. © 2013 John Wiley & Sons, Inc. 4 Types of Users • Local users: These accounts can only access resources on the local computer and are stored in the local Security Account Manager (SAM) database on the computer where they reside. • Domain users: These accounts can access AD DS or network-based resources, such as shared folders and printers. o Account information for these users is stored in the AD DS database and replicated to all domain controllers within the same domain. © 2013 John Wiley & Sons, Inc. 5 Built-In User Accounts Administrator and Guest • On a member server or standalone server: The built-in local Administrator account has full control of all files as well as complete management permissions for the local computer. • On a domain controller: The built-in Administrator account created in Active Directory has full control of the domain in which it was created. The Administrator account cannot be deleted, but it can be renamed. © 2013 John Wiley & Sons, Inc.
    [Show full text]
  • Caverns Measureless to Man: Interdisciplinary Planetary Science & Technology Analog Research Underwater Laser Scanner Survey (Quintana Roo, Mexico)
    Caverns Measureless to Man: Interdisciplinary Planetary Science & Technology Analog Research Underwater Laser Scanner Survey (Quintana Roo, Mexico) by Stephen Alexander Daire A Thesis Presented to the Faculty of the USC Graduate School University of Southern California In Partial Fulfillment of the Requirements for the Degree Master of Science (Geographic Information Science and Technology) May 2019 Copyright © 2019 by Stephen Daire “History is just a 25,000-year dash from the trees to the starship; and while it’s going on its wild and woolly but it’s only like that, and then you’re in the starship.” – Terence McKenna. Table of Contents List of Figures ................................................................................................................................ iv List of Tables ................................................................................................................................. xi Acknowledgements ....................................................................................................................... xii List of Abbreviations ................................................................................................................... xiii Abstract ........................................................................................................................................ xvi Chapter 1 Planetary Sciences, Cave Survey, & Human Evolution................................................. 1 1.1. Topic & Area of Interest: Exploration & Survey ....................................................................12
    [Show full text]