Today’s #MicrosoftQuickFix is that Microsoft has enabled in Microsoft Defender for Office 365 intra-organizational email protection by default for high-confidence phishing messages containing malicious or spam-based URLs!
This new feature in the Windows Defender for Office 365 Anti-spam policy controls whether spam filtering and the corresponding selected action for the spam verdict is applied to internal messages (email sent between users in your Exchange Online organization).
The deployment of this feature is complete for intra-organizational messages with the default value of High confidence phishing messages selected which will quarantine the message. This feature is available in all Microsoft Tenants worldwide!
If you don’t want to utilize this feature on intra-organizational messages it can be disabled by modifying the Anti-spam Policy setting for ‘Intra-Organizational messages to take action on’ to none.
You can also modify the Anti-spam Policy setting to apply to other spam filter verdicts.
Last week’s Microsoft Build was awe-inspiring but what’s next? Today’s #MicrosoftCloudQuickFix is that registration is open for the next premium immersion event from #Microsoft called Microsoft Inspire!
Microsoft Inspire is an annual event organized by Microsoft and serves as a platform for Microsoft to connect with its partner ecosystem, share the company’s vision, and provide insights into its product roadmap.
The event offers attendees the opportunity to engage in networking, attend keynote presentations, participate in breakout sessions, and explore the latest innovations and technologies showcased by Microsoft and its partners.
At Microsoft Inspire, attendees can gain valuable knowledge about Microsoft’s latest products, services, and solutions. They can also learn about industry trends, best practices, and strategies to enhance their businesses. At last years event there was a heavy focus on security. I would suspect this years will be heavily focused on AI offerings.
Microsoft Inspire is an important event for Microsoft and its partners, serving as a platform for knowledge sharing, collaboration, and building strong relationships. It plays a significant role in shaping the future of Microsoft’s partner ecosystem and driving innovation in the technology industry.
Though partner centric Microsoft Inspire can be a valuable source of information for customers and I would highly recommend they attend to gain visibility into Microsoft’s vision and product roadmap!
Today’s #MicrosoftCloudQuickFix – #MSBuild may be over đĽ but the Microsoft Ignite Cloud Skill Challenge – Microsoft Build Edition is now open until June 20, 2023!
There are 8 challenges to choose from and once you complete a challenge you choose you earn a đłđżđ˛đ˛ exam credit (my favorite price) for a Microsoft Certification exam on your #MicrosoftLearning account!!!
Those of you who know me know I am pretty close to a dollar. With that today’s #MicrosoftCloudQuickFix is how you can get a 50% discount off the cost of a Microsoft certification exam!!!
#MicrosoftLearn is the place to go for all the latest training direct from #Microsoft. It is a free online training platform that provides hands-on, interactive learning for products and services within the #Microsoft ecosystem.
The content is curated specifically for the self-starting #LearnItAll an Information Technology Professionals strives to be. The learning is self-paced and available to you anywhere on any device. There you can ‘build the skills that open doors’.
I have spent hours utilizing Microsoft Learn to ‘skill-up’ on #MicrosoftCloud technologies and utilize it as one of my primary resources for Microsoft certification studies.
One of my favorite ways to absorb this content for my learning style is using the Microsoft Cloud Skills Challenge. It’s a fun, free, and interactive program that provides you with access to Microsoft resources and will helpâŻyouâŻskill-up on Microsoft Cloud Technologies via a gamified experience utilizing Microsoft Learn content!
There are several learning paths to choose from and once you complete the challenge you select within the 30-day window you will earn a 50% discount voucher toward the cost of a Microsoft certification exam!!!
Today’s #MicrosoftQuickFix is that #Microsoft will soon begin sending DMARC Aggregate Reports as part of the #DMARC standard and as the owner of a domain you can request reports be sent to wherever your DMARC DNS record RUA setting points to. Is it time to revisit your #Microsoft365 domains DMARC, DKIM and SPF security settings?
Phishing attacks are getting more sophisticated and most organizations have implemented email security measures like SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) to help mitigate these risks.
Unfortunately SPF and DKIM alone do not provide 100% protection against email attacks or nefarious hackers spoofing a companies domain regardless of SPF and DKIM implementation.
DMARC (Domain-based Message Authentication, Reporting) works with SPF and DKIM to authenticate your mail senders. With a DMARC record configured youâll get reports that provide the status of your email authentication so you can improve it if needed. This helps you detect malicious emails that claim to be from your domain.
Note: DMARC reports are in XML format and contain a lot of technical data. There are several DMARC report analyzer tools available as well as third-party vendors offering DMARC reporting capabilities.
Using DMARC with SPF and DKIM gives organizations more protection against spoofing and phishing of email. DMARC also helps receiving mail systems decide what to do with messages from your domain that fail SPF or DKIM checks thru the actionable DMARC policy you specify.
DMARC Aggregate Reports will be available for all Exchange Online Protection customers beginning in late February 2023 with expected rollout to complete in late March 2023.
For more information about DMARC in Microsoft 365 see:
Have you every accidently sent an email that wasn’t ready? Sent it to the wrong person? Something you regret? Rage quit? 𤨠Any combination of the above but to a Distribution List? Or are you an Exchange Admin watching this unfold knowing what comes next… Well Microsoft is FINALLY fixing the Message Recall feature and that is today’s #MicrosoftCloudQuickFix !
For several years #Microsoft has been working on a new cloud-based Message Recall feature for Exchange Online. This week it was announced that it is finally ready and has begun rolling out to all #Microsoft365 tenants – Still need a business case for migration to #ExchangeOnline ?
The classic #MessageRecall feature was hit-and-miss at best. It was client-based requiring the recipient to have Outlook for Windows open, clunky, didn’t work if the message had been read or moved, filled the requestors mailbox with recall status email notifications, and had a success rate of about 50%.
The new Message Recall feature has a greater then 90% success rate, occurs within the Exchange Online mailbox and is no longer client based, is fast regardless of how many recipients got the message due to scale of cloud resources in Exchange Online, provides a new single status report per recalled message, and can even recall read or moved messages!
After a Message Recall request is executed the next time the recipient’s email client syncs, regardless of client now, with their Exchange Online mailbox the message should be gone. Now you can breath again…
See a feature comparison below:
Capability
Classic Message Recall
New Message Recall
Average recall success rate
40%
> 90%
Recalls are performed in the cloud
No
Yes
Recipients can use any email client to be eligible for recalls
No
Yes
Can recall read messages
No
Yes
Can recall messages from sub-folders (except Draft and Sent Items by design)
No
Yes
Single recall status report for all recipients
No
Yes
Note: Message Recall has always only been available if both you and the recipient are in the same email organization. You can not recall messages sent outside to other companies, even if they use Microsoft products, or to Gmail, Hotmail, etc.
For more information about Message Recall or how to perform one see:
Happy Valentine’s Day ⤠Here is your #MicrosoftCloudQuickFix ! #MicrosoftTeams will soon automatically lower hands in Teams meetings if that attendee has spoken! You’re going to love this feature!!! đđĽ°
Users who raise their hand in a Teams meeting and then speak will see a notification informing them that their hand will automatically be lowered shorty. The notification will allow them to keep their hand raised if they choose to. If the user doesn’t take action on the notification, their hand will automatically lower.
This feature will ensure smoother meeting facilitation for organizers and presenters. Note: This feature will only be available in the desktop versions of Microsoft Teams
Per Microsoft 365 Roadmap IDÂ 90022 look for this new feature to be in public preview this month with General Availability roll out in mid-March 2023!
Upgrades to how your Microsoft Authenticator works to include number matching by default are coming at end of February 2023. That is today’s #MicrosoftCloudQuickFix !
With so many alerts on our phones these days from text messages, email messages, stock price alerts, Amazon reorder messages, new Spotify release notifications, Elon’s Tweets, and LinkedIn post alerts from me, its easy to get fatigued and just hit whatever to dismiss the alert (except this one of course đ) and move on.
The increasing adoption of strong authentication and use of multi-factor authentication on corporate and personal accounts has added to this fatigue and spawned a technique called ‘MFA spamming’. These attacks rely simply on the users alert fatigue to approve a notification without any context to gain access.
To combat this for users using Microsoft Authenticator #Microsoft365 administrators can require users enter a number displayed on the sign-in screen when approving an MFA request in the #Microsoft Authenticator app. This feature is critical to protecting against MFA spamming attacks.
Note: If you are using ADFS/NPS there may be are some additional steps so please consult the full documentation below.
Microsoft will begin enabling this security feature for all users of the #MicrosoftAuthenticator App starting at the end of February 2023. Feature rollout controls will also be removed and as such it is recommended to begin testing and create training / change management documentation now.
Yesterday was Groundhog Day and in honor of the great movie with the same name today’s #MicrosoftQuickFix is once again (get the reference now đ) that Exchange Server 2013 is reaching end of support in 67 days from today on April 11, 2023!
After April 11, 2023, #Microsoft will no longer provide technical support for problems that may occur, bug fixes for newly discovered issues, security fixes for vulnerabilities that are discovered, and time zone updates.
Now look this doesn’t mean that because the Exchange Server software is out-of-date and no longer supported that it is going to stop working. Email will still flow, databases will still store data, mailboxes will still be accessible, but nefarious hackers will breathe a sigh of relief as the code now remains stagnant and despite “network magic” mitigation attempts all it takes is one zero-day venerability making its way in…
Note: It is a supported coexistence scenario for Exchange 2019 and Exchange 2013 provided all your Exchange 2013 servers in your organization are patched to Exchange Server Cumulative Update 21 or higher.
In either case we recommend seeking assistance and using the Exchange Deployment Assistant which is a web-based tool that asks you about your current Exchange environment and generates a custom step-by-step checklist that will help you.
Today’s #MicrosoftCloudQuickFix is that #Microsoft has released the November 2022 Exchange Server Security Updates which contain fixes for the CVE-2022-41040 and CVE-2022-41082 vulnerabilities reported at the end of September 2022 and reported discussed on my blog post below:
CVE-2022-41040 is a Server-Side Request Forgery (SSRF) vulnerability and can only be exploited by authenticated attackers while CVE-2022-41082 allows remote code execution (RCE) when PowerShell is accessible to the attacker.
The November 2022 Exchange Server Security Updates are available for Exchange Server 2013 CU23 (Note: Support ends in April 2023), Exchange Server 2016 CU22 and CU23, and Exchange Server 2019 CU11 and CU12. Since #Microsoft has been made aware of active exploits of related vulnerabilities their (and my) recommendation is to install these updates immediately!
Microsoft has indicated that #ExchangeOnline customers are already protected from the vulnerabilities addressed in the November 2022 Exchange Server Security Updates and do not need to take any action other than updating any remaining on-premises Exchange servers.
For more information about this and Exchange Server Patching see:
