SMB signing required by default in Windows Insider
Heya folks, Ned here again. Beginning in Windows 11 Insider Preview Build 25381 (Canary, zn_release) Enterprise editions, SMB signing is now required by default for all connections. This changes legacy behavior, where Windows 10 and 11 required SMB signing by ... continue reading
Group Policy Analytics Framework
If we talk about pre-covid times, people were working in offices, data was monitoredcontrolled using proxy servers and firewalls etc in place. End users were keeping files using roaming profile or folder redirection. File sharing was allowed over SMB ... continue reading
Azure Stack HCI: What’s new for Software Defined Networking (SDN) with WAC v2211
A warm 2023 “Hello” to our Customers and Partners! Today is an exciting day as we share with each of you the extensive new features and improvements for SDN in Windows Admin Center 2211 (WAC)! We cannot thank you enough ... continue reading
Windows 10 or Windows 11 GPO ADMX – An Update
Hi community, I am Helmut Wagensonner, a Cloud Solution Architect – Engineer at Microsoft. In a former blog (https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/windows-10-or-windows-11-gpo-admx-which-one-to-use-for-your/ba-p/3063322), where I did a comparison between Windows 10 and Windows 11 ADMX files, I promised in my comments to do ... continue reading
How Do I Know If My AD Environment Is Impacted By The November 8th 2022 Patch?
Q: How can I determine if objects in my AD environment are impacted by the November 8th 2022 patch? A: Use a couple of queries I wrote specifically for that purpose. November 8th, 2022 brought us a patch ... continue reading

How to prevent lateral movement attacks using Microsoft 365 Defender
It’s been 10 years since the first version of the Mitigating Pass-the-Hash Attacks and Other Credential Theft whitepaper was made available, but the techniques are still relevant today, because they help prevent attackers from gaining a network foothold and using credential-dumping tools ... continue reading

DEV-0832 (Vice Society) opportunistic ransomware campaigns impacting US education sector
In recent months, Microsoft has detected active ransomware and extortion campaigns impacting the global education sector, particularly in the US, by a threat actor we track as DEV-0832, also known as Vice Society. Shifting ransomware payloads over time from BlackCat, ... continue reading

SMB authentication rate limiter now on by default in Windows Insider
Heya folks, Ned here again. Back in the spring of 2022 we released a new SMB preview feature: the SMB authentication rate limiter. It is available in Windows 11 Insider and Windows Server Insider builds. IT staff often enable access to the SMB server service ... continue reading
Upgrading your container app from Windows Server 2019 to 2022 on Azure Kubernetes Service
Note: As of the writing of this blog, Windows Server 2022 is on Public Preview on Azure Kubernetes Service (AKS). If you’ve been playing with containers, the thought of upgrading to a new OS version might seem way too simple: ... continue reading
The RC4 Removal Files Part 3 – The “Everything Else” Of It
I’m not a fan of folks that glaze over problems, not that I’m a pessimist mind you, I do my fair share of finding the bright side of bad situations. When this RC4 project started, I heard lots of optimistic ... continue reading