Nick's IT Blog

Modernizing Windows deployment with Windows AutoPilot

Windows AutoPilot is a suite of capabilities designed to simplify and modernize the deployment and management of new Windows 10 PCs. As Rob Lefferts announced this morning, the Windows AutoPilot Deployment service marks the start of these capabilities. With Windows AutoPilot, IT professionals can customize the Out of Box Experience (OOBE) for Windows 10 PCs […]

Windows AutoPilot deployment

Get a technical overview of Windows Autopilot, a new cloud service from Microsoft that provides you with a zero-touch experience for deploying new Windows 10 devices. Learn how you can use Windows AutoPilot to enable users to set up new Windows 10 devices, ready for business use, right out of the box, and see the […]

Using PowerShell to Obtain Update Information

Here’s a quick way to obtain update information.  To search for all updates:  $Session = New-Object -ComObject Microsoft.Update.Session $Searcher = $Session.CreateUpdateSearcher() $Searcher.Search(“IsInstalled=1”).Updates | ft -a title  Example Output:   To search for a specific update:  $Searcher.Search(“IsInstalled=1”).Updates | Where {$_.Title -like “*KB4016509*”} | ft title  Example Output:    

Security baseline for Windows 10 “Creators Update” (v1703)

Microsoft is pleased to announce the beta release of the recommended security configuration baseline settings for Windows 10 “Creators Update,” also known as version 1703, “Redstone 2,” or RS2. Please evaluate this proposed baseline and send us your feedback via blog comments below. Download the content here: Windows-10-RS2-Security-Baseline Microsoft is also announcing changes to the […]

Disabling SMBv1 through Group Policy

Version 1 of the Server Message Block (SMB) protocol was developed in the early days of personal computer networking, and as Ned Pyle describes in his blog post, Stop using SMB1 there are many reasons to cease using it on your networks. We have added that recommendation to our baseline, and have exposed a way […]

Dropping the “Untrusted Font Blocking” setting

With the Windows 10 v1703 security configuration baseline, Microsoft is removing the recommendation to enable the “Untrusted Font Blocking” Group Policy setting in Computer Configuration | Administrative Templates | System | Mitigation Options. Windows 10 includes additional mitigations that make this setting far less important, while blocking untrusted fonts breaks several legitimate scenarios unnecessarily. Parsing […]

Security Compliance Manager (SCM) retired; new tools and procedures

Original Article:   Microsoft reluctantly announces the retirement of the Security Compliance Manager (SCM) tool. At the same time, we are reaffirming our commitment to delivering robust and useful security guidance for Windows, and tools to manage that guidance. Microsoft first released the Security Compliance Manager (SCM) in 2010. It was a mammoth program […]

Disable SMBv1 in your environments with Configuration Manager Compliance Settings

SourceURL:   There has been lots of buzz over the recent ransomware attacks. One of the mitigations to keep the attack from spreading is disabling SMBv1 on all your Windows workstation and servers. One of the easy ways to deploy this out, while also having reports to confirm the settings are set correctly, is […]

WannaCrypt attacks: guidance for Azure customers

SourceURL: WannaCrypt attacks: guidance for Azure customers | Blog | Microsoft Azure Jeremy Hollett Principal Engineering Manager The recent global ransomware attack, known as WannaCrypt, has brought forward the importance of running a well secured infrastructure. Whether or not you were impacted by the recent WannaCrypt malware, we recommend all Azure customers take the following […]

Next Page » « Previous Page