Urgent Security Patches for Exchange and Outlook, Microsoft 365 Co-Pilot, Authenticator Lite, and more: Practical 365 Podcast S3 E23

• Post author:By Steve Goodman

In this week's show, Steve and Paul discuss Microsoft 365 Copilot. Not a sat-nav for your car, powered by the Microsoft Cloud, but an AI assistant that can help people with their daily tasks using OpenAI technologies. And nearly an episode doesn't go by without Exchange patches - but this time the Outlook issues could be pretty serious, so make sure you take a listen. Talking of Outlook - authenticator comes to mobile Outlook - is it a good thing? Plus much more..

• Podcasts

March 20, 2023

9 Comments

Microsoft Launches Microsoft 365 Copilot

• Post author:By Tony Redmond

On March 16, Microsoft launched its latest AI-powered innovation in Microsoft 365 CoPilot, aimed at using AI to remove the drudgery of many Office tasks. We don't know when the new capabilities will be available or what they will cost. The demos looked wonderful, but how things work out when exposed to real users is an entirely different manner. Time will tell!

• Microsoft 365

March 17, 2023

Join Tony, Steve, and More Experts at the TEC European Roadshow in April! 

• Post author:By Jennifer LuPiba

The best hybrid Active Directory and Microsoft 365 security experts are going on the road to bring our European friends a taste of The Experts Conference (TEC). Join us in London (17 April), Paris (19 April), and Frankfurt (21 April) for unmatched advice from experts such as Tony Redmond, Steve Goodman, and more!

• Blog

March 16, 2023

48 Comments

Outlook Elevation of Privilege Vulnerability Leaks Credentials via NTLM

• Post author:By Tony Redmond

Among the latest set of patches released by Microsoft, a fix for CVE-2023-23397 is available to fix an NTLM vulnerability in Outlook for Windows clients. The update closes a hole where attackers can use specially formatted messages to force NTLM credentials to be sent outside the organization.

• Exchange Server

March 15, 2023

6 Comments

Why Microsoft 365 License Assignment Dates Can Be Misleading

• Post author:By Tony Redmond

Microsoft 365 tenant administrators might want to know when user accounts receive a specific license. Unhappily, Azure AD license assignment dates can mislead, so some interpretation and personal knowledge might be needed to find out just when a user was licensed.

• Azure Active Directory

March 14, 2023

How Quickly do Threats leak from a Compromised AD into the Cloud?

• Post author:By Thijs Lecomte

As organizations move to the cloud, on-premises environments (and their security) are put in the background as the focus shifts to the cloud. Nevertheless, most organizations I know are in a hybrid scenario where the on-premises environment holds the master data and synchronizes everything into Azure Active Directory. This blog explores how an on-premises environment is connected to the cloud and how an attacker might move from on-premises to the cloud laterally.

• Active Directory

March 13, 2023

9 Comments

Use PowerShell to Look Up IP Address Geolocation Data

• Post author:By Tony Redmond

Many Microsoft 365 and Exchange Server logs contain IP addresses. To find out where the IP addresses come from and if they are internal or external, PowerShell developers can use online web-based geolocation services. It's important not to overuse the services because you could be throttled.

• PowerShell

March 13, 2023

Practical Protection: Keeping Track of Office Patch Updates

• Post author:By Paul Robichaux

Managing Office updates is one of those thankless tasks, like taking out the recycling, that is sometimes wearisome but contributes to making the world a better place. This article covers how you can keep track of these updates, and what can go wrong if you don't.

• Microsoft 365

March 8, 2023

10 Comments

Azure AD System-Preferred Authentication Policy

• Post author:By Tony Redmond

Azure AD system-preferred authentication means that users must use their strongest authentication method when they sign-into Azure AD. The change emphasizes the desirability of strong authentication methods over weak. Now in preview, Microsoft plans to make the policy effective for everyone in July 2023.

• Azure Active Directory

March 7, 2023

One comment

Free/Busy Sharing with Multiple Exchange Servers and Microsoft 365 Tenants

• Post author:By James Yip

My team has recently worked on some projects featuring multi-tenant and multi-Exchange environments. A common requirement for all projects is the ability to share free/busy information across all environments. In this article, I will dive into using free/busy sharing with Exchange/Microsoft 365 in the worldwide cloud. Sharing Free/Busy Information Let’s start with the obvious issues: […]

• Exchange Online

March 6, 2023

Exchange Online Connectors, Pay as you Go with Syntex, Viva Sales and new Teams experiences rolling out: Practical 365 Podcast S3 E22

• Post author:By Steve Goodman

On the show this week, find out what's happening with recent changes to Exchange Online that might cause a delay if you're setting up a fresh Hybrid environment; plus security recommendations for your on-premises Exchange environment. If you're getting into Viva Sales, we discuss what the new OpenAI GPT add-in does. Creepy or useful - you decide! Plus Microsoft Syntex's PAYG model goes live and Teams gets user experience changes that your users will certainly notice.

• Podcasts

March 3, 2023

11 Comments

Using Microsoft Translator with PowerShell for Automatic Translation of Sensitivity Labels

• Post author:By Tony Redmond

Sensitivity labels support local language values, meaning that you can translate the display name and tooltip for labels so that they appear in the language chosen by a user. Most people don't both because it's painfully slow to insert the translated strings for multiple languages. However, when you apply a mixture of PowerShell and the Microsoft Translator service, the task becomes so much easier.

• PowerShell

February 28, 2023