18 Oct 2018

Samsung debuts the Galaxy Book2, an always on, always connected 2-in-1 PC with Snapdragon 850

Author: Athima Chansanchai
Go to Source

Samsung Galaxy Book2, open and facing right with included pen and keyboard

Samsung Galaxy Book2 with included pen and keyboard

Today’s workforce, along with the tech industry, is changing. More and more consumers are trading in traditional laptops and PCs for devices that do more – in both form factor and performance. Workers, consumers and enterprises also have an expectation of mobility, a seamless transition and integration between experiences.

If you’re often working on the go, check out a new 2-in-1 portable PC that’s on and always connected, Samsung’s new Galaxy Book2, running Windows 10 and powered by the Qualcomm Snapdragon 850 mobile compute platform.

Where LTE was once “nice to have,” more and more users are seeing the benefits of being always connected to what is important to them, both at home and at work. Fast gigabit LTE on the Samsung Galaxy Book 2 keeps you productive and connected, without having to look for a Wi-Fi connection. With Instant On, it starts up as quickly as your smartphone, so you can work, stream and download a full-length movie in HD resolution within seconds. No more “hibernating” or “sleep mode” like on traditional PCs. Multitask and get things done quickly with an ultra-fast and responsive Qualcomm Snapdragon 850 mobile compute platform.

With Windows 10, you’ll feel right at home running your favorite apps, creating spreadsheets, editing presentations and emailing files on the go. Being “Always On” requires that the Galaxy Book 2 has a powerful multi-day battery that recharges quickly, thanks to Adaptive Fast Charging. With it, you can watch up to 20+ hours of video with the immersive audio experience of Dolby Atmos and speakers tuned by AKG for true-to-life audio quality. Combine that incredible sound with a state-of-the-art Super AMOLED touch display and you’ve got a phenomenal cinematic experience wherever you go.

Power up and login instantly with the easy fingerprint scanner that opens to your touch only with Windows Hello. Galaxy Book2 ships with Windows 10 in S mode, which means you don’t have to think twice when downloading your favorite apps or visiting a website. Plus, apps available through the Microsoft Store are Microsoft-verified providing an additional level of security and protection. Windows 10 in S mode provides a streamlined, secure and battery efficient experience that is excellent for a variety of customers, particularly those who need every day browsing and apps. Users can also rest assured that the Windows app catalog gives customers the widest selection of full featured apps on Always Connected PCs.

Close-up of pen and keyboard on the Samsung Galaxy Book2

Close-up of pen and keyboard on the Samsung Galaxy Book2

Two accessories come with the Galaxy Book2 making it easy to work and play when you’re on the move: a backlit keyboard that connects on contact and adjusts to you, so you can easily switch from touch to type and a precise, pressure-responsive S Pen. Neither needs charging.

Another bonus: Samsung Flow gives users seamless file transfers between your Galaxy Book2 and your Galaxy smartphone. Start marking up a document on your Galaxy Book2, and then edit it on your phone whenever you want. And don’t worry about missing smartphone notifications—they come straight to your Always Connected PC screen so you can immediately reply to messages and social posts from your PC without skipping a beat.

Check out a video about the device on Facebook.

The Samsung Galaxy Book2 is available Nov. 2 on Samsung.com starting at $999.

Go to Source

Share this
17 Oct 2018

Introducing Component Firmware Update

Author: Microsoft Devices Team
Go to Source

The Microsoft Devices Team is excited to announce the release of an open-source model for Component Firmware Update for Windows system developers – Component Firmware Update (CFU).  With CFU, you can easily deliver firmware updates for through Windows Update by using CFU drivers.

Background

Computers and peripherals have components running their own software preprogrammed in the factory.  However, over time, the factory software (“firmware”) must be updated to support new features or fix issues.

Firmware updates for embedded components have three primary delivery mechanisms:

Each of those mechanisms have its own advantages.  Stand-alone tools can support component-specific protocols but require the user to find and download the tools and find out if an update is available and applicable.  UEFI UpdateCapsule drivers can be pushed through Windows Update but can only update components during boot-time when components may not be available or may not be attached.  The most flexible mechanism is the component-specific firmware update driver, which can support component-specific protocols and can run whenever the device is enumerated on the system.

Writing a firmware update driver for each component-specific protocol can become a burden, so we defined the Component Firmware Update (CFU) standard protocol for use in our firmware update drivers and components.  The protocol permits us to use a standardized driver and protocol to deliver firmware to any component that supports CFU.

Due to architectural differences, third-party firmware, or other issues, many of our components cannot support CFU.  We designed CFU to allow a CFU-compatible component to receive firmware by using the CFU protocol and forward it to other components using their specific protocols.  Thus, only one component in a collection of components needs to be CFU-compatible. The CFU driver delivers sub-component firmware to the primary component for forwarding to non-CFU components.

For components with very limited battery power, such as small wireless peripherals, firmware downloads are expensive operations and waste significant battery life if the firmware is ultimately rejected by the peripheral.  To avoid this, CFU “offers” a firmware image before it is downloaded, providing specific properties such as version, hardware platform, and so on.   If the primary component accepts an offer, it may still reject the firmware after download due to integrity issues that may arise during the transport of the image, or if the received image properties do not match the offered properties.

As part of our open-source effort, we are sharing the CFU protocol, driver sample, firmware sample code, and tool sample. This aims at enabling the system and peripheral developers to leverage this protocol, support their development, easily and automatically push firmware updates to Windows Update for many of their firmware components.

Goals and Non-Goals

CFU was developed with the following tenets in mind:

  • Update must occur with little or no user disruption – no “update mode” that requires the user to wait or even be aware that an update is taking place.
  • Update must be delivered through Windows Update drivers.
  • Update must be able to wait to update a device until it becomes available.
  • Drivers must not have to “know” specifics of any update package other than which component device to send it to.
  • Evaluation of the appropriateness of the update lies with the component receiving it, not in the driver.
  • Target must be able to reject firmware before it is downloaded if it is inappropriate.
  • Update must permit third-party versioning schemes to be mapped to a standardized versioning scheme.

CFU permits but does not specify:

  • Authentication policies or methods
  • Encryption policies or methods
  • Rollback policies or methods
  • Recovery of bricked firmware

System Overview

In CFU, a primary component is a device that understands the CFU protocol. This component can receive firmware from a CFU driver for itself or for the sub-components to which the component is connected. The CFU driver (host) is created by the component or device manufacturer and delivered through Windows Update. The driver is installed and loaded when the device is detected by Windows.

Primary Components and Sub-Components

A CFU-compatible system uses a hierarchical concept of a primary component and sub-components.  A primary component is a device that implements the device side of the CFU protocol and can receive updates for itself or its sub-components directly from the CFU driver. A primary component and sub-components can be internal or detachable.  A device may have multiple primary components, with or without sub-components, each with its own CFU driver.

Flow chart describing CFU Driver.

Sub-components are updated by the component after receiving a CFU firmware image that is targeted for the sub-component.  The mechanism that the component uses to update its sub-components is implementation specific between the sub-component and the primary component and is beyond the scope of the CFU specification.

Offers and Payloads

A CFU driver (host) may contain multiple firmware images for a primary component and sub-components associated with the component.

Chart showing firmware images.

A package within the host comprises an offer and a payload or image and other information necessary for the driver to load.  The offer contains enough information about the payload to allow the primary component to decide if it is an acceptable payload.  Offer information includes a CFU protocol version, component ID (and sub-component ID if applicable), firmware version, release vs. debug status, and other information.  For some devices, downloading and flashing new firmware is expensive for battery life and other reasons.  By issuing an offer, the CFU protocol avoids downloading or flashing firmware that would be rejected based on versioning and other platform policies.

The payload of a package is a range of addresses and bytes to be programmed. The bytes are opaque to the host.

Offer Sequence

The general firmware update sequence by using CFU is for the host to issue the offer of each package to the primary component.  In general, the primary component can accept, reject, or skip the offer.

  • Accept offer—The primary component is ready to accept the firmware that was offered. If an offer is accepted, the payload is immediately delivered to the primary component.
  • Reject offer—The primary component is not interested in the firmware, possibly because it already has a better firmware, or the firmware violates some other internal policy.
  • Skip offer—The primary component may be interested in the firmware, but it is choosing to skip it for now.

If the offer is rejected or skipped, the host continues to cycle through its list of offers.  The driver repeats this cycle until all offers are rejected.

The optional skip response permits the primary component to examine the entire offer list to arrange it for ordering dependencies according to internal policies. After it has prioritized the offers in the list, it can continue to skip and accept the highest priority offer when the host replays the sequence. After an offer has been accepted and installed it is subsequently rejected if offered in a later cycle because the entity is up to date.  The cycle ends when all offers have been rejected.  Because updates can change the policies themselves, such as “jail-breaking” during development, all offers are issued every cycle, even those that were previously rejected.

An offer can also be rejected if the primary component has accepted a download but must be restarted.  In this case the component can reboot itself, if the user disruption is minimal, or the update can remain pending until the next system reboot.  The host restarts the offer cycle after the reboot or component reset.

Consider an example of a device that has four components: one primary component and three sub components. Offers are made in no specific order within a cycle.  Here is a representation of a possible host offer cycle:

Flow chart showing sub components.

In an example, in the first round, all offers are skipped to see all the Offers.

Second flow chart showing sub-components.

After seeing all the offers, the primary component determines that sub-component 1 must be updated before sub-component 3, and that the order of the primary component and sub-component 2 does not matter. The component sets sub-component 3 as lower priority than sub-component 1.

In the next offer cycle, the sub-component 3 offer is skipped again because sub-component 1 has not yet been updated and is higher priority.  Each of the other offers is accepted and updated.

Third flow chart showing sub-components.

In the next round, the sub-component 3 offer is accepted because the requirement to first update sub-component 2 has been met. All other offers are rejected because they are up to date.

Fourth flow chart showing sub-components.

Finally, in the last round, all offers are Rejected because the primary component and all sub-components are up to date.

Final flow chart showing sub-components.

At this time, the host has done all it can do. It ends the update process and updates its status in Device Manager according to the update results.

So, this mechanism permits ordering of updates, even to the same entity.  For example, if a component cannot receive version Y until it has version X due to some breaking change, both versions could be included, and version Y could be skipped until version X has been applied.

CFU Driver (host) Independence

It is important to note that the host does not have to make any decisions based on content of the offers or payloads. It simply sends the offers down and sends down the payloads that are accepted. It does not have to have any logic about what it is offering.  This permits it to be reused for diverse components and sub-components by changing only the offers and payloads it contains, and the component that the driver loads on.

The host does know the standard format of the offers to send the offer command. The host needs to understand the standard format of the payloads so that it can break them into addresses and bytes to deliver to the primary component. In the payload, the host does not need to know what data those fields contain.

Payload Delivery

After an offer has been accepted, the CFU Driver (the host) proceeds to download the firmware image, or Payload.  The primary component may prepare itself to receive it upon accepting the offer, or it may wait for the download to commence before making any changes.  The primary component may optionally cache the offer to check it against the payload after the payload is delivered but if possible, must evaluate the payload on its own merit, regardless of the offer.

Payload Delivery is accomplished in three phases, essentially, beginning, middle and end.

The Payload, in simplest terms, is a set of addresses and fixed-size arrays of bytes, for example Address 0x0000 0000 and 16 associated bytes, then Address 0x0000 0010 and 16 more bytes.  These are turned into write requests, one per address in the set, with its associated bytes.

The first write request is flagged so that the Component can do any preparations that it did not do when the Offer was first accepted, such as erase memory.  After the first write request, the Driver sends more Address + Data write commands until the final write.  The final write is flagged such that the Component knows that the download is complete and that it should validate the download and invoke or forward the new firmware.

Chart showing download.

The CFU Protocol specification defines several other result codes to assist in troubleshooting failures.  See the complete specification for details.  There is also room for implementers to add other codes for their own specific purposes, such as requesting immediate resets.

Payload Validation and Authentication

One of the most important aspects of firmware update is the validation of incoming firmware.  The first line of defense is to use a reliable transport mechanism with built-in robustness, such as USB or Bluetooth. These transports have built-in CRCs and retry mechanisms so that data is delivered reliably and in order.  Interfaces such as I2C™, SPI and UART do not have those mechanisms built-in and such robustness must be provided by higher layers.  At Microsoft, we prefer to use USB or Bluetooth Human Interface Device Class (HID) protocols for CFU, with a Vendor-Specific report structure, but any bidirectional command-response based mechanism can be used.

At a minimum, the primary component should verify bytes after each write to ensure that the data is properly stored before accepting the next set of bytes.  Also, a CRC or hash should be calculated on the download in its entirety to be verified after the download is complete, to ensure that the data was not modified in transit. The delivery of a reference CRC or hash to be validated is beyond the scope of the protocol but is typically contained within the download image itself and verified by the primary component or sub-component that receives it before issuing a Result Code.

For enhanced protection, a cryptographic signature mechanism is recommended to provide end-to-end protection against accidental modification or intentional attack at any stage in the update delivery, from creation at the manufacturer to invocation by the component.  If the download is required be confidential, an encryption mechanism can also be employed. Decryption and key management is also beyond of scope of the CFU protocol specification.

After the image has been authenticated, its properties should be validated against the offer and any other internal rules that the manufacturer requires. CFU does not specify the rules to be applied — these are up to the implementer.  It is important to do this check after the update has been authenticated so that any self-declared characteristics can be considered trustworthy.

While it is possible (and recommended) for each sub-Component to validate its own images, one advantage of CFU is that the primary component can accept offers and validate the sub-component image on behalf of the sub-component by using a standardized validation algorithm devised by the manufacturer.  The manufacturer can then design the primary component to apply the firmware by using less-secure means such as ARM-SWD, JTAG or other hardware-based methods.

Payload Invocation

One of the advantages of the CFU Protocol is that it is run at the application level in the primary component.  It is not necessary to place the component in any special mode that disrupts its normal operation.  As long as the component can receive and store the incoming payload without significant disruption, it can continue to do other tasks.  The only potential disruption comes when the new firmware must be invoked.

There are two recommended means to avoid that disruption, although others are possible.  Both involve having enough storage to maintain the current running application while receiving at least one additional image.  For the primary component, this means that it requires at least twice the normal application space, one space for the running primary component application, and one space for the incoming firmware package. For sub-components whose images are smaller than the primary component image, the primary component can use the extra space to store the sub-component image in its entirety.  If the sub-component image is larger than the primary component firmware, then separate packages are necessary, and must all be downloaded successfully for the sub-component update to complete.

The first invocation method uses a small bootloader image to select one of multiple images to run when the device is reset, typically at boot time, connection or power-up. The image selection algorithm is implementation specific, but typically is based on an algorithm involving the version of code, and an indication of successful validation of that image either at boot or when it was received.  This is the most generic approach.

A second invocation method is to physically swap the memory of the desired image into the active address space upon reset.  This capability is available in some microcontrollers and can also be accomplished with logic controls on external memory address bits.  This method has a disadvantage in that it requires specialized hardware but has the advantage that all images are statically linked to the same address space, and the mechanism does not require any bootloader.

CFU Protocol Limitations

There are a few caveats around CFU.

  • CFU cannot update a “bricked” component that can no longer run the protocol, yet new firmware has the potential to brick the component if not thoroughly validated and tested.

Care must be taken when adopting any update mechanism to always test the update mechanism prior to every release.

At Microsoft, we always build a “v.next” version so that we can validate that CFU has not been broken and can validate and invoke any subsequent update properly. Unbricking the component is beyond the of scope for the CFU protocol because the device cannot run the CFU protocol.

Implementers can use other methods to prevent bricking a device, such as having a third “fallback” fail-safe firmware image that is capable of CFU but that may not provide some features, or by implementing CFU as a function of the bootloader that is called by the application. If the application fails, the bootloader can be forced to take over and either fall back or provide a ‘bare-bones’ CFU interface until it is successfully updated.

  • CFU does not provide security. Security features can easily be overlaid on top of CFU by adding features to the validation algorithms used by the component and adding necessary data structures to the downloaded images such as Public Key Digital Signatures and appropriate key management.
  • CFU requires extra memory to store the incoming images because the protocol runs as part current firmware on the primary component. This will add cost to a system for the benefit of non-disruptive updates to the system.

Updating sub-component images that are larger than the component’s available storage requires dividing the sub-component image into a set of smaller update packages called segments and applying each segment separately.

The CFU protocol does not prohibit pausing the download to while portions of the image are forwarded. Thus, it may be possible to stream a large image through the primary component without segmentation.  Such “streamed” segmentation is beyond the scope of the CFU specification.  Care must be taken that the image can be properly validated after such a download is complete, such as maintenance of a running CRC or hash, as it is not fully resident in the primary component at the end of the download.

CFU presumes that the primary component has a set of validation rules to use.  If those rules are to be changed, the component must first be successfully updated by using the old rules before new rules can be applied.

There is example source code for the Host CFU drivers and Firmware along with documentation on GitHub.  Component Firmware Update

 

Go to Source

Share this
17 Oct 2018

Announcing Windows 10 Insider Preview Build 18262

Author: Dona Sarkar
Go to Source

Hello Windows Insiders! Today, we are releasing Windows 10 Insider Preview Build 18262 (19H1) to Windows Insiders in the Fast ring AND those who have opted in to Skip Ahead.

REMINDER: As is normal with builds early in the development cycle, builds may contain bugs that might be painful for some. If this makes you uncomfortable, you may want to consider switching to the Slow ring. Slow ring builds will continue to be higher quality.

What’s new in Build 18262

See DPI Awareness in Task Manager

Interested to know which of your running apps is DPI Aware? We’ve added a new optional column to the Details tab of Task Manager so you can find out the DPI awareness per process – here’s what it looks like:

Showing the DPI Awareness category in Task Manager, with examples of Per-Monitor and System.

To show the column, right-click on any of the column headers in the Details tab, click “Select Columns”, then add “DPI Awareness” to the list. To learn more about DPI Awareness, see here.

Uninstall additional inbox apps

In 19H1, we are adding the ability to uninstall the following (preinstalled) Windows 10 inbox apps via the context menu on the Start menu All Apps list:

  • 3D Viewer (previously called Mixed Reality Viewer)
  • Calculator
  • Calendar
  • Groove Music
  • Mail
  • Movies & TV
  • Paint 3D
  • Snip & Sketch
  • Sticky Notes
  • Voice Recorder

In the Windows 10 October 2018 Update and prior, only the following inbox apps could be uninstalled via the context menu on the Start menu All Apps list:

  • Microsoft Solitaire Collection
  • My Office
  • OneNote
  • Print 3D
  • Skype
  • Tips
  • Weather

Troubleshooting improvements

Don’t feel like troubleshooting? We’ve got you covered. In previous releases, if you noticed your PC was having a problem, you would have to find the right troubleshooter and then manually walk through all the different steps to resolve it. We hear your feedback that the time that takes to do can be frustrating – why not just automatically fix issues that you know how to fix and can detect? We agree! If an issue occurs we want to get you back up and running as quickly as possible, so with Build 18262 you’ll find a new recommended troubleshooting setting under Settings > Update & Security > Troubleshoot in Build 18262. This feature uses diagnostic data you send to deliver a tailored set of fixes matching problems we detect on your device and will automatically apply them to your PC.

We’re still hard at work on this feature so it’s greyed out right now in Settings, but stay tuned for updates in future builds!

Narrator Improvements

Narrator Read by Sentence: You can now read next, current and previous sentences in Narrator. Read by sentence is available with the keyboard and with touch. Move by sentence doesn’t yet work for Braille.

  • Caps + Ctrl + Period (.) to Read next sentence
  • Caps + Ctrl + Comma (,) to Read current sentence
  • Caps + Ctrl + M to Read previous sentence

Sentence is now a new Narrator view and can be reached via Caps + Page Up or Caps + Page Down and then you can navigate with Caps + Left arrow for move by previous sentence and Caps + Right arrow for move by next sentence.

General changes, improvements, and fixes for PC

  • We fixed an issue resulting in App History being blank in Task Manager in the last flight.
  • We fixed an issue from the previous flight resulting in Task Manager’s icon in the notification area of the taskbar not staying visible while Task Manager was open.
  • We fixed an issue resulting in the upgrade to the previous flight potentially failing with error 0xC1900101. This same issue could have resulted in Office products not launching, services not starting, and/or your credentials not being accepted on the login screen after first upgrading until rebooting.
  • We fixed an issue where Settings would crash in the last few flights if in Ease of Access you clicked “Apply” on Make Text Bigger.
  • We fixed an issue where Settings in the last few flights might crash in the last few flights when clicking Check for updates or applying an updated Active Hours range.
  • We fixed an issue where Notepad wasn’t listed on the Set Defaults by App page in Settings.
  • When adding a new language in Settings, we now offer separate options for installing the language pack and setting the language as the Windows display language. We also show separate options for installing the Speech recognition and Text-to-speech features, when these features are available for the language.
  • We’ve updated the Printers & Scanners page in Settings to now include a link straight to the troubleshooter in case you need it.
  • Some Insiders may notice some changes to clipboard history – more details later.
  • We fixed an issue resulting in File Explorer not launching if invoked from a pinned Start tile when in Tablet Mode.
  • We fixed an issue resulting in the brightness sometimes resetting to 50% after a reboot.

Known issues

  • We’re investigating an issue resulting in Settings crashing when invoking actions on certain pages. This impacts multiple settings, including various links in the Windows Security section.
  • Some users may have an issue launching Inbox Apps after updating. To resolve this please check the following thread on the Answers forum: https://aka.ms/18252-App-Fix.
  • Switching audio endpoints from the volume flyout in the taskbar doesn’t work – there will be a fix for this in an upcoming flight, we appreciate your patience.
  • Task View fails to show the + button under New Desktop after creating 2 Virtual Desktops.

Known issues for Developers

  • If you install any of the recent builds from the Fast ring and switch to the Slow ring – optional content such as enabling developer mode will fail. You will have to remain in the Fast ring to add/install/enable optional content. This is because optional content will only install on builds approved for specific rings.

Insider Community

Check out the winners of our recent contests! We’re sending the winners of our Insiders2Campus Contest to Microsoft’s headquarters for a VIP experience. And ten extraordinary winners of the Windows Insider Women in Computing recently experienced the Grace Hopper Celebration, to be followed by mentoring at Microsoft HQ. Stay tuned for more future contests, exclusively for Windows Insiders.

AND join us at the European SharePoint, Office 365 & Azure Conference in Copenhagen, Denmark November 26th – 29th! Click here for all the details including a €100 discount on registration for Windows Insiders!

No downtime for Hustle-As-A-Service,
Dona <3

Go to Source

Share this
16 Oct 2018

Microsoft named a 2018 Gartner Peer Insights Customers’ Choice for Access Management

Author: Alex Simons, Corporate Vice President of Program Management, Microsoft Identity Division
Go to Source

Howdy folks,

Every day, everyone in the Microsoft Identity Division comes to work focused on helping you, our customers, make your employees, partners, and customers more productive and to make it easier for you to securely manage access to your enterprise resources.

So, I was pretty excited to learn that Microsoft was recently recognized as a 2018 Gartner Peer Insights Customers’ Choice for Access Management, Worldwide.

Image of several workers gathered around a laptop.

In the announcement, Gartner explained, “The Gartner Peer Insights Customers’ Choice is a recognition of vendors in this market by verified end-user professionals, taking into account both the number of reviews and the overall user ratings.” To ensure fair evaluation, Gartner maintains rigorous criteria for recognizing vendors with a high customer satisfaction rate.

Receiving this recognition is incredibly energizing. It’s a strong validation that we’re making a positive impact for our customers and that they value the innovations we added to Azure Active Directory (Azure AD) this year.

To receive this recognition, a vendor must have a minimum of 50 published reviews with an average overall rating of 4.2 stars or higher.

Here are few quotes from the reviews our customers wrote for us:

“Azure AD is fast becoming the single solution to most of our identity and access problems.”
—Enterprise Security Architect in the Transportation Industry. Read full review.

“Azure Active Directory is making great strides to become a highly available and ubiquitous directory service.”
—Chief Technology Officer in the Services Industry. Read full review.

“[Microsoft] has been a great partner in our implementing an identity solution [that] met the needs of our multiple agencies and provided us with a roadmap to continue to move forward with SSO and integration of our legacy and newly developed application. We were also able to set a standard for our SaaS application authentication and access.”
—Director of Technology in the Government Industry. Read full review.

Read more reviews for Microsoft.

Today, more than 90,000 organizations in 89 countries use Azure AD Premium and we manage over eight billion authentications per day. Our engineering team works around the clock to deliver high reliability, scalability, and satisfaction with our service, so being recognized as a Customers’ Choice is pretty motivating for us. It’s been exciting to see the amazing things many of our customers are doing with our identity services.

On behalf of everyone working on Azure AD, I want to say thank you to our customers for this recognition! We look forward to building on the experience and trust that led to us being named a Customers’ Choice!

The Gartner Peer Insights Customers’ Choice logo is a trademark and service mark of Gartner, Inc., and/or its affiliates, and is used herein with permission. All rights reserved. Gartner Peer Insights Customers’ Choice distinctions are determined by the subjective opinions of individual end-user customers based on their own experiences, the number of published reviews on Gartner Peer Insights, and overall ratings for a given vendor in the market, as further described here, and are not intended in any way to represent the views of Gartner or its affiliates.

Best Regards,

Alex Simons (@Twitter: @Alex_A_Simons)
Corporate VP of Program Management
Microsoft Identity Division

The post Microsoft named a 2018 Gartner Peer Insights Customers’ Choice for Access Management appeared first on Microsoft 365 Blog.

Go to Source

Share this
16 Oct 2018

Surface Pro 6 and Surface Laptop 2 available today

Author: Panos Panay
Go to Source


Surface devices

Today, we’re excited to launch the all new Surface Pro 6 and Surface Laptop 2 in markets around the world. We’ve seen great momentum already for these products and I can’t wait for our fans to experience them.

When we started on this journey with Surface, we gave people the ability to choose a device that would adapt to their lives and help them accomplish more. As the way we work and live has changed around the world Surface and Microsoft have also evolved. We’ve grown to deliver a full, integrated portfolio of products to help you do more, dream more and achieve more.

We’re a team of passionate product makers, putting our hearts into creating devices, software, apps and features to push you forward. Helping to maximize the ingenuity of our customers, so they can do and create amazing things.

We’re inspired by the artists, scientists, engineers and poets that help to shape our future. Their passion drives us and ultimately leads us to craft the next generation of devices.

Our products, a symphony of technology between Windows, Surface, Office and AI, are designed to amplify your ideas, get you into your flow and let you build what’s in your mind and heart. Like an instrument, our products, our technology fades to the background so you can focus on your craft.

But what does that mean and how does it help you?

When someone asks me that, asks why we would want beautiful devices to fade into the background, I tell them about my daughter Sophia and her piano. How when she plays there is a moment – a moment when she forgets the piano, the pedals under her feet, the bench she sits on, the sheets in front of her – and in this moment of inspiration, of greatness, she’s in her flow. It’s just her and the music. In order for that moment to happen, for her to forget about everything else, the piano must be perfectly tuned, the bench the right height, the music sheets at eye level.

For our customers, Surface, Windows, Office, and the experience they create together is the instrument. An instrument we’ve tuned perfectly to fade to the background, so you don’t have to think about all the little things, you can just get in your flow and capture those moments of greatness, of focus, of inspiration, to make the most of your time.

Girls playing piano

Get in your flow anytime, anywhere with Surface Pro 6

The first Quad-Core Processor in a Surface Pro comes to life on Surface Pro 6 – an instrument of versatility, portability and power, coming in a gorgeous, all new matte black finish.

We wanted this product to be the device you can bring with you anywhere since you never know when or where your moments of inspiration will strike.

While the refined exterior may look familiar, this is a new generation of Surface Pro, we’ve redesigned the architecture inside the device to deliver astounding power with the 8th Generation Quad-Core Intel Processor, all while still offering up to 13.5 hours of battery life.

Providing what you need to transition between work life, home life and everything in between no matter where you are. Built with Windows and Office it can handle the powerful desktop apps you need, without compromising the thin and light form factor you love.

Surface Laptop 2 – beauty and power to make the most of your ideas

The blend of beauty and incredible performance on Surface Laptop 2 keeps everything you love about the first-generation form factor with so much more built in to keep you productive and inspired.

With an all new 8th generation Quad-Core processor, Surface Laptop 2 is 85 percent more powerful than Surface Laptop.

Even with all that power Surface Laptop 2 has an incredible 14.5 hours of all-day battery life, incredible display quality, beautiful design and easy portability. The Alcantara® material covering the keyboard draws you in, a perfect tone-on-tone balance with the gorgeous colors. Every detail on this product has been thought through, from the depth of the new matte black finish to the redesign of the thermal system to keep the quiet elegance of the device.

Matte black isn’t the only new finish highlighting the incredible design of Surface Laptop 2. On Monday in Beijing, we also introduced an all new blush finish as an exclusive for the Chinese market.

You bring our products to life

Nothing inspires the team more than seeing the amazing things our customers do with our products. Surface Pro 6 and Surface Laptop 2 are available in markets around the world today, and I truly believe that when you have your hands on them, when you experience them for yourself, you will understand what it means to have technology fade to the background, so you can focus on what’s important to you and save time for what really matters.

Availability details:

Available today in Australia, Austria, Canada, China, Germany, Ireland, Japan, New Zealand, the United Kingdom and United States.

 

Go to Source

Share this
15 Oct 2018

Modernizing TLS connections in Microsoft Edge and Internet Explorer 11

Author: Kyle Pflug
Go to Source

Today, we’re announcing our intent to disable Transport Layer Security (TLS) 1.0 and 1.1 by default in supported versions of Microsoft Edge and Internet Explorer 11 in the first half of 2020.

This changealongside similar announcements from Apple, Google, and Mozilla―supports more performant, secure connections, helping advance a safer browsing experience for everyone.

January 19th of next year marks the 20th anniversary of TLS 1.0, the inaugural version of the protocol that encrypts and authenticates secure connections across the web. Over the last 20 years, successor versions of TLS have grown more advanced, culminating with the publication of TLS 1.3, which is currently in development for a future version of Microsoft Edge.

Two decades is a long time for a security technology to stand unmodified. While we aren’t aware of significant vulnerabilities with our up-to-date implementations of TLS 1.0 and TLS 1.1, vulnerable third-party implementations do exist. Moving to newer versions helps ensure a more secure Web for everyone. Additionally, we expect the IETF to formally deprecate TLS 1.0 and 1.1 later this year, at which point protocol vulnerabilities in these versions will no longer be addressed by the IETF.

For these reasons, sites should begin to move off of TLS 1.0 and 1.1 as soon as is practical. Newer versions enable more modern cryptography and are broadly supported across modern browsers.

Getting your sites and organizations ready

Most sites should not be impacted by this change. As TLS 1.0 continues to age, many sites have already moved to newer versions of the protocol – data from SSL Labs shows that 94% of sites already support TLS 1.2, and less than one percent of daily connections in Microsoft Edge are using TLS 1.0 or 1.1.

Charts illustrating data from SSL Labs which shows that 94% of sites already support TLS 1.2, and less than one percent of daily connections in Microsoft Edge are using TLS 1.0 or 1.1.

TLS support data from SSL Pulse October 2018 report; TLS connections from Microsoft Edge diagnostics for one day in September 2018

We are announcing our intent to disable these versions by default early, to allow the small portion  of remaining sites sufficient time to upgrade to a newer version. You can test the impact of this change today by opening the Internet Options Control Panel in Windows and unchecking the “Use TLS 1.0” and “Use TLS 1.1” options (under Advanced -> Security).

Kyle Pflug, Senior Program Manager, Microsoft Edge

Go to Source

Share this
13 Oct 2018

ERM contributes to a more sustainable future with Microsoft 365

Author: Guest Author
Go to Source

Today’s post was written by Richard Zotov, Group CIO at ERM.

The sustainability industry addresses the complex balancing act between supporting socioeconomic development and ensuring the healthy future of our environment and our communities. ERM employees are passionate about helping to shape a sustainable future with the world’s leading organizations. We work with the majority of Fortune 500 companies, whose activities—from drilling oil to discovering the next miracle drug—have an enormous impact on us all. Because sustainability means something different for every customer, like exploring clean energy sources or guaranteeing an ethical supply chain, ERM employees must be skilled, flexible, and agile in how they approach each engagement.

It is my goal as CIO to make sure this amazing group of more than 5,000 individuals have the best tools at their disposal as they collaborate in creative teams across 40 countries to help our customers achieve their unique business and sustainability goals. So we made the strategic decision to harness technology and data to digitalize and transform how we work. That’s when we deployed Microsoft 365 across our entire organization, from administrators in our 160 offices to mobile consultants gathering data in the field. Today, ERM employees have new tools to work faster, better, and safer, accelerating the positive, global impact of the work we do.

Now that everyone uses the same Microsoft 365 toolkit to collaborate, harness data, and streamline operations, we have a unified foundational layer for our new workplace culture. We’re connecting our entire business to be more efficient. And when it comes to security, we can meet our customers’ high standards and enhance the credibility of our security position with the Microsoft cloud platform.

This workplace transformation is really a two-pronged approach to remaining at the forefront of the sustainability industry. First, we harness technology and data to accelerate our sustainability and environmental health and safety services. The second involves looking at how we develop new revenue streams as an offshoot of our newly digitalized way of doing business.

With Microsoft 365, we are making headway with the first goal. It’s part of an enterprise-wide push to focus on exceptional customer value. For example, we have technologically transformed how we collect, store, and manage data during site investigation, one of our biggest service lines. Onsite data collection used to be a laborious manual process. Today, we use Microsoft 365 to help digitalize data collection—consultants take tablets into the field for data input and upload it for storage in the Microsoft cloud where it’s available in real-time for colleagues to analyze back at the office. Now our customers receive our reports in easily consumable Power BI dashboards, as opposed to lengthy write-ups, and we’re delivering insightful data into the hands of our customers faster.

As we gain experience in transforming our service lines using Microsoft cloud services, among others, we’ll be in a better position to explore new digital opportunities that help add value to the work we do for customers. This strategy will keep us at the leading edge of technology innovation and help maintain our competitive advantage.

As we work with the intelligent tools within the Microsoft 365 cloud platform, we empower our employees to deliver value to our customers—helping them achieve that balance between doing business and being a conscious steward of the environment. It’s great to know that ERM is adding to the global dialogue on sustainability, contributing to a healthier future for the planet.

—Richard Zotov

Read the ERM case study for more on their move to a modern workplace with Microsoft 365.

The post ERM contributes to a more sustainable future with Microsoft 365 appeared first on Microsoft 365 Blog.

Go to Source

Share this
13 Oct 2018

New inking and 3D updates bring presentation design to the next level—this and more coming to Office in October

Author: the Microsoft 365 team
Go to Source

For the last four years, we’ve been on a mission to transform Office and use artificial intelligence (AI) to make everyday tasks easier. In June, we revealed a fresh, new design for our Office apps. And just a few days ago, we announced new AI-powered features in PowerPoint and Excel.

Today, we’re making it even easier to showcase your ideas, stay organized, and create surveys and polls with the following updates:

  • With AI-powered inking and 3D updates in Word and PowerPoint, you can use a touch-enabled device and digital pen to ink your ideas and transform them into perfectly formatted content. You can also choose from 30 new 3D models with built-in animations to bring your content to life.
  • Two new updates in Outlook.com make staying on top of tasks easier and interacting with your favorite brands simpler. New integration with Microsoft To-Do helps you manage your tasks without leaving your inbox. We’re also launching a new experience to help you easily interact with the brands you love in Outlook.com.
  • To help you keep track of tasks using whatever mode is most comfortable to you, we’re adding the ability to update your tasks using ink. With your digital pen and a touch-enabled Windows device, simply add a task to your list using ink, and then strike out when complete.
  • Since releasing Microsoft Forms for education and commercial organizations, millions of people have used Forms to create surveys and quizzes. Today, the Forms Public Preview is available to our consumer customers as well.

These updates are built to help you save time and stay organized. Check out this post to learn more.

An animated image highlights new inking features in PowerPoint.

The post New inking and 3D updates bring presentation design to the next level—this and more coming to Office in October appeared first on Microsoft 365 Blog.

Go to Source

Share this
12 Oct 2018

Why and how you simplify IT with Microsoft 365

Author: Brad Anderson, Corporate Vice President for Microsoft 365
Go to Source

During this past week at Microsoft Ignite, it was an honor to spend time sitting with customers, listening to them explain what’s working and what’s not, and learning more about where they need our help.

In my session on Monday, I showed 75 minutes worth of examples of how we’ve applied a new philosophy to the way we build tools and services for IT pros. We refer to this approach to architecture, development, and end-user experience in Microsoft 365 as being “Integrated for Simplicity.” Our goal with this integrated simplicity is to make it as easy as possible for our customers to shift to a modern desktop and make their modern workplace a reality.

As part of my session on Monday, we made a series of announcements that align with this approach:

An infographic announcing new products and capabilities.

The shift to a modern desktop is an extension of what many organizations are already doing or are planning to do in the near future. There are many ways to start this process; for example, many tools and processes you’re using right nowlike ConfigMgr and Active Directorycan easily be cloud-connected. Doing this not only reduces complexityit also harnesses the power of Microsoft’s cloud-driven intelligence.

Modern desktop puts the power of the cloud in the hands of both end users and IT

The makeup of a modern desktop is simple: Windows 10 with Office 365 ProPluswhich are built in and driven by the cloud so that their scale, compute, automation, intelligence, and flexibility can simplify your IT. Supporting your end users with the Office ProPlus apps is a fundamental component of a modern desktop. These are the only apps with an artificial intelligence (AI) that can do the hard work of security while simultaneously improving and beautifying documents and presentations.

An infographic show the modern desktop: Windows 10 plus Office 365.

If you didn’t watch my session live, you can check it out in this recorded media stream. At the end of the session, I share three ways you can start using that cloud intelligence right nowand you can do these three things in minutes, not days.

1. Cloud-connect what you have today

A powerful way to begin cloud-connecting your existing infrastructure is to link your on-premises Active Directory with Azure Active Directory (Azure AD). This process is simple and it adds significant flexibility, security, and mobility to your organization’s identity.

I also strongly encourage you to cloud-connect ConfigMgr with Intune. The process takes #Just4Clicks and, once enabled, reaps immediate rewards including superior visibility into device health, as well as access to actions such as remote wipe and security features like conditional access.

For more information, you can watch the #Just4Clicks video on our Microsoft Cloud channel.

An infographic comparing on-premises versus the modern workplace.

You can also get your files up into the cloud with OneDrive Known Folder Move. This simple process immediately gives you protection from ransomware, and it improves real-time collaboration.

Find more information in our Tech Community blog, Migrate Your Files to OneDrive Easily with Known Folder Move.

2. Gain superior visibility and control

One of the many announcements we made at Ignite was the work we’ve done to merge 20+ separate web consoles into a single point of entry called the Microsoft 365 admin center. This consolidation is a part of our focus on integrated simplicity, and it features seven specialist workspaces for security, compliance, device management, and more.

An infographic showing what's available in the Microsoft 365 admin center.

I encourage you to check out the preview at admin.microsoft.com

Another simple action with big benefits is enabling conditional access so that you can better understand how corporate data is being accessed by personal devices. Configuring conditional access is easy and it dramatically increases your security posture while also reducing the risk of both intentional and accidental data leakage.

Learn more about how to enable conditional access.

In addition to support for Win32 app deployment in Intune, we also announced Intune security baselines. These baselines are pre-configured (but still customizable!) and published every month. I strongly encourage everyone using Intune to enable these as soon as possible.

More information is available in Using security baselines in your organization.

3. Shift to a modern desktop

For years, engineers at Microsoft have dreamed of building a service that learns from the millions of devices, billions of authentications, and trillions of signals in the Microsoft Cloudand then applies that information to the estates of our customers in real-time. Desktop Analytics is the realization of that dream.

Desktop Analytics is one of the most powerful tools we have ever createdand it is custom built to give IT teams the insight and information they need to deploy, manage, and service apps and devices.

An infographic about Desktop Analytics.

Desktop Analytics offers a tightly integrated, end-to-end solution that automates the mountain of work required to validate the compliance of your hardware, drivers, applications (both 3rd party and your own internally developed), as well as the Office add-ins. This doesn’t just eliminate hundreds of hours of work for IT teams, it wipes out thousands of hours otherwise spent on manual compliance checks which have chronically stolen your bandwidth at a time when you could be pursuing strategic projects that make a lasting impact on the way your company operates.

Desktop Analytics is currently in private preview (public preview will be announced soon), but you don’t need to wait to use it: The Windows Analytics service (which is part of Desktop Analytics) is available to use right now. I think you’ll be really surprised by how much Windows Analytics will simplify and improve your ability to manage devices and apps, as well as simplify the task of upgrading to Windows 10.

More information is available in Windows Analytics Overview: Device Health, Update Compliance, Upgrade Readiness.

I also want to highlight how simple and valuable it is to shift from Office perpetual to Office 365 ProPlus with the Office Customization Tool in ConfigMgr. This is proof of how easy it now is for your on-premises infrastructure and the cloud to work together to reduce the complexity of what would otherwise be arduous manual taskse.g., migrating from MSI deployments of Office perpetual editions in favor of Office 365 ProPlus Click-to-Run.

Only the Office ProPlus apps offer the AI required for these scenarios.

More information is available in Overview of the Office Customization Tool for Click-To-Run.

As you plan for the future of your organization, prioritize finishing Windows 10 upgrades before January 2020. Both Windows 7 and Office 2010 will reach the end of extended support in 2020, and based on our data, we can see that there are now more devices in the enterprise running Windows 10 than any other previous version of Windows.

If your Windows 10 deployment hasn’t also reached the halfway mark yet, now is a great time to reach out to our FastTrack team for help with upgrades, migrations, and (as of Ignite) application compatibility as part of the newly announced Desktop App Assure program.

An infographic showing the rate of Windows 10 enterprise adoption.

More information is available in Helping customers shift to a modern desktop.

Make the shift today

I started Monday’s session talking about the past instead of the future.

This look backwards focused on the little-known story of John Napier. In the early 1600s, Napier was an eccentric inventor and treasure hunter who never left his home without a wooden box of spiders in his pocket or a black rooster he considered magical. From this very unlikely source came a project 20 years and 10 million calculations in the making.

In 1614, he published a 147-page book that ushered in the technical underpinnings of the modern world. With no advanced notice or fanfare, he introduced the concept of logarithms and how to use them.

Once logarithmic tables were available, the sciences and engineering professions surged. Almost overnight, a world full of equations that could not be solved by hand within the time limits of a normal lifespan could be unraveled in minutes. This made the world a dramatically simpler place, and the sciences surged with this new, user-friendly computational technology.

Logarithmic calculations offered the means for accurate measures of planetary orbits, which led to interstellar cartography, which led to satellites and moon landings. Trade routes could now be measured and planned across oceans instead of counties. Engineers could now build things bigger, safer, and strongerwhich led to industrialization, internal combustion, and skyscrapers. In very short order mobility leapt from carts, to steam engines, to intercontinental flight, and human productivity took flight by moving from hand tools, to electricity, to the cloud.

I believe we’re at another pivotal moment in history. All hyperbole aside, I see the volume and quality of the new tools demonstrated at Ignite as a huge opportunity for IT. Not only do these tools work with and expand upon the elements you already have within your infrastructure, but they put the power of the cloud in the hands of every one of your end users. The integrated simplicity and functionality of what has been built for IT pros allows you to cloud-connect the work you are doing and use cloud-based intelligence to transform your organization.

Please evaluate and investigate all of our announcementsand don’t hesitate to share your feedback. I appreciate your partnership and I am grateful for the incredible work you do every day.

The post Why and how you simplify IT with Microsoft 365 appeared first on Microsoft 365 Blog.

Go to Source

Share this
12 Oct 2018

A new vision for modern work management with Microsoft Project

Author: Jared Spataro, Corporate Vice President for Office and Windows Marketing
Go to Source

At Microsoft, our mission is to empower every person and every organization on the planet to achieve more. Today, I’m pleased to announce a new vision for Microsoft Project and three new services designed to help people work together more efficiently.

Over the last few years, the basic organizing concept for work—the project—has changed significantly. Once a well-defined set of tasks, people, and milestones, today’s projects take on many shapes and sizes. They can be formal or ad hoc. They can last a few hours or go on for years. They can be assigned to a small group or cut across many large organizations.

As a result, whether we realize it or not, we have all become project managers. And to stay on top of the ever-shifting requirements of our day-to-day jobs, we need tools that are simple enough for anyone to use, flexible enough to support any project type, powerful enough to handle initiatives of any size, and transparent enough to provide visibility across the organization.

Modern work management

Introducing modern work management with Microsoft Project. It all starts with Home, a new service that allows you to see and manage all your projects in one place. From Home, you can easily create projects using the new project management service. Versatile by design, this new service is designed to support any role, skill level, or project type. These new Project services are born in the cloud, so teams can always access the same data—no matter where they are or what device they’re using. And they include a comprehensive set of capabilities, including resource and financial management and time and expense tracking. Future releases will allow customers to connect the full power of the Project desktop app to the service.

Work is happening across your organization all the time, and it can be hard to keep track of the details. The new Roadmap service will give you a cross-functional, big picture view of all the work in process. With Roadmap, it doesn’t matter whether your teams are using Microsoft Project or Azure DevOps (formerly VSTS). You can create timeline views of multiple projects—complete with key dates and milestones—so that all the work is visible. And in future releases, we’ll add support for Planner and third-party services like Jira, making Project your one-stop-shop for managing work across the organization. Roadmap is the first capability of Portfolio, a set of program and portfolio management services designed to be simple, visual, and intuitive.

The power of the Microsoft platform

We’ve built these new Project services to take advantage of the strengths of the broader Microsoft platform. In fact, all three new services are built on the Microsoft Common Data Service for Apps platform. This solid foundation provides a long list of benefits, including access to PowerApps and Microsoft Flow for custom business solutions and integration with Power BI for advanced analytics and reporting.

What’s next?

These new services will be introduced in a series of releases. Home is generally available today, the first release of Roadmap will be available early next year, and the first release of the new project management service will be available in the first half of next year. All three services will be packaged as a part of the Project Online Professional and Project Online Premium subscriptions, so current subscribers can take advantage of the new capabilities at no additional cost. And while these new services will become our primary project management services over time, customers who are already using Project Online can continue to do so with confidence. We are committed to your success no matter what Project service you choose to use.

We’re very excited to see what individuals, teams, and organizations will achieve with these new services in Microsoft Project! If you have questions or want to learn how to get more out of your investment in Project, you can find more details in this Tech Community blog, or contact your Microsoft representative.

The post A new vision for modern work management with Microsoft Project appeared first on Microsoft 365 Blog.

Go to Source

Share this

© 2010-2018 Alt-Tech Inc. All rights reserved.

Click Me