Posted by: kurtsh | January 22, 2018

RELEASE: January 2018 Update for Office for Mac 2016

imageThe January update build of Office for Mac 2016 contains the following new features. Items are linked to help content when available.

We officially changed from 15.x builds to 16.x builds for Office 2016 for both subscription and perpetual license customers. Customers who are on 15.x builds should upgrade to 16.x builds as soon as possible to continue to receive security patches and hotfixes for Office 2016.

With this release, Co-Authoring is now available on the Mac.




  • Edit with others in real time: Thumbnails in the upper-right corner of the window show who else is working with you in a shared document. Flag icons show where others are working and you can view changes as they type.
  • AutoSave Changes are saved automatically for documents, worksheets, and presentations stored in the cloud, and you can see others’ updates in seconds. Need to roll back? Check the version history for a list of changes and access to earlier versions.
  • Quickly access your sites and groups: Quickly find presentations stored in your frequently used sites and groups in the Open menu.


  • Collaborative editing: Work with others at the same time in your workbook. Thumbnails in the upper-right corner of the window show who else is viewing or editing the file with you.
  • AutoSave Changes are saved automatically for documents, worksheets, and presentations stored in the cloud, and you can see others’ updates in seconds. Need to roll back? Check the version history for a list of changes and access to earlier versions.
  • More charts: Use new charts, such as funnel, sunburst and histogram, to transform your data into professional visualizations, or use the new Map chart type to transform geographic data into a map with just a few steps.
  • More functions: Shorten the formulas you write using the new logical functions IFS and SWITCH.
  • Quickly access your sites and groups: Quickly find presentations stored in your frequently used sites and groups in the Open menu.
  • Better support for PivotTable charts: Change your filters in a PivotTable, and the chart you created will automatically adjust to show exactly what you want.
  • Multi-threaded calculation Formulas are updated faster when values are changed, because Excel uses multiple processing threads.


  • Archive or delete with just one swipe: Save time organizing your Inbox by swiping left with two fingers across the touchpad to archive an email or swiping right to delete it.
  • Support for Google Calendar and Contacts: No need to move between apps! Manage your Google Calendar and Contacts without leaving Outlook.


  • Edit with others in real time: Thumbnails in the upper-right corner of the window show who else is working with you in a shared document. Flag icons show where others are working and you can view changes as they type.
  • AutoSave Changes are saved automatically for documents, worksheets, and presentations stored in the cloud, and you can see others’ updates in seconds. Need to roll back? Check the version history for a list of changes and access to earlier versions.
  • See what’s changed: Slides that have been modified by others while you were away are highlighted.
  • A quick start to your research: Starting from scratch is hard. QuickStarter automatically creates an outline for your topic of choice with suggested talking points and designs that make your presentation pop.
  • Trim media: Remove unwanted content from the beginning or end of an audio or video clip.
  • Quickly access your sites and groups: Quickly find presentations stored in your frequently used sites and groups in the Open menu.
  • Laser pointer in Slide Show: Use your mouse as a laser pointer to draw attention to certain parts of your slide.


  • No New Features


Office Insiders Slow channel went live on January 8, 2018 with Version 16.9.0 (Build 18010702)

Production channel went live on January 18, 2018 with Version 16.9.0 (Build 18011602)


This release contains these Security Updates documented in the following articles:

  • CVE-2018-0792: Microsoft Word Remote Code Execution Vulnerability
  • CVE-2018-0794: Microsoft Word Remote Code Execution Vulnerability
  • CVE-2018-0793: Microsoft Outlook Remote Code Execution Vulnerability

Release notes, What’s New and update history articles for Office 2016 for Mac.

The following content is available to customers.

The following user assistance content is updated each month with descriptions of new features.

What’s new for Office 365 – Latest updates for Windows Desktop

What’s New in Access 2016

What’s New in Excel 2016

What’s New in OneNote 2016

What’s New in PowerPoint 2016

What’s New in Outlook 2016

What’s New in Word 2016

What’s New in Visio 2016

What’s New in Project 2016

imageIf you are a SQL Server customer with Software Assurance, you will soon be able to use your existing SQL Server licenses toward Azure SQL Database Managed Instance and pay only for the underlying compute and storage.

What is SQL Database Managed Instance?
SQL Database Managed Instance is an expansion of the existing SQL Database service, providing a third deployment option alongside single databases and elastic pools. It is designed to provide the strongest compatibility with existing SQL Server applications for database lift-and-shift to a fully managed PaaS, without application changes. SQL Database Managed Instance provides additional compatibility with key features available with the SQL Server programming model and out-of-the-box support for the large majority of SQL Server features, like SQLAgent, Change Data Capture, DBMail and Service Broker, to name a few, and accompanying tools and services.

What is Azure Hybrid Benefit for SQL Server?
Azure Hybrid Benefit for SQL Server helps you maximise the value from your current licence investments and accelerate your migration to the cloud. The Azure-based hybrid benefit enables you to use your SQL Server licences with Software Assurance to pay a reduced rate for Azure SQL Database Managed Instance.

What products are eligible for Azure Hybrid Benefit for SQL Server?

This hybrid benefit is only available for use with Azure SQL Database Managed Instance.

When will Azure Hybrid Benefit for SQL Server be available?

Further details about the programme and how you can participate will be coming in Q1 CY2018.

imageThis is a PowerPoint deck that goes over the recent Spectre/Meltdown concern for Enterprise customers.  It doesn’t have any indicators that it’s NDA or anything and I think the material is pretty important to everyone so… here’s the document for download:

Here’s some additional information on specifics that IT Professionals should know:

Additional Info / Frequent Questions:

Details for the registry keys:

FeatureSettingsOverride represents a bitmap that overrides the default setting and controls which mitigations will be disabled. Bit 0 controls the mitigation corresponding to CVE-2017-5715 and Bit 1 controls the mitigation corresponding to CVE-2017-5754. The bits are set to “Zero” to enable the mitigation and to “One” to disable the mitigation.

FeatureSettingsOverrideMask represents a bitmap mask that is used in conjunction with FeatureSettingsOverride and in this case, we use the value 3 (0x11) which indicates the first two bits that correspond to the available mitigations. This registry key is set to 3 both when we want to enable the mitigations and to disable the mitigations.

MinVmVersionForCpuBasedMitigations is for Hyper-V hosts. This registry key defines the minimum VM version that will be able to use the updated firmware capabilities (CVE-2017-5715). We set this to 1.0 to cover all VM versions. Note that this registry value will be ignored (benign) on non-Hyper-V hosts. For more details, see

Why is Edge and IE listed as an “affected product?”

  • Variant 1 of Spectre will exploit JaveScript, so both Edge and IE need to be harden by the update.

Why is SQL listed as an “affected product?”
SQL is listed as being vulnerable to “Side channel attacks.”   SQL is a bit unique when compared to most Windows applications in that it talks directly to the underlying hardware through an OS like later aptly called SQLOS.

Will the patch handle KVAS or KPTI?
No.  According to this link, once the update is installed it is recommended to choose the listed scenario and follow recommendations on whether to enable KVAS or KPTI.

Will the patch install the needed registry key?
No.  This is why Antivirus needs to be updated first.  The Anti-Virus vendors will add the necessary registry key that is needed to protect the users once the patch is installed.  So guidance is to update the anti-virus first.

Regarding AMD Based Devices

Overview of Meltdown and Spectre (not a Microsoft link)
Official advisories by vendor

Posted by: kurtsh | January 11, 2018

INFO: Doing Dev/Test in Azure & “Azure DevTest Labs”

imageAzure provides a great environment for dev/test.  This is true both for scenarios where you want to:

  1. Dev/test in the cloud and then run the production app in the cloud
  2. Dev/test in the cloud and then run the production app using an existing on-premises server environment.

Azure’s IaaS and Virtual Networking capabilities make it really easy to enable enterprise development teams to use the cloud to do this.  Using the cloud for dev/test enables development teams to work in a flexible, agile, way without ever being bottlenecked waiting for resources from their IT department.  Development teams can instead use Azure in a self-service way to spin up or down resources in minutes.  And then when they are ready to deploy their apps they can choose to do so either in the cloud or using their existing on-premises servers.  This later option makes it really easy to start leveraging the cloud even without having to fully bet on it yet for production scenarios.

We announced a number of enhancements to Azure that make it an even better environment in which to do dev/test:

  • No Charge for Stopped VMs
  • Pay by the Minute Billing
  • MSDN Use Rights now supported on Azure
  • Heavily Discounted MSDN Dev/Test Rates
  • MSDN Monetary Credits
  • Portal Support for Better Tracking MSDN Monetary Credit Usage

The combination enables an amazing Dev/Test cloud solution, and an unbeatable offer for all MSDN customers

INSTRUCTIONS ON USE:  MSDN Dev/Test offer in the Enterprise Agreement (EA)*:

As an Azure Enterprise Administrator, you can now enable Account Owners at your organization to create subscriptions based on the new EA MSDN Dev/Test offer. You can do this by checking the box under the MSDN column for that Account Owner from within the Enterprise Portal. In order for this to function correctly, please let the Account Owner know once you’ve made this change so that they can set up the EA MSDN Dev/Test subscriptions needed for your teams of MSDN subscribers. This new offer enables your active MSDN subscribers to run development and testing workloads on Azure at special dev/test rates, with access to the full gallery of MSDN images including Windows 8.1 and Windows 10.
To set up the Enterprise MSDN Dev/Test offer:

  1. Log in as the enterprise administrator 
  2. Go to accountsmanage departments and accounts
  3. Go to the account where you would like to enable dev/test MSDN access
  4. Select the MSDN checkbox per column
  5. EA MSDN subscriptions will be converted to the EA MSDN Dev/Test offer 
        • Other subscription offer types, such as PAYG, associated with the account will be converted to Microsoft Azure Enterprise offers

*Not applicable to Azure Gov customers at this time


Azure DevTest Labs

Micimagerosoft has a solution called Azure DevTest Labs now.

Azure DevTest Labs is a service that helps developers and testers quickly create environments in Azure while minimizing waste and controlling cost. You can test the latest version of your application by quickly provisioning Windows and Linux environments using reusable templates and artifacts. Easily integrate your deployment pipeline with DevTest Labs to provision on-demand environments. Scale up your load testing by provisioning multiple test agents, and create pre-provisioned environments for training and demos.

For an explanation of Azure DevTest Labs, check this out:

For more information on getting Azure DevTest Labs, check this out:

Posted by: kurtsh | January 10, 2018

INFO: Microsoft’s Spectre, Meltdown, & Windows Systems

We sent the following to our Enterprise Support customers about Spectre, Meltdown, & Windows Systems a week ago and I thought I’d share it:

Alert – Guidance to protect against the speculative execution side-channel vulnerabilities

What is the purpose of this alert?

This alert is to provide you with guidance concerning CPU Microcode vulnerabilities being reported in press starting on Wednesday, January 3, 2018. To get all available protections, customers will need to install updates from both software and hardware vendors.

Executive Summary

Microsoft is aware of a new publicly disclosed class of vulnerabilities referred to as “speculative execution side-channel attacks” that affect many modern processors and operating systems including Intel, AMD, and ARM. Note: this issue will affect other systems such as Android, Chrome, iOS, MacOS, so we advise customers to seek out guidance from those vendors.

Microsoft has released several updates to help mitigate these vulnerabilities. We have also taken action to secure our cloud services. See below for more details.

Microsoft has not received any information to indicate that these vulnerabilities have been used to attack customers at this time. Microsoft continues working closely with industry partners including chip makers, hardware OEMs and app vendors to protect customers. To get all available protections, hardware/firmware and software updates are required. This includes microcode from device OEMs and in some cases updates to AV software as well.

This advisory addresses the following vulnerabilities:

  • CVE-2017-5715 (branch target injection)
  • CVE-2017-5753 (bounds check bypass)
  • CVE-2017-5754 (rogue data cache load)

Recommended Actions – Consumers

For consumers, the best protection is to keep your computers up to date. You can do this by taking advantage of automatic update. Learn how to turn on automatic updates here. In addition to installing the January 2018 Windows security updates, you may also need to install firmware updates from your device manufacturer for increased protection. Check with your device manufacturer for relevant updates.

If automatic updates are enabled, the January 2018 Windows security update will be offered to the devices running supported anti-virus (AV) applications. Updates can be installed in any order.

  1. If you have automatic updating enabled and configured to provide updates for Windows, the updates are delivered to you when they are released, if your device and software are compatible. We recommend you verify these updates are installed. If automatic update is not enabled, manually check for and install the January 2018 Windows operating system security update.
  2. Install applicable firmware update provided by your OEM device manufacturer.

Recommended Actions – Enterprise

Security Advisory 180002 has sections that provide specific guidance for Windows clients, Windows servers,  and Microsoft Cloud platforms. Additional guidance provided in the security advisory includes answers to frequently asked questions, guidance for how to verify that protections are enabled.

Associated Support Articles and Additional Resources

Regarding Information Consistency

We strive to provide you with accurate information in static (this mail) and dynamic (web-based) content. Microsoft’s security content posted to the web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft’s web-based security content, the information in Microsoft’s web-based security content is authoritative.

Much of this and more is reflected on this post from our Support database:

More discussion is available from our Security web sites:

Refer this blog to understand the performance impact of Spectre and Meltdown mitigations on Windows Systems.

For more technical details, please see:

Did you ever wonder what the deal was with using:

  • Microsoft Accounts with your Corporate Email ( tied to a Microsoft/Live ID account used for MSDN)
  • Work Accounts tied to Azure Active Directory ( tied to Azure AD)

Well, there’s a post that Alex Simons did a while back that summarizes what happened & what we’ve been doing about it:

Why am I writing about this now?

Because I believe the Volume Licensing Service Center will be transitioning to use Work Accounts, i.e. Azure Active Directory accounts and I’m not sure that Microsoft Accounts with work email addresses will work after this with all administrative services.  It sounds like MSDN/Visual Studio subscription administration might not work if you stay.


So if you’re still using a Microsoft Account that has a work email address tied to it as it’s unique name, you may want to start using your Work Account.

The GDPR imposes many requirements and obligations for organizations not only within the EU, but around the world.

This paper from Microsoft discusses how to initiate and organize a GDPR program to begin or continue the path to compliance with the GDPR.

imageThe GDPR imposes many requirements and obligations for organizations not only within the EU, but around the world. GDPR compliance will require significant investments in data management and data protection for a large number of organizations and enterprises.

Microsoft customers who are subject to the GDPR, whether processing data in house, in the cloud, or in hybrid configurations, must ensure that personal data within their systems are properly processed and protected according to the principles of the GDPR. This means that many customers will have to revise or modify their data processing procedures, the implementation of these processes, and the security of these processes as stipulated in the GDPR.

Microsoft has significant experience in managing the principles of data protection and in complying with complex regulations. We have committed to sharing this experience with customers to help them meet the objectives and privacy requirements of the GDPR. In this context, this paper discusses how to initiate and organize a GDPR program to begin or continue the path to compliance with the GDPR.

Download the paper here:

Posted by: kurtsh | December 15, 2017

BETA: Microsoft Whiteboard (Preview)

imageMicrosoft Whiteboard is a new Windows 10/Office 365 product that is kinda like a online collaborative version of OneNote. You can drop anything you want into whiteboard like you can OneNote, but it’s designed for lots of people to work on simultaneously.

The content is persistent – as in you can save & come back to it, which is important for iterating through brainstorming sessions.  And it works on all sorts of Windows 10 devices & is digital ink aware – in other words, it accepts pen/eraser input extremely well.

Microsoft Whiteboard Preview

Microsoft Whiteboard is a freeform digital canvas where people, ideas, and content can come together for creative collaboration. The app is built for anyone who engages in creative, freeform thinking before getting to their final output. It’s designed for teams that need to ideate, iterate, and work together both in person and remotely, and across multiple devices.

Collaborate Effortlessly
The limitless surface ensures that imagination has room to grow, and there’s always space for everyone’s ideas. Bring in teammates whether they’re across the hall or in a different part of the world with real-time collaboration across multiple devices. You can see where everyone is on the board and the updates they’re making – whether they’re adding images, putting up sticky notes, or creating diagrams. Now even remote workers can easily join in and contribute to the discussion.

Work Naturally
Microsoft Whiteboard lets you create in whatever way feels most natural to you. The pen-first, touch-first technology lets you make fluid gestures with your fingers or draw out finer details with your pen. Using your pen, you can jot down notes, draw precise illustrations, or search for images on the web. Using your fingers, you can swipe to different sections of your board, turn the virtual ruler to the angle you want, and drag and drop images to create a photo stack. Whether you use pen or touch, Microsoft Whiteboard recognizes your intent and delivers your desired outcomes in an instant.

Create Digitally
With Microsoft Whiteboard, you can use intelligent ink that recognizes your freeform drawings and turns them into standard shapes so it’s easy to create great-looking tables, diagrams, and flowcharts. And unlike traditional whiteboards, the app automatically saves your boards so you can pick up where you left off or share links to your boards so others can build on top of your work. No more need to take photos of your canvas or to email photos to others when you need to get them up to speed.

There’s one asterisk in the announcement page that’s pretty important:

The Microsoft Whiteboard Preview is rolling out to all English versions of Windows 10 within the next 24 hours, and will roll out to additional languages in the coming months. The app is free to use for anyone with a Windows 10 device, but one participant with an Office 365 personal, work, or school account is needed for multi-party collaboration. For SurfaceHub customers, the Microsoft Whiteboard Preview will eventually replace the native whiteboard app currently running on your SurfaceHub. In the meantime, you can install the preview of the Microsoft Whiteboard alongside your existing app. 

I’ve also found the following comment in the Product Site FAQ, that’s rather important:

I am using an Office 365 work account from my organization. Why can’t I log into the Microsoft Whiteboard Preview?

While Microsoft Whiteboard is in Preview mode, your IT administrator will have to enable the app for use in your organization. They can do this in the Office 365 administrator portal where they enable or disable apps for users.

Read more about Microsoft Whiteboard here:

We are pleased to announce this year’s Microsoft Education Exchange (E2) event will be held in Singapore, from March 13 through March 15, 2018. We chose Singapore as host country because of its highly regarded education system, quoted to be “the world’s best education system,” according to an OECD-led study. Singapore is rated first in math and science and has one of the highest literacy rates in the world. E2 2018 will be hosted in Singapore with the support of local and international governments.

Watch as Anthony Salcito and Eve Psalti announce the details for the 2018 Education Exchange (E²) event. The event will be held in Singapore on March 13 -15 and will celebrate our global community of educators and thought leaders, plus get the latest and greatest news from Microsoft Education product experts and VP of Education, Anthony Salcito.

E2 2018 Microsoft Education Singapore

Read more about the event here:

Older Posts »