Kurt Shintaku's Blog

[taken from the Visual Studio Blog]

Today we’re very proud to release version 1.0 of Visual Studio Code. Since our initial launch one year ago, 2 million developers have installed VS Code. Today, we’re excited to report that more than 500,000 developers actively use VS Code each month.

What started as an experiment to build a production quality editor using modern web technologies has blossomed into a new kind of cross-platform development tool, one that focuses on core developer productivity by centering the product on rich code editing and debugging experiences. Visual Studio Code brings the industry-leading experiences of Visual Studio to a streamlined development workflow, that can be a core part of the tool set of every developer, building any kind of application.

Getting to "1.0" over the last few months has been about more than features. We have worked with the community to further improve stability, fixing hundreds of bugs. And we’ve pushed hard on getting the best performance we can out of the editing experience.

VS Code was initially built for developers creating web apps using JavaScript and TypeScript. But in less than 6 months since we made the product extensible, the community has built over 1000 extensions that now provide support for almost any language or runtime in VS Code. Today, a broad range of developers from individuals and startups to Fortune 500 companies, including audiences completely new to Microsoft’s tools, are all more productive with a tool that fits comfortably into their current tool chain and workflow, and supports the technologies they use, from Go and Python to React Native and C++. With this great ecosystem in place, we’re now confident in declaring our API as stable, and guaranteeing compatibility going forward.

And we have strived to make VS Code 1.0 a great editor for every developer. VS Code is now fully localizable, and ships in 9 different languages, including French, German, Japanese, and Chinese. And, we have worked to make VS Code the most accessible of modern editors, with full keyboard navigation and support for screen reading and accessible navigation for visually impaired developers.

…

Read more of the announcement here:

• VISUAL STUDIO BLOG: Visual Studio Code 1.0!https://code.visualstudio.com/blogs/2016/04/14/vscode-1.0
• DOWNLOAD: Visual Studio Code 1.0
  https://code.visualstudio.com/Download
• FEEDBACK: VS Code UserVoice
  http://go.microsoft.com/fwlink/?LinkID=533482

This 19-page document provides an overview of the various encryption technologies that are currently available or recently announced for Office 365, including features deployed and managed by Microsoft, and features available to and managed by Office 365 customers.

This document also discusses some common customer concerns regarding their data, and how encryption protects customer data in those scenarios.

Here’s a summary of it’s contents:

• Encryption of Customer Data at Rest
• Volume-level Encryption
• File-level Encryption
• Skype for Business
• SharePoint Online (including OneDrive for Business)
• Files in SharePoint Online
• List Items in SharePoint Online
• Advanced Encryption
• Encryption of Customer Data In-transit
• Advanced Encryption with Customer-Managed Key
• Key Management
• Exiting the Office 365 Service
• Customer-managed Encryption Technologies
• Azure Rights Management
• Office 365 Message Encryption
• Transport Layer Security
• Risks and Protection
• Office 365 General
• Office 365 Multi-tenant
• Office 365 Government Community Cloud

Grab the document here.

• DOWNLOAD: Data Encryption Technologies in Office 365 (PDF, 1.2MB, 4/6/2016)
  https://www.microsoft.com/en-us/download/details.aspx?id=51690

Azure Active Directory Identity Protection is in public preview.  Identity Protection is a new feature of Azure AD that gives organizations around the world a previously unavailable level of security for their cloud identities.

Azure AD Identity Protection offers the following capabilities

• Detection of identity-based security issues using our signals intelligence, experience, and algorithms.
• Support investigation of risk events and users flagged for risk.
• Support for in-line remediation and management of risk events.
• Harnesses the power of Azure AD Conditional Access policies and real-time risk evaluation to auto-remediate leaked-credentials before they can cause harm.

Read more about the solution here:

• ANNOUNCEMENT: Azure AD Identity Protection is in Public Preview
  https://blogs.technet.microsoft.com/ad/2016/03/02/azure-ad-identity-protection-is-in-public-preview-whoop-whoop/
• OVERVIEW/DOCUMENTATION: Azure Active Directory Identity Protection
  https://azure.microsoft.com/en-us/documentation/articles/active-directory-identityprotection/

From our Devices Specialist, Toni Bollinger:

 “I highly encourage you to subscribe to this communication as it provides you with the latest information on updates being released.”

REGISTER FOR SURFACE IT PRO BULLETIN
Keep up with the latest announcements, guidance, resources, and events. Sign up for the Bulletin.

• https://technet.microsoft.com/en-us/windows/dn903161

RESOURCES FOR SURFACE’S LIFECYCLE
Explore the technical aspects of Surface and learn how to plan for, deploy, manage, and support Surface devices in your organization.

We present the device lifecycle to help you find tools, step-by-step guides, and other resources to help you get started.

• Explore
• Plan
• Deploy
• Manage
• Support

SURFACE FOR IT PROS BLOG
Your source for the latest news and tech tips for Microsoft Surface.

• http://blogs.technet.com/b/surface/

If you’re an end user with Office 365 E3, E4, or E5, you get access to Office 365 Pro Plus.

And here’s the links for getting that software, assuming you have authenticated access into Office 365.

INSTALL OFFICE
https://portal.office.com/OLS/MySoftware.aspx

• Install Office 365 ProPlus with the new 2016 apps (32 or 64bit)
• Install Office 365 ProPlus with the 2013 apps
• Install language accessory packs

MANAGE/DEACTIVATE INSTALLS
https://portal.office.com/Account#installs

• Deactivate Office, Project, Visio

TOOLS & OTHER APPLICATIONS

• Office 365 Support and Recovery Assistant
  https://configure.office.com/sara/SetupOP.exe
• InfoPath 2013
  https://g.microsoftonline.com/0BX20en/1468
• Dynamics CRM for Outlook
  http://download.microsoft.com/download/E/F/D/EFDF4716-418C-4E17-B544-4B94E59A877E/CRM2015-ClientOnlineInstaller-ENU.exe
  (Setup instructions: https://g.microsoftonline.com/0BX20en/759)
• SharePoint Designer 2013
  https://g.microsoftonline.com/0BX20en/1471

Today, Microsoft released a critical patch to address the vulnerability identified as “Badlock”.  The patch is part of a larger critical cumulative update package. (3147458)

It is automatically getting pushed out via Windows Update to end users as part of today’s “Patch Tuesday”.  Corporations that manage their own patching are *encouraged* to evaluate & distribute this patch at their earliest convenience.

• Cumulative update for Windows 10 Version 1511 and Windows Server 2016 Technical Preview 4: April 12, 2016
  https://support.microsoft.com/en-us/kb/3147458

The individual patch (3148527) itself is documented here:

• Security Update for Microsoft Security Bulletin MS16-047 – Important 
  SAM and LSAD Remote Protocols (3148527)
  https://support.microsoft.com/kb/3148527

UPDATE 4/12/16: Today, Microsoft released a critical patch to address the vulnerability identified as “Badlock”.  The patch is part of a larger critical cumulative update package. (3147458)

• Cumulative update for Windows 10 Version 1511 and Windows Server 2016 Technical Preview 4: April 12, 2016
  https://support.microsoft.com/en-us/kb/3147458

The individual patch (3148527) itself is documented here:

• Security Update for Microsoft Security Bulletin MS16-047 – Important 
  SAM and LSAD Remote Protocols (3148527)
  https://support.microsoft.com/kb/3148527

———————-
ORIGINAL POST:

Badlock is a vulnerability to be released April 12 that attacks a weakness in the SMB/CIFS networking protocol.

While the vulnerability seems to be directed towards Microsoft and Samba, it also appears to impact major cloud file sharing providers and other operating systems distributions.

There’s a web site with very few details about the threat at http://badlock.org/.

Here’s a few articles about the topic:

• ZDNET: Badlock, another ‘major’ security bug that puts profits before patches
  http://www.zdnet.com/article/badlock-another-new-major-security-bug-that-profits-from-publicity/
• SECURITYWEEK: Microsoft, Samba Preparing Patch for Severe "Badlock" Flaw
  http://www.securityweek.com/microsoft-samba-preparing-patch-severe-badlock-flaw
• THREATPOST: Badlock Vulnerability Clues Few and Far Between
  https://threatpost.com/badlock-vulnerability-clues-few-and-far-between/117008/
• SEARCHSECURITY: Badlock flaw hits Samba, Windows and responsible disclosure
  http://searchsecurity.techtarget.com/news/450280211/Badlock-flaw-hits-Samba-Windows-and-responsible-disclosure
• WIRED: Hype Around The Mysterious ‘BadLock’ Bug Raises Criticism
  http://www.wired.com/2016/03/hype-around-mysterious-badlock-bug-raises-criticism/
• INFOWORLD: The Badlock bug: Start your patch prep today
  http://www.infoworld.com/article/3048452/security/the-badlock-bug-start-your-patch-prep-today.html

(Thanks to coworker & Account Technology Strategist, Peter Renner, for bringing this to my attention)

For those looking for it, we recently released the OneDrive for Business sync client for Windows 8.1.

• Improve your OneDrive sync experience
  “Enjoy faster and more reliable syncing of your OneDrive for Business files. The latest release of the OneDrive for Business Next Generation Sync Client now supports Windows 8.1 and a seamless transition from the existing OneDrive for Business client.”
  http://aka.ms/odsync
   
• Get started with the OneDrive for Business Next Generation Sync Client in Windows
  ”The OneDrive for Business Next Generation Sync Client now supports Windows 10, Windows 8.1, Windows 8, and Windows 7.”
  “If you’re running Windows 8.1, the OneDrive sync client will sync only your work or school account. To sync personal accounts, sign in to Windows with your Microsoft account.”
  https://support.office.com/en-us/article/Get-started-with-the-OneDrive-for-Business-Next-Generation-Sync-Client-in-Windows-615391c4-2bd3-4aae-a42a-858262e42a49?ui=en-US&rs=en-US&ad=US

For more on OneDrive for Business, visit the following sites:

• PRODUCT SITE: OneDrive for Business
  https://onedrive.live.com/about/en-us/business/
• POST: OneDrive for Business next generation sync client announcement 
  https://blogs.office.com/2015/12/16/onedrive-for-business-update-on-storage-plans-and-next-generation-sync-client/
• USERVOICE: OneDrive feedback site
  https://onedrive.uservoice.com/
• BLOG: OneDrive (includes OneDrive for Business)
  http://blog.onedrive.com
• BLOG: OneDrive for Business posts on the Office Blog
  https://blogs.office.com/?s=onedrive+for+business
• SUPPORT: OneDrive Support
  https://onedrive.live.com/about/en-us/support/
• CONTACT SUPPORT: https://go.microsoft.com/fwlink/p/?LinkID=717093

At BUILD 2016, the demoed something very cool called the Xamarin Test Cloud.

The purpose of the Xamarin Test Cloud is to essentially enable developers to test their application whether it’s written in Xamarin/C# or another language (it can be native Xcode, Java Android, HTML Cordova apps as well) and target 1000’s of real devices to test your mobile application on. 

The devices can be a full range of Android devices, made by different manufacturers and different models, as well as iOS revisions, and other potential targets.

Here’s the demonstration of the Xamarin Test Cloud at 23:00:
https://youtu.be/WC7ijoFzjEg?t=1380

For more information on the Xamarin Test Cloud, visit the web site:

• SITE: Xamarin Test Cloud
  https://www.xamarin.com/test-cloud

In case you missed it, Xamarin is now free, empowering every Microsoft developer to also be an iOS, Android, & Macintosh developer as well as a Windows & Web/Cloud developer.

Xamarin is a very popular C# & .NET development extension to Microsoft’s Visual Studio tools to enable developers to create applications for iOS/Android using the same code written for Windows apps or the Web apps.  Historically, Xamarin has cost roughly $2,000 per developer, above and beyond the cost of Microsoft’s Visual Studio tools, including its free version, Visual Studio Community Edition.

At BUILD 2016, Microsoft’s conference for developers, Scott Guthrie, said on stage during the day 2 keynote that now that the acquisition of Xamarin was complete, Microsoft could announce:

• Xamarin will be available at no charge to existing MSDN & Visual Studio Enterprise & Professional subscribers
• Xamarin would be available at no cost for users of the free Visual Studio Community Edition
• MSDN subscribers will also get Xamarin Studio on the Mac
• Microsoft will be releasing Xamarin Studio Community Edition – full featured for independent developers and small teams
• Xamarin’s core platform will be open sourced, meaning anything you need to run a Xamarin app on any OS or any device is now available as open source

Here is the announcement at 18:00 of the BUILD 2016 Day 2 Keynote by Scott Guthrie:
http://youtu.be/WC7ijoFzjEg?t=1088

Wanna grab Xamarin?  You can download Visual Studio w/ Xamarin integrated, just Xamarin alone, or Xamarin Studio for OSX:

• DOWNLOAD: Xamarin for VS, Without VS, or for OSX
  https://www.xamarin.com/download