2+ hour, 51+ min ago  (976+ words) 4sysops - The online community for sys and AI ops Microsoft Sentinel playbooks are automated workflows that apply predefined response procedures to alerts and incidents. These workflows use data from connected sources such as Microsoft 365, Entra ID, Azure logs, and security devices,…...

4+ day, 16+ hour ago  (316+ words) 4sysops - The online community for sys and AI ops Three Microsoft certificates are affected: Microsoft Corporation KEK CA 2011, Microsoft Windows Production PCA 2011, and Microsoft Corporation UEFI CA 2011. Microsoft is replacing them with 2023 equivalents, most notably Windows UEFI CA 2023, Microsoft UEFI CA…...

6+ day, 5+ hour ago  (819+ words) 4sysops - The online community for sys and AI ops Microsoft Entra ID registration campaigns are automated prompts that appear during user sign-in, nudging users to register for more secure authentication methods. These campaigns help organizations transition users from less secure authentication…...

1+ week, 5+ day ago  (245+ words) 4sysops - The online community for sys and AI ops You can install them through the Control Panel or via command-line tools such as DISM and PowerShell. On Windows 11 version 26H1, the tools ship as Features on Demand (FODs), aligning Arm64 behavior with the…...

2+ week, 5+ day ago  (282+ words) 4sysops - The online community for sys and AI ops The report surfaces the following device-level fields: To access the report, open the Microsoft Intune admin center and navigate to Devices > Overview > Autopatch management status or Devices > Windows updates > Monitor > Autopatch management…...

2+ week, 5+ day ago  (590+ words) 4sysops - The online community for sys and AI ops The update fixes this by logging deployment tool events in the device timeline and advanced hunting tabs, giving admins visibility into onboarding progress and errors. A new deployment packages page also lets…...

2+ week, 6+ day ago  (591+ words) 4sysops - The online community for sys and AI ops Debug logging configurable via Local Group Policy via gpedit.msc for these Windows versions: Microsoft has stated that documentation for the equivalent Windows Server update will be added when that release becomes…...

3+ week, 1+ day ago  (214+ words) 4sysops - The online community for sys and AI ops When you enable this mode, Windows locks the batch file during execution, ensuring it cannot be modified mid-run. This closes a potential attack vector where a script could be altered between individual…...

3+ week, 4+ day ago  (379+ words) 4sysops - The online community for sys and AI ops The 2011 Secure Boot CAs were embedded in device firmware at manufacturing time to validate boot components such as the Windows Boot Manager. The replacement certificates, including the Windows UEFI CA 2023 and Microsoft…...

3+ week, 5+ day ago  (251+ words) 4sysops - The online community for sys and AI ops The policy Prevent downloading of enclosures under Windows Components > RSS Feeds has been removed from the baseline. This setting was originally designed to block attachment downloads in Internet Explorer's RSS feed reader…...